AWS Classroom Series – 21/Nov/2020

Not in IAM Policy

  • In IAM Policy we Have
    • Not Action:
      • All actions apart from mentioned ones in Not Action
    • Not Resource
      • All Resources apart from mentioned ones in Not Resources
    • Refer Here for not action example

Conditions in IAM Policy

  • Give Access to all resources which belong to dev environment to the user
  • All the resources in dev environment will have a tag environment with value dev
  • Refer Here for condition operators
  • Refer Here for sample policy
  • Create a policy in IAM which gives access to the user to all ec2 resources in oregon region and no access in other regions
  • Refer Here for solution
  • Write an IAM Policy which gives access to the user to all vpcs apart from one specific vpc
  • Refer Here for solution
  • Give AWS Administrator access to user at user policy level and give deny s3 access policy at group level
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect" : "Deny",
            "Action": "s3:*",
            "Resource": "*"
        }
    ]
}

Scenario:

  • Integrate your existing Active Directory Federation Service with AWS IAM
  • Refer Here for official docs
  • Refer Here for blog article
  • Refer Here for Active Directory fundamental videos on youtube.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off
Social Network Widget by Acurax Small Business Website Designers

Discover more from Direct DevOps from Quality Thought

Subscribe now to keep reading and get access to the full archive.

Continue reading

Visit Us On FacebookVisit Us On LinkedinVisit Us On Youtube