How to goup EC2 instances in order to delegate administrations to differents teams?

Posted by Olivier on Server Fault See other posts from Server Fault or by Olivier
Published on 2012-09-07T09:21:46Z Indexed on 2012/09/07 9:39 UTC
Read the original article Hit count: 260

Is it possible (using ARN) to make severals groups of instances. Then using differents policy to grant some access to a group of instance only and not the other instances?

For example :

{
  "Statement": [
    {
      "Action": "ec2:*",
      "Effect": "Allow",
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "elasticloadbalancing:*",
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "cloudwatch:*",
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "autoscaling:*",
      "Resource": "*"
    }
  ]
}

Instead of "*" could we use a group or something like that? like a specific subnet? a Tag? or whatever...

Thanks for your help

© Server Fault or respective owner

Related posts about amazon-ec2

Related posts about amazon-web-services