Posted On: Apr 25, 2018

AWS Identity and Access Management (IAM) now enables simplified permissions management by allowing you to use a single IAM policy condition across all AWS services to control access to specific regions. By adding the new global condition key ‘aws:RequestedRegion’ in the condition element of your IAM policy, you can control access to the regions in which an IAM principal (user or role) can perform AWS actions.

For example, you can specify the regions your developers can launch new EC2 instances, create databases in RDS, and create Lambda functions by using the single global condition key in your IAM policy.

To learn more about this new global condition, please visit AWS Global and IAM Condition Context Keys