data "aws_iam_policy_document" "hello" {
statement {
sid = "VisualEditor0"
effect = "Allow"
resources = ["arn:<PARTITION>:ec2:<REGION>:<ACCOUNT_ID>:instance/${ec2:InstanceID}"]
actions = ["ec2:CreateTags"]
condition {
test = "StringLike"
variable = "ec2:SourceInstanceARN"
values = ["arn:<PARTITION>:ec2:<REGION>:<ACCOUNT_ID>:instance/${ec2:InstanceID}"]
}
}
}
Created
February 27, 2023 18:49
-
-
Save nitrocode/7911d864d37f97cdf4dc4bce7cfdbbe5 to your computer and use it in GitHub Desktop.
IAM policy to describe and create tags on its own instance
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment