...
Add this policy to a managed policy, user, role, or group to restrict the scope of EC2 activity to just us-east-1 AWS region. Since it is a DENY rule, it would override any ALLOW rules in the policy, user, role, or group.
| Code Block |
|---|
{
"Version": "2012-10-17",
"Statement": [
{
"Condition": {
"StringNotEquals": {
"ec2:Region": "us-east-1"
}
},
"Action": "ec2:*",
"Resource": "*",
"Effect": "Deny"
}
]
} |