MultiCloud Classroom notes 08/Mar/2025

Activity 5: Give Access to ec2 only in mumbai region

Give access to the user to create, start and stop instances in mumbai region and in all other regions ec2 readonly
Solution

{
    "Version": "2012-10-17",
    "Id": "activity5_mar2025",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2:Describe*",
                "ec2:GetSecurityGroupsForVpc"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "elasticloadbalancing:Describe*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "cloudwatch:ListMetrics",
                "cloudwatch:GetMetricStatistics",
                "cloudwatch:Describe*"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "autoscaling:Describe*",
            "Resource": "*"
        },
        {
            "Action": "ec2:*",
            "Effect": "Allow",
            "Resource": "*",
            "Condition": {
                "StringEquals": {
                    "aws:RequestedRegion": "ap-south-1"
                }
            }
        }

    ]
}

What are Roles in AWS IAM

A Role is permission given for an aws resource to access other aws resources.

I want to give permission for an ec2 instance with full acecss of s3

Watch classroom recording for a sample demonstration

What are groups in AWS IAM

Groups are collection of users which are available for organizing permissions.
Watch classroom recording for a sample demonstration

By continuous learner

devops & cloud enthusiastic learner

View all of continuous learner's posts.

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please turn AdBlock off

Animated Social Media Icons by Acurax Responsive Web Designing Company

Exit mobile version

%%footer%%