1 個回答
- 最新
- 最多得票
- 最多評論
0
The following policy ensures that only EC2 instances, volumes and snapshots will launched if they have an "application" key with any value except null value.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Action": [
"ec2:CreateSnapshot",
"ec2:CreateVolume",
"ec2:RunInstances"
],
"Resource": [
"arn:aws:ec2:*::snapshot/*",
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:volume/*"
],
"Condition": {
"StringNotLike": {
"aws:RequestTag/application": "?*"
}
}
}
]
}
已回答 4 年前
相關內容
- 已提問 6 個月前
- 已提問 6 個月前
- AWS 官方已更新 3 年前
I tried to implement something almost exactly like this without luck. Are we sure this works?