- Le plus récent
- Le plus de votes
- La plupart des commentaires
You can do this by tagging your instance(s) with a particular value (say, Accounts
) and then writing an IAM policy which allows access to EC2 resources with that tag: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/control-access-with-tags.html
It is as easy as including "StringEquals": { "aws:ResourceTag/environment": "Accounts" }
in the Condition
part of the IAM policy.
There are many other examples in the documentation.
Note that you're going to have to define what you mean by "access". The IAM policy allows you to control who can administer the instance(s) from the console or command-line interface or any other API. If you mean "who can SSH or RDP to the instance" then you might want to look at Session Manager or control access on the instance itself using the operating system controls.
Contenus pertinents
- demandé il y a un an
- demandé il y a 7 mois
- demandé il y a 2 mois
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a un an