Difference between revisions of "AWS Service Control Policy (SCP)"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2019/03/service-control-policies-enable-fine-grained-permission-controls/
(14 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | ([[AWS timeline|Mar 2019]]) <ref>https://aws.amazon.com/about-aws/whats-new/2019/03/service-control-policies-enable-fine-grained-permission-controls/</ref> | ||
+ | * https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html | ||
+ | == Examples == | ||
+ | {{describe-organization example}} | ||
+ | |||
+ | == Activities == | ||
+ | * [[How to revoke federated users’ active AWS sessions]] | ||
== Related == | == Related == | ||
− | * [[AWS | + | * [[AWS Organizations]] |
+ | * <code>[[aws organizations describe-organization]]</code> | ||
+ | * <code>[[aws sts get-caller-identity]]</code> | ||
+ | * [[Organization Units (OU)]] | ||
+ | * [[AWS Guardrails]] | ||
+ | == See also == | ||
+ | * {{SCP}} | ||
+ | * {{AWS policies}} | ||
+ | * {{AWS Governance}} | ||
[[Category:AWS]] | [[Category:AWS]] |
Latest revision as of 10:37, 3 September 2023
Contents
Examples[edit]
{ "Organization": { "Id": "o-pkdpvy9556", "Arn": "arn:aws:organizations::0987654321:organization/o-pkdpvy9556", "FeatureSet": "ALL", "MasterAccountArn": "arn:aws:organizations::0987654321:account/o-pkdpvy9556/0987654321", "MasterAccountId": "0987654321", "MasterAccountEmail": "your_username@your_email.com", "AvailablePolicyTypes": [ { "Type": "SERVICE_CONTROL_POLICY", "Status": "ENABLED" } ] } }
Activities[edit]
Related[edit]
- AWS Organizations
aws organizations describe-organization
aws sts get-caller-identity
- Organization Units (OU)
- AWS Guardrails
See also[edit]
- SCP
- AWS policies: managed policies, Job functions, AWS trust policy, AWS Service Control Policy (SCP), Resource-based policies, Identity-based policies,
"Resource":
, Job function, AWS Policy Generator,s3:, lambda:, cloudwatch:, AWSSecretsManagerReadWriteAccess
- AWS, AWS Management & Governance, AWS Organizations, AWS CloudTrail, AWS Control Tower, AWS Resource Access Manager (RAM), AWS Service Catalog, AWS Landing Zone, AWS SSO
Advertising: