AWS IAM Conditions
Activity 6: Create an IAM Policy to allow user to terminate instance if the type is t2.micro
- Action: ec2:TerminateInstances
- Refer Here for the policy created.
Activity 7: Allow user to Create ec2 instance if the type is t2.micro and region is mumbai
{
"Version": "2012-10-17",
"Statement": [
{
"Effect" : "Allow",
"Action": ["ec2:*", "cloudwatch:Describe*", "elasticloadbalancing:Describe*", "autoscaling:Describe*"],
"Resource": "*"
},
{
"Effect": "Deny",
"Action": ["ec2:RunInstances"],
"Resource": "*",
"Condition": {
"StringNotEquals": {
"ec2:Region": "ap-south-1",
"ec2:InstanceType": "t2.micro"
}
}
}
]
}
- This policy is not working if the region is mumbai and instance type is not t2.micro
Like this:
Like Loading...
