1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
Hi @Ed, I modified the policy just to reflect the tag keys applicable in my environment, the policy below: { "Version": "2012-10-17", "Statement": [ { "Sid": "DenyEC2CreationSCP1", "Effect": "Deny", "Action": [ "ec2:RunInstances" ], "Resource": [ "arn:aws:ec2:::instance/", "arn:aws:ec2:::volume/" ], "Condition": { "Null": { "aws:RequestTag/CostCode": "True" } } }, { "Sid": "DenyEC2CreationSCP2", "Effect": "Deny", "Action": [ "ec2:RunInstances" ], "Resource": [ "arn:aws:ec2:.:instance/", "arn:aws:ec2:.:volume/" ], "Condition": { "Null": { "aws:RequestTag/Project_Team": "True" } } } ] }
답변함 2년 전
Did you make any changes to the SCP in the blog post - if so, could you post the exact SCP you're using?