AWS IAM policy for limiting the users access to a group of instance with a particular Tag Name.
The TAGNAME and VALUE will be
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:RebootInstances"
],
"Condition": {
"StringEquals": {
"ec2:ResourceTag/TAGNAME": "VALUE"
}
},
"Resource": "arn:aws:ec2:eu-east-0:123654456123:instance/*"
}
]
}
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:RebootInstances"
],
"Condition": {
"StringEquals": {
"ec2:ResourceTag/TAGNAME": "VALUE"
}
},
"Resource": "arn:aws:ec2:eu-east-0:123654456123:instance/*"
}
]
}
No comments:
Post a Comment