AWS Service Control Policy (SCP)
Jump to navigation
Jump to search
↑ https://aws.amazon.com/about-aws/whats-new/2019/03/service-control-policies-enable-fine-grained-permission-controls/
Contents
Examples
{ "Organization": { "Id": "o-pkdpvy9556", "Arn": "arn:aws:organizations::0987654321:organization/o-pkdpvy9556", "FeatureSet": "ALL", "MasterAccountArn": "arn:aws:organizations::0987654321:account/o-pkdpvy9556/0987654321", "MasterAccountId": "0987654321", "MasterAccountEmail": "your_username@your_email.com", "AvailablePolicyTypes": [ { "Type": "SERVICE_CONTROL_POLICY", "Status": "ENABLED" } ] } }
Activities
Related
- AWS Organizations
aws organizations describe-organization
aws sts get-caller-identity
- OU
- AWS Guardrails
See also
- SCP
- AWS policies: managed policies, Job functions, AWS trust policy, AWS Service Control Policy (SCP), Resource-based policies, Identity-based policies,
"Resource":
, Job function, AWS Policy Generator,s3:, lambda:, cloudwatch:, AWSSecretsManagerReadWriteAccess
- AWS, AWS Management & Governance, AWS Organizations, AWS CloudTrail, AWS Control Tower, AWS Resource Access Manager (RAM), AWS Service Catalog, AWS Landing Zone, AWS SSO
Advertising: