AWS tags can be used to organize your deployed resources, for billing for example, but they can also be used as a condition for policies.
This will allow you to allow or deny an action based on the tag value.
In this video, I explain the concept of using AWS tags for that purpose.
If the mood strike, subscribe and hit that like button
Policy json code:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:DescribeInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:DescribeInstanceStatus" ], "Resource": "*", "Condition": { "StringEquals": { "aws:PrincipalTag/Operator": "true" } } } ] }
The post Controlling User Actions Using AWS Tags appeared first on vNugget.