AWS Certified Solutions Architect - Professional 2020

Sign Up Free or Log In to participate!

User with IAMAdministrator access can create IAM user will Administrator access

Is there a way to limit which right an user with IAMAdministrator access grant to another user that he created?

1 Answers

AFAIK, no, not within a single AWS account.

Within the scope of AWS Organizations, Service Control Policies can be used to limit the IAM permissions that may be applied within member accounts of the Organization.


And remember the SCP does not apply to the root account

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?