En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

How do i give IAM Permissions to a Group to manage a Specific EC2 Instance.

0

I have a group called "accounts" with 5 users added to it. I want to include a group permission that allows these 5 users to have access to an EC2 Instance called Accounts. They wont have access to other instances just this instance alone. Thank you. I would appriciate the JSON code with the specific names as mentioned above.

Sujets
Sécurité, identité et conformitéCalculGestion et gouvernance
Balises
Gestion des identités et des accès AWSAmazon EC2AWS Account ManagementPolitiques IAM
Langue
English
Tech Monster
demandé il y a un an376 vues
1 réponse
1

You can do this by tagging your instance(s) with a particular value (say, Accounts) and then writing an IAM policy which allows access to EC2 resources with that tag: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/control-access-with-tags.html

It is as easy as including "StringEquals": { "aws:ResourceTag/environment": "Accounts" } in the Condition part of the IAM policy.

There are many other examples in the documentation.

Note that you're going to have to define what you mean by "access". The IAM policy allows you to control who can administer the instance(s) from the console or command-line interface or any other API. If you mean "who can SSH or RDP to the instance" then you might want to look at Session Manager or control access on the instance itself using the operating system controls.

profile pictureAWS
EXPERT
Brettski-AWS
répondu il y a un an

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents