vg30e
asked on
Need help with Cloudformation script to deny based on IP address
I am trying to deny AWS services based on users outside an accepted IP address range. I am trying to use a cloudformation script in yml to create a policy. I am a bit new to yml so any advice/help would be appreciated.
deny-ipaddress.yml
deny-ipaddress.yml
Hi
You might need to fix the condition syntax for YAML
Version: '2012-10-17'
Statement:
Effect: Deny
Action: "*"
Resource: "*"
Condition:
NotIpAddress:
aws:SourceIp:
- 192.168.0.0/16
- ...any other subnet/ip
or aws:SourceIp: 192.168.0.0/16
if no other subnets/ip ranges are there
You might need to fix the condition syntax for YAML
Version: '2012-10-17'
Statement:
Effect: Deny
Action: "*"
Resource: "*"
Condition:
NotIpAddress:
aws:SourceIp:
- 192.168.0.0/16
- ...any other subnet/ip
or aws:SourceIp: 192.168.0.0/16
if no other subnets/ip ranges are there
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
This will also allow easier escape from AWS, if you ever require moving your hosting.