1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
You will need permission in ACM to create a certificate for sub.domain.com. You will also need permissions in CloudFront to add the certificate to the distribution and add alternate domain of sub.domain.com to the distribution. See: Using alternate domain names and HTTPS.
In response to the comment below: There are a couple of AWS Manage policies that they could assign to you. See: CloudFrontFullAccess and AWSCertificateManagerFullAccess.
Those two policies are not least privileged but they could start with these and add Resources and Conditions to restrict you to your specific task by creating a customer-managed policy.
관련 콘텐츠
AWS 공식업데이트됨 3년 전
Hello, may I bother you a little bit more?
It seems like my client is still having trouble setting it up themselves, and also in providing permissions to other users.
I once had an ECS account, but that was more than a decade ago. I haven't used AWS since then, so I'm quite unfamiliar with it.
My client gave me 'database admin' permission. I have a feeling, that the permissions you mentioned can't be set-up in the same easy way as setting up that 'database admin' permission?
If that's the case, could you suggest a simpler way for my client to provide me with the necessary permissions? Perhaps an easy to set-up, broader permission, that doesn't include access to billing, etc.?
Thanks in advance!