Slide 18
Slide 18 text
メール件名
CloudTrail Managed Policy Scope Down [AWS Account: XXXXXXXXXXX]
Hello,
On November 30, 2020, CloudTrail’s current access policy (AWSCloudTrailAccessPolicy)
will be deprecated and replaced with a new version (AWSCloudTrail_FullAccess), which
has a reduced permission set.
The current AWSCloudTrailAccessPolicy will continue to work for existing accounts;
however, once the replacement occurs, it will not be able to be attached to new IAM
principals. For accounts with AWSCloudTrailAccessPolicy, no customer action is required
as these accounts will still have this policy attached; accounts without
AWSCloudTrailAccessPolicy will not be able to view this policy for attachment after it is
deprecated. These changes are intended to constrain the scope of CloudTrail’s full