Controlling User Actions Using AWS Tags

AWS tags can be used to organize your deployed resources, for billing for example, but they can also be used as a condition for policies.

This will allow you to allow or deny an action based on the tag value.

In this video, I explain the concept of using AWS tags for that purpose.

If the mood strike, subscribe and hit that like button 👍

Policy json code:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeInstances",
                "ec2:StartInstances",
                "ec2:StopInstances",
                "ec2:DescribeInstanceStatus"
            ],
            "Resource": "*",
            "Condition": {
                "StringEquals": {
                    "aws:PrincipalTag/Operator": "true"
                }
            }
        }
    ]
}

What is a VPC Interface Endpoint
Managing Users In Kubernetes
Accessing Private S3 Buckets Without Credentials
Unauthorized: Application not registered with AAD
Accessing Kubernetes API From Inside The POD

Stoun in AWS | October 21, 2020

Controlling User Actions Using AWS Tags

Related Posts:

Cancel Reply

Share your thoughts