Restricting the permissions for all users of attaching a public IP to EC2/VM in GCP/AWS/Azure
Question
Is there some policy wherein we can restrict users for attaching public IPs to the VM in all the three clouds.
3 answers
solution1
0 2022-07-06 07:47:46
In GCP We can use organization policies to restrict Public IP on VMs.
https://cloud.google.com/blog/topics/developers-practitioners/limiting-public-ips-google-cloud
solution2
0 2022-07-06 12:14:40
By using IAM roles and Permissions we can restrict user to attaching a public ip to a VM in GCP
In gcp we have a Compute Public IP Admin role where the only user who has this role will have Full control of public IP address management for Compute Engine.
For more information follow Compute Engine IAM roles and permissions .
solution3
0 2022-08-24 11:49:04
In Azure, you can use policies to audit or restrict what can or cannot be done.
The policies can be applied on subscription level or resource group level.
There is a built-in policy named "Network interfaces should not have public IPs" that does exactly what you describe.
https://docs.microsoft.com/en-us/azure/virtual-network/policy-reference
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.