- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
AWS SCP Exceptions Explained — Management, Service-Linked Roles, and External Access
This video explains the most important exceptions to AWS Service Control Policies (SCPs) and why some requests are not blocked by them.
Topics covered:
• Why SCPs are not enforced on the management account
• How SCPs apply to the root user in member accounts
• What real service-linked roles are and how to identify them
• Task roles, execution roles, and instance profiles are still restricted by SCPs
• How access from AWS accounts inside vs outside your organization is evaluated
• Resource-based policies can allow access even when SCPs deny actions
• How API request origin determines whether an SCP is evaluated
Note: This video focuses on SCP evaluation behavior and documented exceptions. It does not cover implementation patterns, bypass techniques, or workarounds.
Part 1: SCP Deep Dive: https://youtu.be/mRk8l8hvuRw
Part 3: SCP Practice Questions: https://youtu.be/NRdMIV05K4c
Sign up for the email list:
https://email.knowhowtap.com/
References:
AWS Organizations – Service Control Policies (SCPs): https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html
AWS Organizations – SCP Evaluation and Policy Behavior: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_evaluation.html
AWS IAM – Policy Evaluation Logic: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
AWS Organizations – SCP Examples: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_examples.html
AWS Organizations – Troubleshooting SCPs: https://docs.aws.amazon.com/organizations/latest/userguide/org_troubleshoot_policies.html
#AWS #AmazonWebServices #AWSCloud #AWSOrganizations #SCP #SCPExceptions #AWSSecurity #CloudSecurity #AWSEdgeCases #EnterpriseCloud #awslearning
AWS is a trademark of Amazon.com, Inc. Not affiliated with or endorsed by Amazon Web Services.
Видео AWS SCP Exceptions Explained — Management, Service-Linked Roles, and External Access канала Know How Tap
Topics covered:
• Why SCPs are not enforced on the management account
• How SCPs apply to the root user in member accounts
• What real service-linked roles are and how to identify them
• Task roles, execution roles, and instance profiles are still restricted by SCPs
• How access from AWS accounts inside vs outside your organization is evaluated
• Resource-based policies can allow access even when SCPs deny actions
• How API request origin determines whether an SCP is evaluated
Note: This video focuses on SCP evaluation behavior and documented exceptions. It does not cover implementation patterns, bypass techniques, or workarounds.
Part 1: SCP Deep Dive: https://youtu.be/mRk8l8hvuRw
Part 3: SCP Practice Questions: https://youtu.be/NRdMIV05K4c
Sign up for the email list:
https://email.knowhowtap.com/
References:
AWS Organizations – Service Control Policies (SCPs): https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html
AWS Organizations – SCP Evaluation and Policy Behavior: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_evaluation.html
AWS IAM – Policy Evaluation Logic: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
AWS Organizations – SCP Examples: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_examples.html
AWS Organizations – Troubleshooting SCPs: https://docs.aws.amazon.com/organizations/latest/userguide/org_troubleshoot_policies.html
#AWS #AmazonWebServices #AWSCloud #AWSOrganizations #SCP #SCPExceptions #AWSSecurity #CloudSecurity #AWSEdgeCases #EnterpriseCloud #awslearning
AWS is a trademark of Amazon.com, Inc. Not affiliated with or endorsed by Amazon Web Services.
Видео AWS SCP Exceptions Explained — Management, Service-Linked Roles, and External Access канала Know How Tap
Комментарии отсутствуют
Информация о видео
28 января 2026 г. 20:45:11
00:07:57
Другие видео канала
AWS SCP Practice Scenarios — Test Your Understanding
Tapping into that “Literally Work from Anywhere” flow 💻 ☕️ 📡
Why AWS Denies Requests by Default
AWS Service Control Policies (SCPs) — How They Actually Work (2026)
IAM Says Yes. SCP Can Still Say No (AWS Permission Reality Check)
☕💻🏝️ Remote Work in “Paradise” Hits Different
Blue-Green Deployments on AWS: Because YOLO isn't a strategy
AWS Resiliency Explained for Beginners in 16 Seconds
Cloud Computing Explained for Beginners in 15 Seconds
The Most Interesting Sysadmin in the World
AWS Scaling Explained for Beginners in 16 Seconds
AWS SCPs Do Not Grant Permissions
SCPs Are Cumulative: Every Attached Policy Is Evaluated Together
AWS Public vs Private Networking Explained - Beginner Guide
