AWS Classroomnotes 19/Mar/2023

Activity 4: Create an IAM Policy to Start and Stop Ec2 instances

  • Create an IAM Policy to Start and Stop Ec2 instances, if the ec2 instance is in ap-south-1 region and in other regions only give read permissions
  • Every resource created in AWS will have unique ARN
  • ARN for EC2 arn:${Partition}:ec2:${Region}:${Account}:instance/${InstanceId}
  • To fill this Refer Here
  • In our case

Activity 5: Create an IAM Policy to allow user to delete bucket if the region is only us-west-2

  • Condition keys based on Actions and then there are global condition keys Refer Here
  • We have condition block
  • Refer Here for changes
  • Exercise: Create an IAM policy to give full access to ec2 in all regions but oregon

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About continuous learner

devops & cloud enthusiastic learner