Instantly share code, notes, and snippets.

Embed
What would you like to do?
AWS policy to limit EC2 usage to a specific region and instance type
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "limitedRegion",
"Action": "ec2:*",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ec2:Region": "us-east-1"
}
}
},
{
"Sid": "limitedSize",
"Effect": "Deny",
"Action": "ec2:RunInstances",
"Resource": "arn:aws:ec2:*:*:instance/*",
"Condition": {
"ForAnyValue:StringNotLike": {
"ec2:InstanceType": [
"t2.micro"
]
}
}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment