From the course: AWS Quick Tips for Developers
Unlock this course with a free trial
Join today to access over 22,700 courses taught by industry experts.
Limiting access via IAM boundaries - Amazon Web Services (AWS) Tutorial
From the course: AWS Quick Tips for Developers
Limiting access via IAM boundaries
- [Instructor] If you use groups in IAM to manage your user's permissions, you know how easy it is to set them up in one place and it affects all the users in that group. It's great, but you also know one size doesn't fit all. So of this group we have the administrator access privileges and that's great and I can add my users to that because groups grant permissions. Very helpful, but I also have some exceptions. I want this user to only be an admin for other user accounts. I can assign those policies specifically, but then if I'm handling each exception as its own thing, I could probably never really use groups very well. Everything's going to be a little different and I'll lose the power of it. So instead what I'm going to do is I'm going to use permission boundaries. Boundaries limit, not grant, permissions. So they get the access from their policies, but in the boundary you can specify specific areas where their…
Contents
-
-
Amazon Web Services quick tips54s
-
(Locked)
Triggering an AWS Lambda from DynamoDB1m 25s
-
(Locked)
Scheduling a Lambda to run regularly56s
-
(Locked)
Generating an API Gateway for DynamoDB1m 15s
-
(Locked)
Allowing RDS access for multiple servers52s
-
(Locked)
Sending email from an AWS Lambda1m 33s
-
(Locked)
Monitoring AWS billing with alarms1m 13s
-
(Locked)
Setting triggers for S3 bucket events55s
-
(Locked)
Protecting an S3 bucket from deletion1m 13s
-
(Locked)
Saving money with S3 Glacier1m 1s
-
(Locked)
Using CloudTrail for user action audits1m 22s
-
(Locked)
Setting user policies with IAM groups1m 10s
-
(Locked)
Hitting an AWS Lambda via API Gateway1m 9s
-
(Locked)
Creating an SNS event with S31m 30s
-
(Locked)
Easily hosting a web app on S31m 21s
-
(Locked)
Limiting access via IAM boundaries1m 22s
-
(Locked)
Enable MFA for root security47s
-
(Locked)
IAM credential report48s
-
(Locked)
Cognito user pool triggers1m 10s
-
(Locked)
SQS1m 31s
-
(Locked)
CloudFront1m 28s
-