<div>
Just use the normal iptables tool.<br />
<br />
This will also allow easier escape from AWS, if you ever require moving your hosting.
</div>


Just use the normal iptables tool.

This will also allow easier escape from AWS, if you ever require moving your hosting.

<div>
Hi<br />
You might need to fix the condition syntax for YAML<br />
<br />
Version: '2012-10-17'<br />
Statement:<br />
&nbsp; Effect: Deny<br />
&nbsp; Action: &quot;*&quot;<br />
&nbsp; Resource: &quot;*&quot;<br />
&nbsp; Condition:<br />
&nbsp; &nbsp; NotIpAddress:<br />
&nbsp; &nbsp; &nbsp; aws:SourceIp:<br />
&nbsp; &nbsp; &nbsp; - 192.168.0.0/16<br />
&nbsp; &nbsp; &nbsp; - ...any other subnet/ip<br />
<br />
or &nbsp; &nbsp; &nbsp; aws:SourceIp: 192.168.0.0/16<br />
<br />
if no other subnets/ip ranges are there
</div>


Hi
You might need to fix the condition syntax for YAML

Version: '2012-10-17'
Statement:
  Effect: Deny
  Action: "*"
  Resource: "*"
  Condition:
    NotIpAddress:
      aws:SourceIp:
      - 192.168.0.0/16
      - ...any other subnet/ip

or       aws:SourceIp: 192.168.0.0/16

if no other subnets/ip ranges are there

<div>
<div class="content wysiwyg-content">
I am trying to deny AWS services based on users outside an accepted IP address range. I am trying to use a cloudformation script in yml to create a policy. I am a bit new to yml so any advice/help would be appreciated.<br />
<a href="https://filedb.experts-exchange.com/incoming/2018/11_w45/1400864/deny-ipaddress.yml" target="_blank" class="file-inline" title="yml file to run AWS cloudformation script for denying outside of IP address range (464 bytes)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>deny-ipaddress.yml</a>
</div>
</div>


yml file to run AWS cloudformation script for denying outside of IP address range

deny-ipaddress.yml

I am trying to deny AWS services based on users outside an accepted IP address range. I am trying to use a cloudformation script in yml to create a policy. I am a bit new to yml so any advice/help would be appreciated.

Need help with Cloudformation script to deny based on IP address

Amazon Web Services (AWS), is a collection of remote computing services, also called web services, that make up a cloud-computing platform  operated from 11 geographical regions across the world. The most central and well-known of these services include Amazon Elastic Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as "S3". Other services include Elastic MapReduce (EMR), Route 53 (a DNS web service),  provides a highly available and scalable Domain Name System (DNS) web service, Virtual Private Cloud (VPC), storage, database, deployment and application services.