From the course: AWS Quick Tips for Developers

Unlock this course with a free trial

Join today to access over 22,700 courses taught by industry experts.

Limiting access via IAM boundaries

Limiting access via IAM boundaries - Amazon Web Services (AWS) Tutorial

From the course: AWS Quick Tips for Developers

Start my 1-month free trial Buy for my team

Limiting access via IAM boundaries

- [Instructor] If you use groups in IAM to manage your user's permissions, you know how easy it is to set them up in one place and it affects all the users in that group. It's great, but you also know one size doesn't fit all. So of this group we have the administrator access privileges and that's great and I can add my users to that because groups grant permissions. Very helpful, but I also have some exceptions. I want this user to only be an admin for other user accounts. I can assign those policies specifically, but then if I'm handling each exception as its own thing, I could probably never really use groups very well. Everything's going to be a little different and I'll lose the power of it. So instead what I'm going to do is I'm going to use permission boundaries. Boundaries limit, not grant, permissions. So they get the access from their policies, but in the boundary you can specify specific areas where their…

Contents