Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

Do the policies attached to IAM groups take precedence over the policies attached to individual IAM users?

byMR
March 11, 2023

I have a question
let’s assume I attached IAM policy "EC2FullAccess" to a user
and then I added that specific user to a group
but that group don’t have "EC2FullAccess" Policy
is he will still able to access to EC2?

>Solution :

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

No, one doesn’t take precedence over the other. They are "combined". The user would have all the permissions applied to the group, plus all the permissions applied to their individual account.

The exception is a Deny statement in a policy, which always takes precedence over any Allow statement.

byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading