c.
Paste the following JSON into the JSON editor.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Deny",
"Action": [
"ec2:TerminateInstances",
"ec2:RunInstances"
],
"Resource": "arn:aws:ec2:MY-REGION:ACCOUNT-
ID:instance/*",
"Condition": {
"StringNotEquals": {
"ec2:InstanceType": "t2.micro"
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"ec2:DeregisterImage",
"ec2:DescribeInstances",
"ec2:ImportKeyPair",
"ec2:DescribeTags",
"ec2:DescribeSnapshotAttribute",
"ec2:DescribeInstanceAttribute",
"ec2:RegisterImage",
"ec2:DescribeSnapshots",
"ec2:DescribeInstanceCreditSpecifications",
"ec2:DescribeSecurityGroups",
"ec2:DescribeVolumeAttribute",
"ec2:DescribeImages",
"ec2:DescribeVolumeStatus",
"ec2:DescribeVpcs",
"ec2:DescribeVolumes",
"ec2:DescribeAccountAttributes",
"ec2:DescribeSubnets",
"ec2:DescribeKeyPairs",
"ec2:DeleteKeyPair",
"ec2:DescribeInstanceStatus"
],
"Resource": "*"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"ec2:DetachVolume",
"ec2:AttachVolume",
"ec2:CreateTags"
],
Chapter 7
Create and Deploy OCSBC Instances on EC2
7-18
