David Williams
Reputation: 441
Trying to create an AWS policy that all allows everything except deletes
I'm looking to create a policy that allows access to all AWS services except for the Delete permissions. I see that I can do the following but you have to label every AWS service and "*:Delete*" doesn't work. Is there an easier way to allow all services except for the Delete permissions?
...
"Effect": "Allow",
"NotAction": [
"application-autoscaling:Delete*",
"autoscaling:Delete*"
],
"Resource": "*"
...
Upvotes: 1
Views: 865
Answers (1)
Related Questions
- AWS IAM multiple policies with conflicting conditions
- AWS allow user to create policies that doesn't create other policies?
- How to create a policy using the AWS CLI
- IAM user policy that can only triggered by a AWS service (Condition)
- IAM policy problem I want to attach only one policy and deny others
- AWS IAM Conditional Policies
- AWS IAM policy issues
- AWS IAM customized policy at instance level for EC2 doesn't work
- IAM Policy Deny Deregister AMI
- IAM policy not working