|
|
|
|
|
|
by acdha
2017 days ago
|
|
|
It’s an order of magnitude less work to set an IAM policy because that doesn’t require ongoing maintenance commitments. An IAM policy is a one-time setup cost and the limited duration keeps people honest about not accumulating unmanaged local state. It’s also handy for non-administrators to contain a compromise or error - if someone pops a shared system multiple users will be affected. |
|
|