Questions tagged with IAM Policies

You manage access in AWS by creating policies and attaching them to IAM identities (users, groups of users, or roles) or AWS resources.

Content language: English

Select up to 5 tags to filter
Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Hi I'm trying to add a policy to a public API gateway (which invokes a lambda) that will make it so that it only accepts traffic from our twingate (VPN) Ip and from the VPC environment IP that api...
1
answers
0
votes
226
views
sp079
asked 2 months ago
hi, i want to deny console login if my any i am user performing console login without connecting to VPN or without from allowed IP ranges. i did tried to put this policy { "Version":...
3
answers
0
votes
249
views
Shriram
asked 2 months ago
I need to block Boto3 client to access Athena workgroup while allowing Tableau. Both use JDBC driver. Is there any port/IAM policy to achieve this? Both Tableau and Boto3 client are accessing from...
2
answers
0
votes
1505
views
asked 2 months ago
How can I ensure that my IAM role can access the Secrets value stored in Secrets Manager? I am using this IAM role as an ECS Container role. My secret name is acme/prod/secret, which is encrypted...
2
answers
0
votes
311
views
Paul
asked 2 months ago
I have two main roles that users use that we will call UserRoleA and UserRoleB. What I want to be able to do is to either allow or deny session manager access to the tasks within a given cluster to...
1
answers
0
votes
249
views
George
asked 2 months ago
In sagemaker all underlying resources and user created resources do not get tags. One example is EFS volume for domain, s3 bucket create by domain, any user training job, experiment or model has tags...
1
answers
1
votes
237
views
sergiuB
asked 2 months ago
As mentioned in the AWS documentation, I created policy to allow delete IAM users'...
2
answers
0
votes
226
views
sivakm
asked 2 months ago
Updated CFN template based on @Leo K's answer: ``` AWSTemplateFormatVersion: "2010-09-09" Resources: S3ClientBucket: Type: AWS::S3::Bucket Properties: BucketName:...
3
answers
0
votes
289
views
asked 2 months ago
Hi all, We have an OpenSearch domain with manual snapshots, it was working fine until we enable fine grained access control with master user from "Internal user database". This is the related CDK...
2
answers
0
votes
311
views
Halim
asked 2 months ago
I have web application. Frontend is hosting on private s3 bucket and backend is running on ec2 instance. I have CloudFront with two distribution for each. In application there is functionality where...
2
answers
0
votes
363
views
bala
asked 2 months ago
I am attempting to delete some of the contents of a bucket as a the root user and I am receiving access denied errors. It is a bucket backing a Cloudfront distribution so the bucket has the usual...
8
answers
0
votes
400
views
asked 2 months ago
I can not revoke the temporary IAM access Token when sign-in with a different user using the same HTML Page. **Configuration Cognito User Pool:** 1. User Attributes: Mail, Phone Number 2. MFA...
4
answers
0
votes
253
views
profile picture
Marcelo
asked 2 months ago