you did a great job explaining it, great graphics, it's nice to watch
@WojciechLepczynski Жыл бұрын
thanks for feedback :)
@Tony-bc4wc Жыл бұрын
Thank you for this tutorial it is very useful
@WojciechLepczynski Жыл бұрын
No problem. New tutorial coming soon
@eduardotayupanta64169 ай бұрын
For resource kms don’t work Is different for key policy?
@WojciechLepczynski9 ай бұрын
There are no implicit or automatic permission to use or manage a KMS key. The primary way to manage access to your AWS KMS resources is with policies. KMS keys belong to the AWS account in which they were created. However, no identity or principal, including the AWS account root user, has permission to use or manage a KMS key unless that permission is explicitly provided in a key policy, IAM policy or grant. The IAM identity who creates a KMS key is not considered to be the key owner and they don't automatically have permission to use or manage the KMS key that they created. Like any other identity, the key creator needs to get permission through a key policy, IAM policy, or grant. However, identities who have the kms:CreateKey permission can set the initial key policy and give themselves permission to use or manage the key. To better understand KMS you can read for example docs.aws.amazon.com/kms/latest/developerguide/control-access.html
@eduardotayupanta64169 ай бұрын
@@WojciechLepczynski thanks for your explanation, I was a bit confused with the key policy.
@WojciechLepczynski9 ай бұрын
sure, no problem KMS, especially cross-account and cross-region can be confusing
@sudsrmsee Жыл бұрын
Ur name I m. Unable to read or speak, btw good 🎥
@WojciechLepczynski11 ай бұрын
Thanks for the feedback, new video coming soon.
@MarkoPetrovic-p2k Жыл бұрын
If you need any evidence that AWS is pure mess riding on marketing, this is perfect example.