aws 所有区域的区域编号
We may encounter scenarios where we need to restrict user accounts & services to be accessed in particular regions and isolate other regions from the user. For example, you have two different environments (Production & Test) in two different regions. You want to restrict your dev team to only access the services in your test environment and not the ones in your production environment. In this case, region-based access is a handy thing. You can create an IAM user with a custom policy attached to it that lets the user access only the services in a specified region.
我们可能会遇到需要限制在特定区域访问用户帐户和服务并将其他区域与用户隔离的情况。 例如,您在两个不同的区域中有两个不同的环境(生产和测试)。 您想限制您的开发团队仅访问测试环境中的服务,而不能访问生产环境中的服务。 在这种情况下,基于区域的访问很方便。 您可以创建一个IAM用户,并附加一个自定义策略,该策略允许该用户仅访问指定区域中的服务。
In this article, we will have a step by step walkthrough on creating IAM policies with region-based access. We will be creating a policy for EC2 & S3 services and the region will be Mumbai (ap-south-1). If you don’t have an AWS account yet, you can signup for a free account here. If you already have an AWS account just log in to your account & go to the IAM service.
在本文中,我们将逐步介绍如何创建基于区域的访问的IAM策略。 我们将为EC2和S3服务制定政策,该地区将是孟买(ap-south-1)。 如果您还没有AWS账户,可以在此处注册一个免费账户。 如果您已经拥有一个AWS账户,只需登录到您的账户并转到IAM服务。
Follow the steps below to create a region-based access policy :
请按照以下步骤创建基于区域的访问策略:
Open the IAM service from your AWS dashboard and select Policies.
从您的AWS仪表板打开IAM服务,然后选择策略 。
Click on the “Create Policy” option.
单击“创建策略”选项。