명시적 거부가 있으면 우선적으로 block
이후는 허용 찾는거
명시적 거부도 없고 명시적 허용도 없으면 묵시적 거부가 일어남
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
Policy evaluation logic - AWS Identity and Access Management
Policy evaluation logic When a principal tries to use the AWS Management Console, the AWS API, or the AWS CLI, that principal sends a request to AWS. When an AWS service receives the request, AWS completes several steps to determine whether to allow or den
docs.aws.amazon.com
'AWS > AWS Security Engineering' 카테고리의 다른 글
| AWS 인스턴스 메타데이터 서비스 IMDS (0) | 2022.03.16 |
|---|---|
| 보안 위험 평가 (0) | 2022.03.16 |
| AWS 침투 테스팅 : Penetration Tesing (0) | 2022.03.16 |
| AWS Systems Manager (0) | 2022.03.15 |
| AWS Inspector (0) | 2022.03.15 |