If You Delete and Redeploy a Principal Referenced in an AWS Policy, Will Your Policy Still Work?

ACM.414 Will your CloudFormation stack update the policy if you redeploy it?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: AWS Organizations | IAM | Deploying a Static Website

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In the last post I deployed one account.

Deploying an AWS Account Using a Deployment Container

I wanted to fix a naming issue before I deployed the rest of the accounts but that led me down another rabbit hole of problems. Here’s one of them.

I’ve had this recurring issue on AWS and I’m not sure I like the way it is implemented.

This issue happens in role trust policies, resource policies like KMS and I presume the same would happen in other types of policies as well.