Stack Overflow
Stack Overflow

Questions tagged [aws-access-policy]

48 questions
0
votes
1 answer

How to store AWS secret in yubikey?

Im trying to store AWS access secret key in yubikey,but, as static password in "scan mode", it is not possible to store, because AWS secret exceeds 38 characters. Now im thinking of way to store AWS secret, as in "official" way they do with SSH -->…
BaronRandom
  • 57
  • 8
0
votes
1 answer

AWS Media Convert 1401 error: Authorization error when "Block Public Access settings for this account" is enabled on S3 bucket

I have a media convert job that will take input video from s3 bucket then convert it and store it in another bucket within the same account. However, when "Block Public Access settings for this account" is enabled for s3 bucket then I get…
hedaia
  • 11
  • 2
0
votes
2 answers

AWS bucket policy statements priority order

I'm trying to restrict users access to my bucket using my bucket policy. I have a set of users, all of them have an S3FullAccess policy. I can't change anything in the IAM. I have only access to my bucket policy. So I want to control the user's…
Gopirengaraj C
  • 31
  • 1
  • 8
0
votes
0 answers

AWS Lambda 403 Forbidden error after changing account keys

Somehow my AWS Access Key and Secret Access Key became public. I figured out where the vulnerability came from and fixed it. However, I still needed to change my access keys. So, I created new keys and made the old ones inactive. Now I cannot edit,…
bwc
  • 1,732
  • 1
  • 14
  • 27
0
votes
0 answers

Where should i get kibana credentials after I create aws elastic search domain?

I have setup a configuration to store emails sent via SES. I followed below link https://aws.amazon.com/premiumsupport/knowledge-center/ses-email-sending-history/ problem I am facing is that when i open elastic search domain which is configured to…
pranav pranu
  • 19
  • 3
0
votes
3 answers

AWS Secrets Manager Resource Policy to Deny all roles Except one Role

I have a secret in secrets manager and there are multiple IAM roles in the system. I only want only one role to access the scecret. Unfortunately there are some other IAM roles that have full Secrets Manager privileges. So i want to restrict the…
dilan.sp
  • 41
  • 1
  • 6
0
votes
1 answer

aws nodejs sdk putObjectAcl correct syntax

I need to assign public read access and in the same time to allow owner to operate an object with full access after I process the object within the sharp() lib. So, I replace the old object with a new one and thus I need to set new ACL. The ACL…
Vitalii
  • 23
  • 6
0
votes
1 answer

Can I make EC2 instance visible to all users in an organisation?

I have an organization and I want one user to create the EC2 and all other to be able to access it. Is that possible?
Goking
  • 61
  • 1
  • 1
  • 8
0
votes
1 answer

How to access aws resources created in other account

In my use case, I want to access DynamoDB table created in AWS account A and Lambda created in account B. For this I have followed many references on Internet which suggests me to use AWS assume role feature. I have added following permission in…
priyadhingra19
  • 333
  • 4
  • 15
0
votes
1 answer

AWS permanent pre-signed signature

How to get an pre-signed signature or link that have infinite expire in AWS. Or it is possible to create a permanent signature, using accesskey and secure key?
Shaak
  • 3
  • 1
0
votes
1 answer

AWS can't access RDS (Postgres) from network

I created a Postgres DB on RDS from my home in country X, currently I am in Y and I can not access the DB. I get a connection timed out response. The DB is set to be publicly accessible. I guess it has something to do with subnets / ACL or something…
jjuser19jj
  • 1,637
  • 3
  • 20
  • 38
0
votes
1 answer

Set a non public S3 bucket to have new uploaded keys default to bucket-owner-full-control

Is it possible to default all new uploaded keys to a specific bucket to have bucket-owner-full-control acl permissions? Couldn't find this in the documentation.
SomeGuyOnAComputer
  • 5,414
  • 6
  • 40
  • 72
0
votes
0 answers

S3 policy that allows uploads to subfolder only from user's Cognito `sub`

Goals: Limit uploads to specific set of subdirectories which helps the backend identify the reason for the upload: /avatar/..., /cover/... Have a way to identify the upload's cognito user Prevent other users overriding content in this user's…
Daniel Birowsky Popeski
  • 8,752
  • 12
  • 60
  • 125
0
votes
1 answer

Isn't there a predefined policy for IAM user access to AWS CodeDeploy

To attach the policy mentioned in step 2 can't it be chosen from policies
ishandutta2007
  • 16,676
  • 16
  • 93
  • 129
0
votes
1 answer

Adding Custom Annotations or Metadata to AWS access policy

I currently have an access policy for an Elasticsearch domain that looks like the following: { "Version": "2012-10-17", "Statement": [ { "Sid": "", "Effect": "Allow", "Principal": { "AWS": "*" }, …
Samuel Hawksby-Robinson
  • 2,652
  • 4
  • 24
  • 25
1 2
3
4