DEV Community

JL
JL

Posted on

AWS IAM Role and Policies

AWS IAM Role and Policies
IAM role and policies can be composed either via Visual Editor in AWS, or via plain JSON.

To follow the Least Privilege Principal, we can further restrict actions via Resource and Conditions.

To find the required Resource/Conditions for particular action, see:
https://iam.cloudonaut.io/reference/#/

For condition, you can use the service-specific string matching, such

      "Condition": {
         "StringEquals": {
            "aws:ResourceTag/Department": "Test"
         }
      }
Enter fullscreen mode Exit fullscreen mode

Ref:
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_ec2_securitygroups-vpc.html

Top comments (0)