Good day everyone,
I want to ask a question and i hope someone can help me here.
I use Microsoft Azure SSO for AWS Account Log-In
I want to use Service Control Policy for a special use case and i want to ask if this possible or not.
Exanmple:
I have inside IAM Identity Center 3 Users.
User 1 = Only have access to AWS Lambda
User 2 = Has access to all services except IAM
User 3 = Has only access to AWS Lambda and IAM
For this use case it is possible to use Attribute-Based Access or Tags ("aws:RequestTag" etc.) for the users?
Thank You so much.
I tried to create SCP in combination with Microsoft Azure SSO, so that every user has it own Policy Restrictions in dependency of the tags i will give them.