2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Remove IAM permissions from the Developer IAM account or you can try something similar as defined in this document. https://aws.amazon.com/premiumsupport/knowledge-center/iam-permission-boundaries/
답변함 일 년 전
0
Hello,
You can use permission boundary to cater this scenario. A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity. An entity's permissions boundary allows it to perform only the actions that are allowed by both its identity-based policies and its permissions boundaries. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
Thanks, Gautam
답변함 일 년 전
What policy permissions are being assigned to "developer" account? This will largely dictate what access they have and whether or not they can make view/edit/delete API calls in the AWS console.