Amazon EC2:允许以编程方式和在控制台中启动或停止用户已标记的 EC2 实例 - AWS Identity and Access Management

Amazon EC2:允许以编程方式和在控制台中启动或停止用户已标记的 EC2 实例

此示例说明了如何创建 IAM 策略以允许 IAM 用户启动或停止 EC2 实例,但仅限实例标签 Owner 具有该用户的用户名值时。此策略定义了程序访问和控制台访问的权限。

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:StartInstances", "ec2:StopInstances" ], "Resource": "arn:aws:ec2:*:*:instance/*", "Condition": { "StringEquals": { "aws:ResourceTag/Owner": "${aws:username}" } } }, { "Effect": "Allow", "Action": "ec2:DescribeInstances", "Resource": "*" } ] }