AWS IAM Permissions Boundaries Are Incomplete Without Propagation

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "CreateOrChangeOnlyWithBoundary",
"Effect": "Allow",
"Action": "iam:CreateRole",
"Resource": "*",
"Condition": {
"StringEquals": {
"iam:PermissionsBoundary": "arn:aws:iam::123456789012:policy/MyBoundaryPolicy"
}
}
}
]
}

--

--

--

Cloud Robotics Research Scientist at @iRobot

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Bookstore — TryHackMe — WriteUp

Retail Microservices: Service to Service Communication

5 Figma Plugins That Can Covert Figma Design To Flutter Code

How Thumbtack Engineering Built Its Model Serving System in Scala

Ruby on Rails — Bounded contexts via interface objects

Getting started with .NET Xero OAuth2.0

Google Apps Script for Metabase users

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ben Kehoe

Ben Kehoe

Cloud Robotics Research Scientist at @iRobot

More from Medium

Multi-Cloud is NOT the solution to the next AWS outage.

AWS IAM Policy Condition Keys Won’t Always Work!

Github Actions & AWS OIDC

Change the Size of a Linux EBS Volume with ease in AWS