使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

How to use IAM to provide access to users efficiently and securely

0

Hi, we have a couple of developers who are working on various functionalities. We want to give each developer some required permissions on the resources they are creating. How can we do it easily? Instead of adding the resources manually every time to the policy whenever created, is there any better way?

主題
安全性、身分識別與合規
標籤
安全性、身分識別與合規AWS IAM Identity CenterIAM 政策
語言
English
IndieGameDeveloperFromParallelWorld
已提問 9 個月前檢視次數 244 次
2 個答案
0
已接受的答案

Take a look at this: IAM tutorial: Define permissions to access AWS resources based on tags.

profile pictureAWS
專家
kentrad
已回答 9 個月前
profile pictureAWS
專家
Jose Guay
已審閱 9 個月前
0

Hi,

the simplest way is to use a naming convention like https://cjrequena.com/2020-06-05/aws-naming-conventions-en but where you would call $Environment to first position in the name and give it a different value for each of your developers.

Then, you will authorize in IAM policies with Resource:"service: DevPrefix*" to allow your devs to do what they want on their resources (i.e. those whose names start with their prefix)

AWS Iam Identity Center and AWS Organizations are the next step but they are more involving but go much further (multi-account)

Best,

Didier

profile pictureAWS
專家
Didier_Durand
已回答 9 個月前
  • IndieGameDeveloperFromParallelWorld
    9 個月前

    Thanks. Can you share some good blog post on these as I didnt understand fully what you tried to say as I am not that advanced in IAM.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容