Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified DevOps Engineer Professional Cross account and resource-level permission Reply To: Cross account and resource-level permission

  • Jon-Bonso

    Administrator
    May 5, 2020 at 8:45 am

    Hi Claude,

    To accomplish this, you can add the aws:PrincipalOrgPaths condition in the policy of your IAM Role. Set the value to the organizational unit ID of the caller in the resource-based policy attached to your resource.

    For more information, please refer here:

    https://aws.amazon.com/blogs/security/iam-share-aws-resources-groups-aws-accounts-aws-organizations/

    Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!

    Regards,

    Jon Bonso @ Tutorials Dojo

    • This reply was modified 3 years, 9 months ago by  Jon-Bonso.