3

I created a new CodeStar project for a local user group activity and created some project members.

Using the AWS CodeStar dashboard I created a member with the policy that allows them to be a Contributor. Unfortunately it appears that they need to the ability to list all EC2 instances -- including ones for my personal projects -- if they want to see the EC2 instance for the project. Same thing with CodeDeploy Applications, CodeBuild Build projects, etc.

I can remove the user's ability to list all CodeDeploy Applications, for example, and they still have Read access for the specific one I want them too, but there's no easy way to navigate to it. They need to have the URL, because they can't see a list of projects.

What I want is to simply disallow them from seeing other resources in the list view. Is there a way to do this?

Here's an example of what I'm seeing:

enter image description here

enter image description here

Josh Withee
  • 209
  • 3
  • 7
  • I have no proof this work for this particular service, but for other service using IAM conditionals sometimes can let you do a selective list. [It's some advanced IAM mojo](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html), but sometimes that's what you need to get the job done. – sysadmin1138 Feb 19 '19 at 15:39

0 Answers0