DEV Community

Garett Dunn
Garett Dunn

Posted on • Originally published at on

AWS EC2 - Limit an Instance's Access to its Own Tags

Here’s a dynamic way to allow an EC2 instance to modify its own tags, but no other instance’s. Enjoy.

  "Version": "2012-10-17",
  "Statement": [
      "Effect": "Allow",
      "Action": ["ec2:CreateTags", "ec2:DescribeTags"],
      "Resource": "*",
      "Condition": {
        "StringEquals": {
          "aws:ARN": "${ec2:SourceInstanceARN}"
Enter fullscreen mode Exit fullscreen mode

Top comments (0)

Want to Create an Account?
Now it's your turn!
🗒 Share a tutorial
🤔 Reflect on your coding journey
❓ Ask a question

Create an account to join hundreds of thousands of DEV members on their journey.