What does the following policy for Amazon EC2 do?

What does the following policy for Amazon EC2 do?

{

"Statement":[{

"Effect”: “Allow",

"Action":"ec2: Describe*",

"Resource":"*"

}]

}
A .  Allow users to use actions that start with "Describe" over all the EC2 resources.
B .  Share an AMI with a partner
C .  Share an AMI within the account
D .  Allow a group to only be able to describe, run, stop, start, and terminate instances

Answer: A

Explanation:

You can use IAM policies to control the actions that your users can perform against your EC2 resources.

For instance, a policy with the following statement will allow users to perform actions whose name start with "Describe" against all your EC2 resources.

{

"Statement":[{

"Effect”: “Allow",

"Action":"ec2: Describe*",

"Resource":"*"

}]

}

Reference: http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/UsingIAM.html

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments