AWS Single AMI Permissions


Hi all,

Please could you assist me as this has been driving me a little crazy over the past few days. I have been asked to create a new IAM user in our AWS (which I have done) and out of a bundle of custom AMI's we have here to only give this new user access to 1 single image only.

Is this actually possible? I have read up on policies for that user and tried all sorts of policy attributes but it either gives full access to all AMI's or nothing. I just cannot work out a way to restrict it to 1 single AMI ID.

Any assistance would be amazing.

Thanks in advance.

PS - I am not a qualified AWS engineer and simply using Google to learn bits. So please be kind.

1 Antwort

How about something like this:

  "Version": "2012-10-17",
  "Statement": [
      "Sid": "Stmt1692107502751",
      "Action": [
      "Effect": "Allow",
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "ec2:ImageID": "ami-0123456789"
profile pictureAWS
beantwortet vor 10 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen