1 個回答
- 最新
- 最多得票
- 最多評論
0
Hi @Ed, I modified the policy just to reflect the tag keys applicable in my environment, the policy below: { "Version": "2012-10-17", "Statement": [ { "Sid": "DenyEC2CreationSCP1", "Effect": "Deny", "Action": [ "ec2:RunInstances" ], "Resource": [ "arn:aws:ec2:::instance/", "arn:aws:ec2:::volume/" ], "Condition": { "Null": { "aws:RequestTag/CostCode": "True" } } }, { "Sid": "DenyEC2CreationSCP2", "Effect": "Deny", "Action": [ "ec2:RunInstances" ], "Resource": [ "arn:aws:ec2:.:instance/", "arn:aws:ec2:.:volume/" ], "Condition": { "Null": { "aws:RequestTag/Project_Team": "True" } } } ] }
已回答 2 年前
相關內容
- AWS 官方已更新 8 個月前
- AWS 官方已更新 2 年前
Did you make any changes to the SCP in the blog post - if so, could you post the exact SCP you're using?