AWS IAM Permissions Boundaries Are Incomplete Without Propagation

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "CreateOrChangeOnlyWithBoundary",
"Effect": "Allow",
"Action": "iam:CreateRole",
"Resource": "*",
"Condition": {
"StringEquals": {
"iam:PermissionsBoundary": "arn:aws:iam::123456789012:policy/MyBoundaryPolicy"
}
}
}
]
}

--

--

--

Cloud Robotics Research Scientist at @iRobot

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Practical Azure: Secure a .NET Core Web API using Azure AD B2C.

Failure Embracing Development

Average histogram of R,G,B histograms

HoodMapper — My Own Hackathon

6 Reasons Why You Should Learn Python in 2021

Launching a VPC network for deploying WordPress with Database on AWS using Terraform

How to choose the right Business Analytics tool?

How to start a Drupal website

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ben Kehoe

Ben Kehoe

Cloud Robotics Research Scientist at @iRobot

More from Medium

Get your Github personal access tokens out of AWS

Terraform Refactoring Nightmare

Bootstrapping AWS CDK in a Secure Environment

Infrastructure pipelines: How are they different from application CDs?