Profiles & Instance Tags

Administrative access can be restricted through the use of tags defined in a user's profile. Profile tags must correspond to the instance tags that have been set through the AWS console.

You can specify a tag for an EC2 instance through the AWS console.

Tag EC2 Console

Those tags can then be used when creating a profile in Bastillion for EC2.

Bastillion for EC2 profile

Tags work on a name or name/value pair.

for example

tag-name
tag-name=mytag

or multiple

tag-name1,tag-name2
tag-name1=mytag1,tag-name2=mytag2

Profiles can then be assigned to users of which will only have access to the instances that have the appropriate tag(s).