1 Answer
- Newest
- Most votes
- Most comments
0
Hi @Ed, I modified the policy just to reflect the tag keys applicable in my environment, the policy below: { "Version": "2012-10-17", "Statement": [ { "Sid": "DenyEC2CreationSCP1", "Effect": "Deny", "Action": [ "ec2:RunInstances" ], "Resource": [ "arn:aws:ec2:::instance/", "arn:aws:ec2:::volume/" ], "Condition": { "Null": { "aws:RequestTag/CostCode": "True" } } }, { "Sid": "DenyEC2CreationSCP2", "Effect": "Deny", "Action": [ "ec2:RunInstances" ], "Resource": [ "arn:aws:ec2:.:instance/", "arn:aws:ec2:.:volume/" ], "Condition": { "Null": { "aws:RequestTag/Project_Team": "True" } } } ] }
answered 2 years ago
Relevant content
- asked 2 years ago
- asked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated a year ago
Did you make any changes to the SCP in the blog post - if so, could you post the exact SCP you're using?