Guided Walkthroughs
Step-by-step configuration wizards for your environment
Dedicated Security Account
AWS Backup Strategy
VPC Connectivity Setup
Automated Patching
All Guides
This SCP restrict users in your AWS Organizations account to creating VPCs with CIDRs from a specific IPv4 pool and associating CIDRs to the VPCs from the pool. Users in the account will not be able to create VPCs with CIDRs or associate CIDRs to VPCs from any other pools from the one you choose.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"ec2:CreateVpc",
"ec2:AssociateVpcCidrBlock"
],
"Resource": "arn:aws:ec2:*:*:vpc/*",
"Effect": "Deny",
"Condition": {
"StringNotEquals": {
"ec2:Ipv4IpamPoolId": ""
}
}
}
]
}