From the course: AWS Essential Training for Administrators
Join today to access over 25,300 courses taught by industry experts.
Permissions boundaries - Amazon Web Services (AWS) Tutorial
From the course: AWS Essential Training for Administrators
Permissions boundaries
- [Instructor] Imagine this scenario. You are the administrator of a large AWS account and you need to delegate some responsibility. You want to empower your development teams to create their own IAM users and policies, but you're worried they might create a policy that gives a user full administrative access, which could lead to privilege escalation. How do you delegate responsibility while maintaining control over the maximum permissions anyone can have? This is where permissions boundaries can help. A permissions boundary is an IAM policy that sets the maximum permissions an IAM user or role can be granted. It doesn't grant permissions itself. It simply limits the maximum permissions an entity can have. Let's use a scenario to see how this works. Say you are the administrator and you want to delegate user and policy management to your team leads, but you want to ensure that all users they create can only have permissions…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.