Explore! IAM User Region Specific Access Restrictions to AWS Services

#aws #ec2instance #iamuser #iampolicy

“ I have checked the documents of AWS to resolve the issue of region specific access restrictions to users. So I checked the solution and found out that it can be possible with the IAM policies condition option. Pricing of Amazon EC2 depends on usage of instance and IAM includes no costs.”

AWS Identity and Access Management (IAM) provides fine-grained access control across all of AWS. With IAM, you can specify who can access which services and resources, and under which conditions. With IAM policies, you manage permissions to your workforce and systems to ensure least-privilege permissions. IAM is an AWS service that is offered at no additional charge. To learn more, read the IAM.

In this post, you will get to know how to explore! IAM user region specific access restrictions to aws services. Here I have used an ec2 server and iam policy which makes restrictions on IAM user region specific access.

Prerequisites

You’ll need an Amazon EC2 Server for this post. Getting started with amazon EC2 provides instructions on how to launch an EC2 Server. For this blog, I assume that I have an ec2 server created in N.Virginia and Oregon region.

Architecture Overview

The architecture diagram shows the overall deployment architecture with data flow, amazon ec2 and IAM User.

Solution overview

The blog post consists of the following phases:

Create IAM User with Required Policy and Verify the User Login
Update of IAM Policy with Region Restrict Permission and Verify the User Access for EC2

I have a ec2 server in N.Virginia and a ec2 server in Oregon region as below →

Phase 1: Create IAM User with Required Policy and Verify the User Login

Open the IAM console and create an IAM user with required policy. Also login with IAM user credentials and verify the ec2 instance visibility in N.Virginia and Oregon region.