1 Resposta
- Mais recentes
- Mais votos
- Mais comentários
0
Unfortunately, it is not possible to configure an IAM policy to allow viewing only of specific EC2 instances.
The reason for this is that most display actions, such as ec2:DescribeInstances, do not support "resource-level permissions. This means that you can only set either "show all EC2 instances" or "don't show all EC2 instances". https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html#amazonec2-actions-as-permissions
It seems that it is possible to set up a policy such that only certain EC2 sessions are initiated. https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-restrict-access-examples.html#restrict-access-example-instances
respondido há um ano
Conteúdo relevante
- AWS OFICIALAtualizada há um ano
- AWS OFICIALAtualizada há 10 meses
- AWS OFICIALAtualizada há 3 anos
- AWS OFICIALAtualizada há 3 anos