Source: medium.com
AWS IAM Policy: Region based restriction and permission
Many times we run into scenarios where we need to restrict access of an IAM user for particular service or a particular region or in case if your keys get compromised somehow, having an adequate access can ruin your day. As a best practice one should use IAM roles, Cognito etc for access AWS services internally but that too must have restricted permission. For example : If a user key having adequate access to EC2s or S3 or any service gets compromised.
Many things can happen — Your data can be compromised, your account billing may have unwanted add on charges or your setup can be wipe out etc.
One can allow/deny access based on region as well as allow/deny specific access in particular region.
Many things can happen — Your data can be compromised, your account billing may have unwanted add on charges or your setup can be wipe out etc.
One can allow/deny access based on region as well as allow/deny specific access in particular region.
Related Articles
Community Partners
DevOps Careers