By using AWS re:Post, you agree to the Terms of Use
/Region restriction scp - how to allow for von account Service in US-East/

Region restriction scp - how to allow for von account Service in US-East

0

Hello how can i modify the following SCP that one account in our AWS organization can use though Lambda in all US-EAST Regions.

{
"Version": "2012-10-17",
"Statement": [
{
"NotAction": [
"a4b:",
"acm:
",
"aws-marketplace-management:",
"aws-marketplace:
",
"aws-portal:",
"access-analyzer:
",
"awsbillingconsole:",
"budgets:
",
"ce:",
"chime:
",
"cloudfront:",
"cloudwatch:
",
"config:",
"cur:
",
"directconnect:",
"ec2:DescribeRegions",
"ec2:DescribeTransitGateways",
"ec2:DescribeVpnGateways",
"fms:
",
"globalaccelerator:",
"health:
",
"iam:",
"importexport:
",
"kms:",
"mobileanalytics:
",
"networkmanager:",
"organizations:
",
"pricing:",
"resource-groups:
",
"route53:",
"route53domains:
",
"s3:GetAccountPublic*",
"s3:ListAllMyBuckets",
"s3:PutAccountPublic*",
"shield:",
"sts:
",
"sns:",
"support:
",
"trustedadvisor:",
"waf-regional:
",
"waf:",
"wafv2:
",
"wellarchitected:"
],
"Resource": [
"
"
],
"Effect": "Deny",
"Condition": {
"StringNotEquals": {
"aws:RequestedRegion": [
"eu-central-1",
"eu-west-1",
"eu-west-2",
"eu-west-3",
"eu-north-1"
]
}
}
}
]
}

asked a year ago27 views
1 Answers
0

Hello this is my second account i cant reach the other one anymore, not sure if it really makes sense to link a Forum Accout to real AWS one....! No one has a Tip so far?

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions