Difference between revisions of "AWS Service Control Policy (SCP)"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2019/03/service-control-policies-enable-fine-grained-permission-controls/
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
([[AWS timeline|Mar 2019]]) <ref>https://aws.amazon.com/about-aws/whats-new/2019/03/service-control-policies-enable-fine-grained-permission-controls/</ref> | ([[AWS timeline|Mar 2019]]) <ref>https://aws.amazon.com/about-aws/whats-new/2019/03/service-control-policies-enable-fine-grained-permission-controls/</ref> | ||
| − | |||
| − | |||
* https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html | * https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html | ||
| − | |||
== Examples == | == Examples == | ||
{{describe-organization example}} | {{describe-organization example}} | ||
| − | |||
== Activities == | == Activities == | ||
| Line 15: | Line 11: | ||
* [[AWS Organizations]] | * [[AWS Organizations]] | ||
* <code>[[aws organizations describe-organization]]</code> | * <code>[[aws organizations describe-organization]]</code> | ||
| − | * [[OU]] | + | * <code>[[aws sts get-caller-identity]]</code> |
| + | * [[Organization Units (OU)]] | ||
* [[AWS Guardrails]] | * [[AWS Guardrails]] | ||
Latest revision as of 10:37, 3 September 2023
Contents
Examples[edit]
{
"Organization": {
"Id": "o-pkdpvy9556",
"Arn": "arn:aws:organizations::0987654321:organization/o-pkdpvy9556",
"FeatureSet": "ALL",
"MasterAccountArn": "arn:aws:organizations::0987654321:account/o-pkdpvy9556/0987654321",
"MasterAccountId": "0987654321",
"MasterAccountEmail": "your_username@your_email.com",
"AvailablePolicyTypes": [
{
"Type": "SERVICE_CONTROL_POLICY",
"Status": "ENABLED"
}
]
}
}
Activities[edit]
Related[edit]
- AWS Organizations
aws organizations describe-organizationaws sts get-caller-identity- Organization Units (OU)
- AWS Guardrails
See also[edit]
- SCP
- AWS policies: managed policies, Job functions, AWS trust policy, AWS Service Control Policy (SCP), Resource-based policies, Identity-based policies,
"Resource":, Job function, AWS Policy Generator,s3:, lambda:, cloudwatch:, AWSSecretsManagerReadWriteAccess - AWS, AWS Management & Governance, AWS Organizations, AWS CloudTrail, AWS Control Tower, AWS Resource Access Manager (RAM), AWS Service Catalog, AWS Landing Zone, AWS SSO
Advertising:
