This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2022-05-03
Channels
- # announcements (21)
- # aws (6)
- # babashka (28)
- # beginners (39)
- # biff (1)
- # calva (23)
- # cider (5)
- # clj-kondo (108)
- # clojure (11)
- # clojure-europe (17)
- # clojure-nl (2)
- # clojure-nlp (10)
- # clojure-uk (8)
- # clojurescript (29)
- # community-development (4)
- # conjure (20)
- # css (3)
- # datalevin (9)
- # datomic (3)
- # events (2)
- # figwheel-main (11)
- # fulcro (36)
- # honeysql (7)
- # humbleui (5)
- # interceptors (4)
- # introduce-yourself (3)
- # jobs (1)
- # lsp (51)
- # malli (1)
- # meander (71)
- # minecraft (8)
- # other-languages (18)
- # pathom (15)
- # polylith (25)
- # portal (10)
- # re-frame (5)
- # reitit (15)
- # releases (1)
- # remote-jobs (1)
- # shadow-cljs (11)
- # tools-deps (27)
So I just discovered that AWS roles have a limit of 10/20 managed policies attached. So I guess that many fine-grained policies is a dead end, and instead I should use fewer coarse-grained policies (or even a single policy file). For example, a single policy that deals with all S3 buckets etc that can be accessed, rather than one-policy-per-bucket. Is that correct or am I missing something?
Look at resource based policies? e.g. attach your policies to the buckets, instead of to the identities.
Thanks, I didn't know those existed. Might solve some (but not all) cases for services that do support them.
How do you manage your policies? If you’re using something like terraform, in my experience there’s little benefit to managed policies, since in your tf code there’s not much of a difference between a managed policy and a bunch of inline policies that use the same text that comes out of a single file