HeatherAck
commented
1 year ago To enhance access control experience, AWS launched new fine-grained AWS Identity and Access Management (IAM) actions for AWS Billing, Cost Management, and Account services. We will be retiring the existing IAM actions that control access to the Billing, Cost Management, and Account Consoles on July 6, 2023. We recommend you update your policies [1] to include fine-grained actions before July 6, 2023 so that your users’ access does not change after the retirement of these existing actions. Since existing actions will continue to protect access to our consoles until July 6, 2023, please wait to remove existing actions from your policies until then.
These new fine-grained actions give AWS customers more control over access to these services. With these actions, you will have a single set of actions that govern console and programmatic access to AWS Billing, Cost Management, and Account services.
The existing IAM actions that currently control access to services on AWS Billing, Cost Management, and Account consoles under the aws-portal service prefix, and the purchase-orders:ViewPurchaseOrders, and purchase-orders:ModifyPurchaseOrders actions will no longer be available after July 6, 2023.
Please review our blog [1] for the existing action retirement timeline and a detailed guide on how and which policies you need to update. Please review our Billing Console [2] and Cost Management [3] user guides to learn more about the new fine-grained IAM actions.
See also: https://jira.linuxfoundation.org/plugins/servlet/desk/portal/2/IT-25215
Update policies in AWS account