Exercise: 1
- Create an IAM Policy to give user access to view ec2 machines and create/delete/view s3 buckets
{
"Version": "2012-10-17",
"Statement" : [
{
"Effect": "Allow",
"Action": ["s3:*"],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": ["ec2:Describe*"],
"Resource": "*"
}
]
}
Exercise-2:
- Create an IAM Policy to give user access to view ec2 machines and view s3 buckets and create and delete specific bucket "khajalearning.com"
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": ["arn:aws:s3:::khajalearning.com","arn:aws:s3:::khajalearning.com/*"]
},
{
"Effect": "Allow",
"Action": [
"s3:get*", "s3:List*", "s3:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ec2:Describe*"
],
"Resource": "*"
}
]
}
Exercise-2:
- Create an IAM Policy to give user access to view ec2 machines and view s3 buckets and create and delete specific bucket "khajalearning.com" and permissions to start or stop specific ec2 machine with instance id "i-0483025fca106795c"
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": ["arn:aws:s3:::khajalearning.com","arn:aws:s3:::khajalearning.com/*"]
},
{
"Effect": "Allow",
"Action": [
"s3:get*", "s3:List*", "s3:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ec2:Describe*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": ["ec2:StartInstances", "ec2:StopInstances"],
"Resource": "arn:aws:ec2:us-west-2:798279872530:instance/i-0483025fca106795c"
}
]
}
Exercise 4:
- Create an IAM Policy to start all the ec2 machines but not for one ec2 machine.
