Home › Forums › AWS › AWS Certified Security – Specialty › Security Speciality Timed mode Diagnostic test – 45 › Reply To: Security Speciality Timed mode Diagnostic test – 45
-
Hello Vinod4b9,
“how can the user know that you have removed default full access AWS scp here ?”
>> The permissions for the SCP were given in the question (Only CloudTrail and IAM were given full permissions). An SCP that grants full access would look like this:
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: “*”,
“Resource”: “*”
}
]
}
Let me know if this answers your question.
Regards,
Carlo @ Tutorials Dojo- This reply was modified 3 years, 8 months ago by Carlo-TutorialsDojo.