Alok Nath
Reputation: 425
How to restrict creating AWS vpc if the CIDR in range 172.x.x.x/x using policies?
We've shared AWS accounts among multiple teams and even though we ask not to create identical VPCs, there is always a case.
So my question is, how can we achieve this via policies (or if there is another way), that we define the set of CIDRs in AWS account policy so that when somebody creates a VPC with a CIDR that belongs to one of those, it throws an error?
Thank you.
Upvotes: 0
Views: 61
Answers (1)
Marcin
Reputation: 238199
when somebody creates a VPC with a CIDR that belongs to one of those, it throws an error?
No there is no such IAM policies. You have to develop your own custom solution for that. For example, trigger a lambda function based on CloudTrial events for creating VPC, and have the lambda function verify the CIDRs.
Upvotes: 1
Related Questions
- How can I restrict my AWS SES verified domain to only a specific VPC IP range?
- Subnet IPv4 CIDR Block
- Limitations on starting point of cidr ranges
- CIDR blocks for AWS VPC and its subnets
- Unable to extend VPC CIDR range
- AWS IAM Policy - Restrict VPC Tenancy
- Amazon VPC n^2 -4 IP Addresses? CIDR Block
- How to validate an invalid CIDR block?
- Limiting IPs with ACL rules in AWS
- AWS - Acceidentally created VPC in 172.168.0.0/16 CIDR block, effects?