SEC 3. How do you manage permissions for people and machines?

Manage permissions to control access to people and machine identities that require access to AWS and your workload. Permissions control who can access what, and under what conditions.

Best practices

SEC03-BP01 Define access requirements
SEC03-BP02 Grant least privilege access
SEC03-BP03 Establish emergency access process
SEC03-BP04 Reduce permissions continuously
SEC03-BP05 Define permission guardrails for your organization
SEC03-BP06 Manage access based on lifecycle
SEC03-BP07 Analyze public and cross-account access
SEC03-BP08 Share resources securely within your organization
SEC03-BP09 Share resources securely with a third party

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

SEC02-BP06 Leverage user groups and attributes

SEC03-BP01 Define access requirements