Show only selected servers in session manager

0

Hi,

I am currently using session manager to provide access to all servers via session manager which is working as intended.

The issue comes where I got another set of users who require access to certain servers.

Is there anyway, only the servers that is required will be shown up in the session manager. I tried to edit the ec2:DescribeInstances but I just can't get it working.

Would require assistance with this.

Alezz81
已提問 12 天前檢視次數 12 次
1 個回答
0

Unfortunately, it is not possible to configure an IAM policy to allow viewing only of specific EC2 instances.

The reason for this is that most display actions, such as ec2:DescribeInstances, do not support "resource-level permissions. This means that you can only set either "show all EC2 instances" or "don't show all EC2 instances". https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html#amazonec2-actions-as-permissions

It seems that it is possible to set up a policy such that only certain EC2 sessions are initiated. https://docs.aws.amazon.com/systems-manager/latest/userguide/getting-started-restrict-access-examples.html#restrict-access-example-instances

profile picture
已回答 12 天前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南