CODEWITHSUNDEEP
amazon-web-servicesamazon-ec2amazon-iamelastic-ip
Buh Buh
Buh Buh

Reputation: 7546

AWS Policy to grant access only to EC2 with no Elastic IPs

Is there a way to write an AWS policy which can detect if an EC2 has an Elastic IP is associated to it?

I want to ensure that I protect any EC2 which has an Elastic IP.

Here is a pseudocode of what I want. "ec2:ElasticIpAssociated" is not a real property and needs replacing with something better.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "TerminateUnusedInstances",
            "Effect": "Allow",
            "Action": [
                "ec2:TerminateInstances"
            ],
            "Resource": "*",
            "Condition": {
                "Bool": {
                    "ec2:ElasticIpAssociated": "false"
                }
            }
        }
    ]
}

Upvotes: 0

Views: 29

Answers (0)

Related Questions