1 Answer
- Newest
- Most votes
- Most comments
0
Okay, i suppose i found the answer myself, i probably need to add something like
"Condition": {
"StringEquals": {
"iam:ResourceTag/SSMSessionRunAs": "${aws:username}"
}
}
to the "Trust relationship" in the Role. Then each user will need to provide exact the same Tag while assuming the role as their IAM username is, and by using this separation i can separate users in EC2 instance.
answered 2 years ago
Relevant content
- asked 2 years ago
- asked a year ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
$PSStyle.OutputRendering = 'PlainText'