Aws IAM Policy for user to start/stop Ec2 instance
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ExamplePolicies_EC2.html
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt14435321355",
"Action": [
"ec2:DescribeInstances"
],
"Effect": "Allow",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ec2:StopInstances",
"ec2:StartInstances"
],
"Resource": [
"arn:aws:ec2:us-east-1:1234567890:instance/i-1234567890abcder"
]
f
]
}
Action::
The action is the specific API action for which you are granting or denying permission
http://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Operations.html
ec2:DescribeInstances -> allows user to view only instances
ec2:Describe* -> allows user to view all resources
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment