Difference between revisions of "AWS policy"
Jump to navigation
Jump to search
(→Errors) |
|||
(39 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
− | + | [[AWS managed policies]]: | |
− | |||
* <code>[[iam]]:ChangePassword</code> (Policy) | * <code>[[iam]]:ChangePassword</code> (Policy) | ||
− | |||
* <code>[[AmazonS3FullAccess]]</code> | * <code>[[AmazonS3FullAccess]]</code> | ||
− | + | * <code>[[AmazonRoute53FullAccess]]</code> | |
* <code>[[AmazonDynamoDBFullAccess]]</code> | * <code>[[AmazonDynamoDBFullAccess]]</code> | ||
− | + | * <code>[[AmazonInspectorReadOnlyAccess]]</code> | |
+ | * <code>[[AmazonInspector2ReadOnlyAccess]]</code> | ||
+ | * <code>[[ReadOnlyAccess]]</code> | ||
* <code>[[ClientVPNServiceRolePolicy]]</code> | * <code>[[ClientVPNServiceRolePolicy]]</code> | ||
* <code>[[ClientVPNServiceConnectionsRolePolicy]]</code> | * <code>[[ClientVPNServiceConnectionsRolePolicy]]</code> | ||
+ | * <code>[[arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy]]</code> | ||
== Errors == | == Errors == | ||
* <code>[[Cannot attach a Service Role Policy to a Customer Role.]]</code> | * <code>[[Cannot attach a Service Role Policy to a Customer Role.]]</code> | ||
+ | * <code>[[An error occurred (NoSuchBucketPolicy) when calling the GetBucketPolicy operation: The bucket policy does not exist]]</code> | ||
+ | |||
+ | == Type == | ||
+ | * [[AWS trust policy]] | ||
+ | * [[Bucket policies]] | ||
+ | * [[User policies]] | ||
+ | * [[ACLs]] | ||
+ | * [[AWS Service Control Policy (SCP)]] | ||
+ | |||
+ | == [[aws iam]] policy commands == | ||
+ | * {{aws iam policy TOC}} | ||
+ | |||
+ | == Activities == | ||
+ | * [[How to revoke federated users’ active AWS sessions]] | ||
+ | * [[AWS: Denies access to AWS based on the requested Region]] | ||
+ | * [[AWSSecretsManagerReadWriteAccess managed policy]] | ||
== Related terms == | == Related terms == | ||
− | * [[ | + | * [[AWS Role]]: <code>[[OrganizationAccountAccessRole]]</code> |
− | * [[AWS | + | * [[AWS managed policy: AmazonS3ReadOnlyAcces]] |
− | * [[AWS | + | * [[Terraform resources]]: <code>[[Terraform resource: aws_iam_policy|aws_iam_policy]]</code> |
+ | * [[Resource-based policies]] and [[Identity-based policies]] | ||
+ | * [[List of AWS policies]] | ||
+ | * [[Service role]] | ||
+ | * [[AWS EC2 Instance Connect]] (Jun 2019) | ||
+ | * [[Permission sets]] | ||
+ | * [[AWS Policy Generator]] | ||
+ | * <code>[[s3:]], [[s3:ListBucket]], [[s3:ListAllMyBuckets]]</code> | ||
+ | * <code>[[s3:]], [[lambda:]], [[cloudwatch:]]</code> | ||
== See also == | == See also == | ||
− | * {{ | + | * {{aws iam policies}} |
+ | * {{AWS managed policies}} | ||
+ | * {{AWS policies}} | ||
[[Category:AWS]] | [[Category:AWS]] |
Latest revision as of 13:35, 30 August 2024
iam:ChangePassword
(Policy)AmazonS3FullAccess
AmazonRoute53FullAccess
AmazonDynamoDBFullAccess
AmazonInspectorReadOnlyAccess
AmazonInspector2ReadOnlyAccess
ReadOnlyAccess
ClientVPNServiceRolePolicy
ClientVPNServiceConnectionsRolePolicy
arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy
Errors[edit]
Cannot attach a Service Role Policy to a Customer Role.
An error occurred (NoSuchBucketPolicy) when calling the GetBucketPolicy operation: The bucket policy does not exist
Type[edit]
aws iam policy commands[edit]
aws iam create-policy
aws iam list-policies
aws iam list-attached-user-policies --user-name
aws iam list-group-policies
aws iam list-role-policies
aws iam put-group-policy
aws iam put-role-policy
aws iam put-user-policy
aws iam attach-role-policy
aws iam attach-group-policy
Activities[edit]
- How to revoke federated users’ active AWS sessions
- AWS: Denies access to AWS based on the requested Region
- AWSSecretsManagerReadWriteAccess managed policy
Related terms[edit]
- AWS Role:
OrganizationAccountAccessRole
- AWS managed policy: AmazonS3ReadOnlyAcces
- Terraform resources:
aws_iam_policy
- Resource-based policies and Identity-based policies
- List of AWS policies
- Service role
- AWS EC2 Instance Connect (Jun 2019)
- Permission sets
- AWS Policy Generator
s3:, s3:ListBucket, s3:ListAllMyBuckets
s3:, lambda:, cloudwatch:
See also[edit]
aws iam [ list-policies | list-attached-user-policies | list-group-policies | list-role-policies | put-group-policy | put-role-policy | put-user-policy | create-policy | attach-role-policy ]
- AWS managed policies:
ReadOnlyAccess, ViewOnlyAccess, AdministratorAccess, SecurityAudit, ViewBilling, AmazonEKSClusterPolicy
, List of AWS policies - AWS policies: managed policies, Job functions, AWS trust policy, AWS Service Control Policy (SCP), Resource-based policies, Identity-based policies,
"Resource":
, Job function, AWS Policy Generator,s3:, lambda:, cloudwatch:, AWSSecretsManagerReadWriteAccess
Advertising: