Simple Notification Service (SNS)
Kinesis + MQ
Databases & Analytics
IAM Permission Boundaries
  • AWS supports permissions boundaries for IAM entities (users or roles).
  • They are like a "more powerful IAM policy for which the user MUST be allowed to do things in the permissions boundary for it do things in the actual AWS account."
  • A permissions boundary is an advanced feature for using a managed policy to set the maximum permissions that an identity-based policy can grant to an IAM entity.
  • An entity's permissions boundary allows it to perform only the actions that are allowed by both its identity-based policies and its permissions boundaries.
Copy link