Difference between revisions of "AWS Service Control Policy (SCP)"
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2019/03/service-control-policies-enable-fine-grained-permission-controls/
| Line 12: | Line 12: | ||
* <code>[[aws organizations describe-organization]]</code> | * <code>[[aws organizations describe-organization]]</code> | ||
* <code>[[aws sts get-caller-identity]]</code> | * <code>[[aws sts get-caller-identity]]</code> | ||
| − | * [[OU]] | + | * [[Organization Units (OU)]] |
* [[AWS Guardrails]] | * [[AWS Guardrails]] | ||
Latest revision as of 10:37, 3 September 2023
Contents
Examples[edit]
{
"Organization": {
"Id": "o-pkdpvy9556",
"Arn": "arn:aws:organizations::0987654321:organization/o-pkdpvy9556",
"FeatureSet": "ALL",
"MasterAccountArn": "arn:aws:organizations::0987654321:account/o-pkdpvy9556/0987654321",
"MasterAccountId": "0987654321",
"MasterAccountEmail": "your_username@your_email.com",
"AvailablePolicyTypes": [
{
"Type": "SERVICE_CONTROL_POLICY",
"Status": "ENABLED"
}
]
}
}
Activities[edit]
Related[edit]
- AWS Organizations
aws organizations describe-organizationaws sts get-caller-identity- Organization Units (OU)
- AWS Guardrails
See also[edit]
- SCP
- AWS policies: managed policies, Job functions, AWS trust policy, AWS Service Control Policy (SCP), Resource-based policies, Identity-based policies,
"Resource":, Job function, AWS Policy Generator,s3:, lambda:, cloudwatch:, AWSSecretsManagerReadWriteAccess - AWS, AWS Management & Governance, AWS Organizations, AWS CloudTrail, AWS Control Tower, AWS Resource Access Manager (RAM), AWS Service Catalog, AWS Landing Zone, AWS SSO
Advertising:
