1 個回答
- 最新
- 最多得票
- 最多評論
0
The "root" user of an account can be restricted using Service control policies (SCPs), in AWS Organizations. The error you describe implies that there might be an SCP in place.
You can verify the presence of an SCP by navigating to AWS Organizations, and then check the "Policies" on the OU where the account is located. Note that SCPs might also be created by AWS Control Tower (if you use it), so please be careful changing existing SCP.
Please also note that there is a total of ~10 actions which really require root user permissions. Following least privilege, I therefore recommend not using this user unless you need to execute one of those actions, and use (preferably) IAM Identity Center access or (if needed) IAM users instead.
已回答 6 個月前
相關內容
- 已提問 1 年前
- AWS 官方已更新 8 個月前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 4 個月前