[英]In AWS, policy to deny permissions to delete volume in particular availability zone in region in EC2 with JSON to IAM user
写入策略 i JSON,这将拒绝删除新加坡地区 ap-southeast-1a(可用区)中的卷。
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "ec2:*",
"Resource": "*"
},
{
"Sid": "VisualEditor1",
"Effect": "Deny",
"Action": "ec2:DeleteVolume",
"Resource": "arn:aws:ec2:ap-southeast-1:*:volume/*",
"Condition": {
"StringEquals": {
"ec2:availabilityzone": "ap-southeast-1a"
}
}
}
]
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.