Home › Forums › AWS › AWS Certified DevOps Engineer Professional › Cross account and resource-level permission › Reply To: Cross account and resource-level permission
-
Hi Claude,
To accomplish this, you can add the aws:PrincipalOrgPaths condition in the policy of your IAM Role. Set the value to the organizational unit ID of the caller in the resource-based policy attached to your resource.
For more information, please refer here:
https://aws.amazon.com/blogs/security/iam-share-aws-resources-groups-aws-accounts-aws-organizations/
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!
Regards,
Jon Bonso @ Tutorials Dojo
- This reply was modified 4 years, 6 months ago by Jon-Bonso.