Questions tagged with IAM Policies
You manage access in AWS by creating policies and attaching them to IAM identities (users, groups of users, or roles) or AWS resources.
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Hi I'm trying to add a policy to a public API gateway (which invokes a lambda) that will make it so that it only accepts traffic from our twingate (VPN) Ip and from the VPC environment IP that api...
hi,
i want to deny console login if my any i am user performing console login without connecting to VPN or without from allowed IP ranges.
i did tried to put this policy
{
"Version":...
I need to block Boto3 client to access Athena workgroup while allowing Tableau. Both use JDBC driver. Is there any port/IAM policy to achieve this? Both Tableau and Boto3 client are accessing from...
How can I ensure that my IAM role can access the Secrets value stored in Secrets Manager?
I am using this IAM role as an ECS Container role. My secret name is acme/prod/secret, which is encrypted...
I have two main roles that users use that we will call UserRoleA and UserRoleB. What I want to be able to do is to either allow or deny session manager access to the tasks within a given cluster to...
In sagemaker all underlying resources and user created resources do not get tags. One example is EFS volume for domain, s3 bucket create by domain, any user training job, experiment or model has tags...
As mentioned in the AWS documentation, I created policy to allow delete IAM users'...
Updated CFN template based on @Leo K's answer:
```
AWSTemplateFormatVersion: "2010-09-09"
Resources:
S3ClientBucket:
Type: AWS::S3::Bucket
Properties:
BucketName:...
Hi all,
We have an OpenSearch domain with manual snapshots, it was working fine until we enable fine grained access control with master user from "Internal user database".
This is the related CDK...
I have web application. Frontend is hosting on private s3 bucket and backend is running on ec2 instance. I have CloudFront with two distribution for each. In application there is functionality where...
I am attempting to delete some of the contents of a bucket as a the root user and I am receiving access denied errors. It is a bucket backing a Cloudfront distribution so the bucket has the usual...
I can not revoke the temporary IAM access Token when sign-in with a different user using the same HTML Page.
**Configuration Cognito User Pool:**
1. User Attributes: Mail, Phone Number
2. MFA...