I want to limit the usage of AWS account to a single region but allowing the global services, but the below simple statement and not enough for my purpose:
{
"Sid": "DisableRegions",
"Effect": "Deny",
"Action": "*",
"Resource": "*",
"Condition": {
"StringNotEquals": {
"aws:RequestedRegion": [
"eu-central-1"
]
}
}
}
Also, I would have an S3 bucket in this region.
Any help!