AWS dynamic secrets works great however, I don’t understand how to write an ACL that limits access to certain roles.
I have 2 AWS roles: s3-role and ec2-role. I would like group A to only be able to generate an AccessKey/Secret with the s3-role only and not be allowed to generate ec2-role creds.
Is this possible? Or do I need to create another AWS Secret?