Skip to content

Improve scoping of access controls

Pre-release
Pre-release

Choose a tag to compare

View all tags
@skuenzli skuenzli released this 27 Nov 23:22
· 19 commits to master since this release
v0.6.0
d16604b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This release improves scoping of the access controls:

  1. The DenyEveryoneElse statement scopes its coverage to the account's IAM users instead of all IAM principals, enabling use provisioned by an AWS service via KMS key grants, e.g. DynamoDB
  2. Use Like within the Deny when an Allow statement has done so
Assets 2
Loading