AWS IAM user policy that is used by the "Access Key Alias"
Document ID :
Last Modified Date :
Show Technical Document Details
CA Privileged Access Management
PRIVILEGED ACCESS MANAGEMENT:CAPAMX
When the IAM user who is set to the "access key alias" of the AWS has the "PowerUserAccess" policy only, the below understanding is correct?
On the AWS policy, if I set less restrict policy than the PowerUserAcesss, it is possible to do division of authority.
On the AWS policy, if I set more restrict policy than the PowerUserAccess, when the user tries to AWS console from the Access screen, it will not reach the AWS console screen because of the access denied.
CA Privileged Access Manager (PAM) r3.x
They are correct.
Was this information helpful?