IAM create policy allowing only one region but all global services necessary

Question

1 Answer

Related questions

0 votes

1 answer

Create IAM role only with managed CloudFormation policy

asked Jan 13, 2021 in AWS by devin (5.6k points)

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes

1 answer

Create a single IAM user to access only specific S3 bucket

asked Dec 21, 2020 in AWS by devin (5.6k points)

0 votes

1 answer

IAM Policy simulator - unexpected denied ListAllBuckets for S3

asked Dec 30, 2020 in AWS by devin (5.6k points)

0 votes

1 answer

Create a read only IAM user in AWS

asked Dec 1, 2020 in AWS by devin (5.6k points)

0 votes

1 answer

Which IAM policy provides permissions to resolve issues with AWS?

asked Oct 28, 2020 in AWS by Sudhir_1997 (55.6k points)

kritika · Answer 1 · 2020-12-21T07:52:27+0000

You can refer to the below sample code:

{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AdministratorAccessForRegionFrankfurt",
"Effect": "Allow",
"Action": "*",
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:RequestedRegion": [
"eu-central-1"
]
}
}
},
{
"Sid": "AllowGlobalServices",
"Effect": "Allow",
"Action": [
"aws-portal:*",
"awsbillingconsole:*",
"iam:*",
"sts:*",
"health:*",
"support:*",
"budgets:*",
"cloudfront:*",
"organizations:*",
"trustedadvisor:*",
"shield:*",
"waf:*",
"waf-regional:*",
"route53:*",
"route53domains:*",
"tag:*",
"resource-groups:*",
"s3:Get*",
"s3:List*",
"s3:Head*",
"glacier:List*",
"glacier:Describe*",
"glacier:Get*"
],
"Resource": "*"
},
{
"Sid": "AllowACMInUSEastAsWell",
"Effect": "Allow",
"Action": "acm:*",
"Resource": "*",
"Condition": {
"StringEquals": {
"aws:RequestedRegion": [
"us-east-1"
]
}
}
}
]
}

Hope this works.

Do Check out the AWS Certification Course offered by Intellipaat.

IAM create policy allowing only one region but all global services necessary

1 Answer

Related questions

Browse Categories