Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [amazon-iam]

IAM is Amazon Web Services' Identity and Access Management service

AWS Identity and Access Management (IAM) enables you to securely control access to AWS services and resources. Using IAM, you can create and manage AWS users, groups and roles and use permissions to allow and deny their access to AWS resources.

262 questions
0
votes
0 answers

One way s3 sync - Bucket to local only

This is the scenario: Company A creates a bucket, and periodically uploads images to it, deletes or replaces some, etc Company B needs to sync with the bucket - they download the images from it and store it locally (think along the lines of a…
FiddlingAway
  • 123
  • 6
0
votes
1 answer

A user is blocked from using MFA though I added the permissions for their AWS IAM account

I hold admin powers on one of the AWS accounts that we use at the company where I work. I am trying to make MFA mandatory for all users. I followed this…
charlottesville
  • 153
  • 1
  • 6
0
votes
1 answer

Automatic EC2 Role Assignment

Trying to understand AWS IAM resources/concepts a little better. I know there is a way to configure an EC2 (either possibly via its underlying AMI or a launch template) so that when it launches for the first time it is automatically assigned the…
hotmeatballsoup
  • 143
  • 7
0
votes
1 answer

Pod assigned node role instead of service account role on AWS EKS

First some info about the setup: EKS version: 1.21 eksctl version: 0.77.0 AWS Go SDK verion: v1.44.28 Deploying using kubectl I have a k8s cluster on AWS EKS on which I am deploying a custom k8s controller for my application. Using instructions…
asr9
  • 111
  • 6
0
votes
2 answers

Sharing an AWS "instance role" across accounts, as with other resources?

What works We have several EC2 instances that pull things out of an S3 bucket on boot (and at other times). To allow this, we have an IAM policy granting read-only access... "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ …
Ti Strga
  • 101
  • 3
0
votes
1 answer

Best practice for AWS root account or superuser?

Normally, we have the rule of 3 people having superuser access with 3 username/passwords and if anyone is ever offboarded(they leave or are fired), on vacation, out sick, different time-zone, someone has access still and we are never crippled. When…
Dean Hiller
  • 911
  • 4
  • 15
  • 35
0
votes
1 answer

AWS Policy to Read/write RDS

In my scenario , I want a policy that will allow reading and writing of abc-database-backups/rds/postgresql-backup on S3? We'll want the my servers to have that access added. Is creating a role and attaching it to the servers is best or adding a key…
samtech
  • 1
  • 2
0
votes
1 answer

AWS CLI Usage Issue

In our scenario, We previously had some AWS keys. The IAM interface show/showed no usage for it but the employee has been able to upload resources. Could anyone advise how to check if the interface is just erring or if they were perhaps not using…
samtech 2021
  • 81
  • 7
0
votes
0 answers

Individual Local Accounts on AWS

I'm my scenario, Currently, we have all developers connect to ec2 instances using the ec2-user account. Is there a better way to do this so we can see which actions developers take on the machines? I'm wanting to be able to identify who executes…
samtech 2021
  • 81
  • 7
0
votes
1 answer

S3 Logs event Issue

Is there a way to see what actions the 'g2' IAM user is performing in S3, and which IP(s) they are running from? I have already enabled the logging of S3 actions. One point I’m still not able to figure out is that when I’m trying to find logs in…
samtech 2021
  • 81
  • 7
0
votes
0 answers

AWS IAM user with special permissions

I am having following task to do. I want to create 10 IAM users each user should have login username and password and each IAM user should have separate ec2 instance that can not be visible to others. for an example: user1 user2 user2 ....…
anil
  • 15
  • 6
0
votes
2 answers

Best Practice for AWS IAM access keys for use with AWS SDK

I want to know the best practice used by big company's for programmatic access for multiple AWS services as there are multiple programs needing access to different-2 services so how it is managed? Did they create multiple access keys for each…
Rocky
  • 49
  • 2
  • 9
0
votes
1 answer

How to use aws-iam-authenticator with remote Terraform Cloud Runs?

I am already successfully using Terraform with the Kubernetes provider to manage various part of and services on an EKS cluster in AWS. I would like to use Terraform Cloud to manage it (and take advantage of the nice Github/VCS integrations).…
Adam C
  • 5,222
  • 2
  • 30
  • 52
0
votes
0 answers

Increasing general AWS console timeout

The AWS console appears to kick you out after 24-hours, and I'd like to increase it slightly. This has nothing to do with SSO. Is this a fundamental requirement or can it be tweaked somewhere?
Dustin Oprea
  • 560
  • 2
  • 8
  • 19
0
votes
0 answers

Can i access an EKS cluster , if i don't have access to iam user that created it?

An AWS admin , created an IAM user , and that user created an EKS cluster. Now , we don't have access to that IAM user. If , we try to execute , kubectl , commands on that EKS cluster from a new IAM user that has admin level permissions, we still…
Dawood Abbas
  • 1
  • 1
1 2 3
17
18