Highest Voted 'aws-policies' Questions

0

votes

1 answer

Conditions on the Trust Policy of an IAM Role

Can someone explain why Roles were designed by AWS to have a Principal like entire service (EC2, Lambda etc.) i.e. without the ability to associate/restrict to be assumable by a specific EC2 Instance type or a specific Lambda function - Am I missing…

amazon-web-services amazon-iam aws-policies

asked Feb 13 '20 at 13:04

Abhishek Palakkal Kaliyath

567
9
23

0

votes

1 answer

What cidr range should I use in my api gateway resource policy to allow lambda to call my endpoint?

I have setup the follow resource policy in api gateway to restrict access to a source IP (x is just a placeholder). When I manually hit the api endpoint from postman the policy correctly restricts access only to the cidr range I specified in the…

amazon-web-services aws-lambda aws-api-gateway aws-policies

asked Feb 06 '20 at 11:39

Freid001

2,580
3
29
60

0

votes

1 answer

What are the aws iam policies for ListDiscoveredResources and ListResource Functions

What are the aws iam policies for ListDiscoveredResources and ListResource Functions? When I tried from aws cli, its returning the error user is not authorised to perform:config:listDiscoveredResources for list discovered resource and user is not…

c# amazon-web-services amazon-iam aws-policies

asked Jan 28 '20 at 09:07

Parvathy

177
1
3
10

-1

votes

1 answer

If a AWS IAM Policy is directly assigned to a AWS User rather than to a AWS Role, then what's the use of the AWS Role?

If a AWS IAM Policy is directly assigned to a AWS User rather than to a AWS Role, then what's the use of the AWS Role ?

aws-policies aws-roles

asked Aug 30 '23 at 08:51

user2192023

1,601
2
11
12

-1

votes

1 answer

How can I restrict IP addresses dynamically and release them after 24hrs for AWS s3?

I want to restrict the IP address for some hours(say 24 hrs), for those who query to my AWS s3 bucket(public read only) for more than 100/second. As they might be spam and wanted to harm my business by increasing traffic and raising my AWS costing.…

amazon-web-services amazon-s3 aws-policies s3-iam-policy

asked Jan 17 '23 at 08:59

Shashi Ranjan

87
1
10

-1

votes

1 answer

Are AWS user and group policies combined or intersected

I have 3 AWS users each with their own policy (bucket name is different for each user): { "Version": "2012-10-17", "Statement": [ { "Sid": "AllowObjectAccess", "Effect": "Allow", "Action": [ …

amazon-web-services amazon-iam aws-policies

asked Nov 28 '22 at 09:56

rfg

1,331
1
8
24

-1

votes

1 answer

Is there a way to retrieve multiple users inline policies in AWS?

I am using aws iam get-user-policy --user-name Bob --policy-name ExamplePolicy https://docs.aws.amazon.com/cli/latest/reference/iam/get-user-policy.html To retrieve a policy. I am wondering if there's a way to retrieve multiple users and their…

python-3.x bash amazon-web-services amazon-iam aws-policies

asked Jan 19 '22 at 06:05

Lam

11
2

-1

votes

2 answers

What does "dynamodb:Reserved" do?

This permission is under a deny block. I'm trying to figure out what exactly the reserved is doing here.

amazon-web-services amazon-dynamodb aws-cloudformation amazon-iam aws-policies

asked Jan 16 '22 at 06:07

taur5abi

1

-1

votes

1 answer

An error occurred (NotAuthorizedException) when calling the UpdateUserPool operation

An error occurred (NotAuthorizedException) when calling the UpdateUserPool operation: Caller needs to have kms:CreateGrant permission on provided KMS Key aws cognito-idp update-user-pool --user-pool-id {user_pool_id} --lambda-config…

amazon-web-services amazon-cognito amazon-kms aws-policies

asked Jul 16 '21 at 13:16

Ranjan Raj Shrestha

89
1
6

-1

votes

1 answer

Bucket policy to allow based on provided ip address but allow a snowflake role inspite of ip address

I have a situation where I need to restrict s3 bucket to deny all other ips except the list of ips provided but also allow access for snowflake. Since the list of possible ip addresses used by snowflake in a region is a lot -…

json amazon-web-services amazon-s3 snowflake-cloud-data-platform aws-policies

asked Jun 17 '21 at 16:30

Arun Joseph

1
1

-1

votes

1 answer

Would there ever be a need to add ...IfExists operator to Condition Operators on 'AWS Global Condition Context Keys'?

Would there ever be a need to add ...IfExists operator to Condition Operators on 'AWS Global Condition Context Keys'? AWS Global Condition Context Keys are available in every request context. AWS documentation states that: If you use condition…

amazon-web-services amazon-iam aws-policies

asked May 17 '20 at 15:27

Abhishek Palakkal Kaliyath

567
9
23

-1

votes

1 answer

PolicySimulator for ec2:AttachVolume

I am trying to validate action ec2:AttachVolume using policy simulator sdk java API. my policy looks as follows { "Action": [ "ec2:AttachVolume" ] }, "Effect": "Allow", …

amazon-web-services amazon-s3 amazon-ec2 aws-java-sdk aws-policies

asked Apr 05 '20 at 06:44

prakash

1
1

-3

votes

1 answer

Delete Objects in S3 older than 90 days. (S3 Management Console )

I want my s3 bucket to delete Objects older than 3 months. I am trying this in the s3 management console but I am getting confused about the option to select. I tried all these options but non of them deleted the objects. 1. Expire current versions…

amazon-web-services amazon-s3 aws-policies

asked Dec 10 '22 at 18:30

Amjad

93
2
9

Questions tagged [aws-policies]