Permission Boundaries
- AWS supports permission boundaries where we can specify maximum permissions to an idenity based policy
- While creating the user set the permission boundary
- Effective permissions are intersection of identity based policies and permission boundary
Rotating AWS Credentials
- To rotate AWS IAM Credentials we need to follow the steps
- Create a second access key in addition to the one which are in use
- Update all your applications to use the new access key and validate that the applications are working
- Change the state of previous access key to inactive
- Validate all your applications are working correctly or not
- Delete the inactive access key
- steps
- Now distribute these credentials to your applications
- make the status of previous access key inactive
- We can write scripts around
- Refer Here for the basic script
- Refer Here for the version with functions
- For python Refer Here
- For shell scripting Refer Here
