AWS/AWS Security Engineering
AWS 엑세스 권한 부여 로직
ColinKang
2022. 3. 16. 09:43
명시적 거부가 있으면 우선적으로 block
이후는 허용 찾는거
명시적 거부도 없고 명시적 허용도 없으면 묵시적 거부가 일어남
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
Policy evaluation logic - AWS Identity and Access Management
Policy evaluation logic When a principal tries to use the AWS Management Console, the AWS API, or the AWS CLI, that principal sends a request to AWS. When an AWS service receives the request, AWS completes several steps to determine whether to allow or den
docs.aws.amazon.com