AWS Security Blog

Tag: Permissions

With New ELB Permissions, Support for IAM in AWS Is Going Strong

The Elastic Load Balancing team announced on May 13, 2014 that they’ve added support for resource-level permissions. Not only can you specify which ELB actions a user can perform, you can specify which resources the user can perform those actions on. For more information about the new ELB permissions, see Controlling Access to Your Load […]

Read More

Announcement: Resource Permissions for additional EC2 API actions

Yesterday AWS announced that it now supports resource-level permissions for seven additional EC2 APIs, including: DeleteNetworkAcl DeleteNetworkAclEntry DeleteRoute DeleteRouteTable DeleteDhcpOptions DeleteInternetGateway DeleteCustomerGateway As with other EC2 API actions that support resource-level permissions, you can also construct policies based on the tags associated with the resources.  To learn more, go to either our recent post on […]

Read More

A Primer on RDS Resource-Level Permissions

Previously, we blogged about how to use resource-level permissions for Amazon EC2 to control access to specific EC2 instances.  Resource-level permissions can now also be applied to Amazon Relational Database Service (Amazon RDS).  This week’s guest blogger, Chris Checkwitch, Software Development Manager on the RDS team, will explain how to tackle the commonly requested use case of controlling access to […]

Read More

Generating IAM Policies in Code

If you’ve worked with AWS Identity and Access Management (IAM) policies, you know that they’re expressed as JSON documents. For example, here’s a policy that grants permission to perform some actions in our Amazon Glacier storage service: { “Version”: “2012-10-17”, “Statement”: [ { “Action”: [ “glacier:ListVaults”, “glacier:DescribeVault”, “glacier:GetVaultNotifications” ], “Effect”: “Allow”, “Resource”: “*” } ] } […]

Read More