user3086014
Reputation: 4511
IAM policy not working
I have an IAM policy which is as :
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "TheseActionsDontSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": ["ec2:Describe*"],
"Resource": "*"
},
{
"Sid": "TheseActionsSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": [
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:StopInstances",
"ec2:StartInstances"
],
"Resource": "arn:aws:ec2:us-east-1:127890:instance/i-31f"
}
]
}
But this policy is not working for me. Kindly help
Upvotes: 0
Views: 410
Answers (1)
Rico
Reputation: 61521
You first need to describe what you need to accomplish but for starters, you are missing a ec2:DescribeInstances on the first Action statement:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "TheseActionsDontSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": "ec2:DescribeInstances",
"Resource": "*"
},
{
"Sid": "TheseActionsSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": [
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:StopInstances",
"ec2:StartInstances"
],
"Resource": "arn:aws:ec2:us-east-1:accountid:instance/id number"
}
]
}
Make sure you used the right accountid and the right instance id.
Upvotes: 1
Related Questions
- IAM Policy isn't allowing EC2 access
- AWS IAM policy for security group not working
- AWS IAM policy issue
- AWS EC2 IAM policy by default
- AWS IAM policy issues
- Cant see instance when apply a custom policy in IAM in AWS
- AWS IAM customized policy at instance level for EC2 doesn't work
- Simplest possible IAM Policy is Denied. Why?
- IAM Policy restricted to load balancer
- EC2 IAM Policy not working with ResourceTag