Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

36 lines (35 sloc) 819 Bytes
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DenyAccessToRole",
"Effect": "Deny",
"Action": [
"iam:AttachRolePolicy",
"iam:DeleteRole",
"iam:DeleteRolePermissionsBoundary",
"iam:DeleteRolePolicy",
"iam:DetachRolePolicy",
"iam:PutRolePermissionsBoundary",
"iam:PutRolePolicy",
"iam:UpdateAssumeRolePolicy",
"iam:UpdateRole",
"iam:UpdateRoleDescription"
],
"Resource": [
"arn:aws:iam::*:role/role-to-protect"
]
},
{
"Sid": "DenyAccessToShibbolethIDP",
"Effect": "Deny",
"Action": [
"iam:DeleteSAMLProvider",
"iam:UpdateSAMLProvider"
],
"Resource": [
"arn:aws:iam::*:saml-provider/idp-to-protect"
]
}
]
}
You can’t perform that action at this time.