Home › Forums › AWS › AWS Certified DevOps Engineer Professional › Federated User – policy change › Reply To: Federated User – policy change
-
Hello Haridev,
Even if the IAM policy attached to the role is elevated to S3 full access if the S3 bucket policy is properly configured, restricting who and which methods are only allowed, then the federated role won’t still be able to perform what he wants on that bucket. It is because resource-based policies are evaluated first before Identity-based policies.
Regards,
Carlo @ Tutorials Dojo