Open Zeebrow opened 2 years ago
Enforce tagging policy on user/role with:
{
"Effect": "Allow",
"Action": [
"ec2:CreateTags"
],
"Resource": [
"arn:aws:ec2:*:865386952527:key-pair/*",
"arn:aws:ec2:*:865386952527:security-group/*",
"resource 3",
"resource 4"
],
"Condition": {
"ForAllValues:StringEquals": {
"aws:TagKeys": [
"Name",
"quickhost"
]
},
"ForAnyValue:StringEquals": {
"aws:TagKeys": ["quickhost"]
}
}
}
Require a vpc id in order to create policies
Suggestions:
https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_resource.html