Policy Setting: AWS > IAM > Stack > Source
Policies
This policy setting is dependent on the following policy types:
Source
resource "turbot_policy_setting" "aws_iam_stack_source" { resource = turbot_policy_pack.main.id type = "tmod:@turbot/aws-iam#/policy/types/iamStackSource" value = <<EOT ### Deny Actions from unapproved CIDRs ### resource "aws_iam_policy" "main" { # Boundary policy name that will be applied to the IAM role. name = "myBoundaryPolicy" path = "/" description = "Guardrails Managed Boundary policy to prevent actions from unapproved CIDRs" policy = jsonencode({ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "*" "Resource": "*", "Condition": { "IpAddress": { "aws:SourceIp": [ "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16" ] } } } ] }) } EOT}