This SCP restrict users in your AWS Organizations account to creating VPCs with CIDRs from a specific IPv4 pool and associating CIDRs to the VPCs from the pool. Users in the account will not be able to create VPCs with CIDRs or associate CIDRs to VPCs from any other pools from the one you choose.

Missing Parameters
    "Version": "2012-10-17",
    "Statement": [
            "Action": [
            "Resource": "arn:aws:ec2:*:*:vpc/*",
            "Effect": "Deny",
            "Condition": {
                "StringNotEquals": {
                    "ec2:Ipv4IpamPoolId": ""


Customize Template

Policy Parameters

* Required field