I'm trying to create a policy that allows changing User Data of stopped instances that have tags: "Name":"MyApp" but it only allows me to see the User Data. When I click save, it says I'm not authorised.
"Effect": "Allow",
"Action": "ec2:*",
"Resource": "*",
"Condition": {
"StringLike": {
"ec2:ResourceTag/Name": "MyApp"
}
}
The only way I can make it work is to remove the "Condition". However, it seems like my condition is valid. I've used my condition with other actions like: "ec2:StartInstances" and it works.