Articles → AWS → Tag Based Policy In AWS

Tag Based Policy In AWS






Steps




  1. Create a policy
  2. Create a user
  3. Create 2 DB instances
  4. Apply tags on the databases
  5. Test the policy



Create A Policy




{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "rds:DescribeDBInstances",
                "rds:DescribeDBClusters",
                "rds:DescribeGlobalClusters"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "rds:RebootDBInstance",
                "rds:StartDBInstance",
                "rds:StopDBInstance"
            ],
            "Resource": "*",
            "Condition": {
                "StringEquals": {
                    "rds:db-tag/Environment": "Production"
                }
            }
        }
    ]
}




Picture showing the policy created in AWS console

Click to Enlarge


Create A User




Picture showing a user created in AWS console

Click to Enlarge


Create 2 DB Instances




Picture showing the 2 DB instances created in AWS RDS

Click to Enlarge


Apply Tags On The Databases




Picture showing the tag added in database-1

Click to Enlarge

Picture showing the tag added in database-2

Click to Enlarge


Test The Policy






Picture showing the error message when user tries to reboot database-2

Click to Enlarge



Picture showing the database-1 reboot in progress

Click to Enlarge


Posted By  -  Karan Gupta
 
Posted On  -  Tuesday, May 17, 2022

Query/Feedback


Your Email Id  
 
Subject 
 
Query/FeedbackCharacters remaining 250