This hands-on lab will guide you through the steps to configure example AWS Identity and Access Management (IAM) policies, and a AWS IAM role with associated permissions to use EC2 resource tags for access control. Using tags is powerful as it helps you scale your permission management, however you need to be careful about the management of the tags which you will learn in this lab. In this lab you will create a series of policies attached to a role that can be assumed by an individual such as an EC2 administrator. This allows the EC2 administrator to create tags when creating resources only if they match the requirements, and control which existing resources and values they can tag.
The skills you learn will help you secure your workloads in alignment with the AWS Well-Architected Framework.
AWS Identity and Access Management User Guide IAM Best Practices and Use Cases Become an IAM Policy Master in 60 Minutes or Less Actions, Resources, and Condition Keys for Identity And Access Management