Add SCP to Prevent Creation of New IAM Users or Access Keys #42
Comments
sprkyco
pushed a commit
to sprkyco/aws-iam-permissions-guardrails
that referenced
this issue
Jun 10, 2021
sprkyco
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use Case - Is your feature request related to a problem? Please describe.
Restrict creation of any new IAM users access keys to prohibit bypass of SSO and other controls
Expected Outcome - Describe the solution you'd like
An SCP which restricts IAM accesskey and user creation explicitly
Describe alternatives you've considered
This may be beneficial to combine with preventing other sensitive IAM actions, but is worthwhile to have this separately to control just access key and new user creation.
Affected AWS resource
IAM
Impact
Low: Niche use case which is particularly affecting the AWS resources if it is configured in a certain way
Supported material
N/A
I can contribute: Yes/No
Yes
Additional context
N/A
Pull Request number
#43
The text was updated successfully, but these errors were encountered: