It certainly seemed difficult to narrow it down with the condition key. https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html#amazonec2-actions-as-permissions
It's not a radical solution, but why not store the contents of UserData in S3 and control browsing within S3?
I thought it would be good to unify the EC2 user data by getting, unpacking, and executing the UserData object in S3.
How do I Read PrincipalTags from Cognito Identity?asked 7 months ago
how can i make s3 bucket make public for single iam user or root user or owner of bucketasked 3 months ago
Is there any way to create and access game data bundles and items that do not bounds to user? Shared bundlesasked 6 months ago
Deny access of read for i am user for instance attribute user dataasked a month ago
Deny EFS actions to all but specific userAccepted Answerasked a year ago
Need to restrict IAM userasked a month ago
Use CLI to see "user data"?Accepted Answerasked 3 years ago
S3 bucket policy to allow access through VPC endpoint and an IAM user onlyasked 4 months ago
Create IAM user for a specific EC2 instanceasked 4 months ago
How to restrict user to modify instance (ec2:ModifyInstanceAttribute)asked 3 years ago