Qtr No. 213, New Town Yehlanka Indore 454775
You have multiple AWS accounts in your enterprise based on the project and geographical region. You want to set up a centralized control for all user permissions. How do you manage to limit the permission boundary such as restricting the IAM Principals in accounts from modifying the administrative IAM role except the role itself?
Bring all your AWS accounts under AWS Organizations. Create a service control policy(SCP) attached to the root, that defines the permission guardrails across the accounts in your organization. The SCP denies all principals in the accounts from updating or deleting the AdminRole, except the administrative IAM role itself.
Setup an IAM role that defines the permission guardrails across the accounts in your organization. It denies all principals in the account from updating or deleting the AdminRole, except the administrative IAM role itself.
Bring all your AWS accounts under AWS Organizations. Create a service control policy(SCP) at an organization unit(OU), that defines the permission guardrails across the accounts in your organization. The SCP denies all principals in the accounts from updating or deleting the AdminRole, except the administrative IAM role itself.
Bring all your AWS accounts under AWS Organizations. Create a service control policy(SCP) at a member account, that defines the permission guardrails across the accounts in your organization. The SCP denies all principals in the accounts from updating or deleting the AdminRole, except the administrative IAM role itself.
To get all Infosys Certified AWS Professional Practitioner Exam questions Join Group https://bit.ly/infy_premium_group
We're passionate about offering best placement materials and courses!! A one stop place for Placement Materials. We daily post Offcampus updates and Placement Materials.
Qtr No. 213, New Town Yehlanka Indore 454775
admin@prepflix.in
