brandon/oam
1
0
Fork 0
mirror of https://gitea.com/mcereda/oam.git synced 2026-02-09 05:44:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(examples/aws): basic iam user permissions for humans

Browse Source
This commit is contained in:
Michele Cereda
2024-09-13 20:13:43 +02:00
parent f9612d4c5f
commit 31c313b3ac
3 changed files with 258 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
knowledge base/cloud computing/aws/iam.md
View File

@@ -32,6 +32,10 @@ Check [aws.permissions.cloud] for a community-driven source of truth for AWS ide
IAM does not expose policies' `Sid` element in the IAM API, so it can't be used to retrieve statements.
Watch out for explicit `Deny` statements, as they could prevent users from do seemingly completely unrelated things -
like accessing a Pulumi state file in a S3 bucket when an explicit `Deny` statement blocks IAM users from listing IAM
Groups when they are not logged in with MFA.
Examples:
<details>
@@ -229,7 +233,8 @@ UserId: AROA2HKHF74L72AABBCCDD:botocore-session-1234567890
- [Using AWS CLI Securely with IAM Roles and MFA]
<!--
References
Reference
═╬═Time══
-->
<!-- In-article sections -->