How to Access AWS EC2 instance on Specific Dates using IAM Policy

March 11, 2023 / Sagar/Shanky / Leave a comment

Do you know you can restrict the user or group of IAM users to access AWS services to be accessed with a single policy.

In this quick tutorial you will learn how to Access AWS EC2 instance on Specific Dates using IAM Policy

Lets get started.

Prerequisites

AWS account
Permissions to create IAM Policy

Creating IAM Policy to Access AWS EC2 instance on Specific Dates

Lets describe the below IAM Policy in the AWS Cloud.

Version is Policy version which is fixed.
Effect is Allow in statement as we want to allow users or group be able to Describe AWS EC2 instance.
Resources are * wild character as we want action to be allowed for all AWS EC2 instances.
This policy allows users or groups to describe instance within specific dates using DateGreaterthan and DateLessThan attributes within the Condition.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            
            "Action": "ec2:DescribeInstances",
            "Resource": "*",
            "Condition": {
                "DateGreaterThan": {"aws:CurrentTime": "2023-03-11T00:00:00Z"},
                "DateLessThan": {"aws:CurrentTime": "2020-06-30T23:59:59Z"}
            }
        }
    ]
}

Conclusion

This tutorial demonstrated that if you need to create a IAM Policy to Deny AWS Resources outside AWS Regions.