This is a quick post to mention the very useful AWS policy generator. There are many times you will need to generate JSON based policies when using AWS. You can write the code yourself or you can just let the policy generator do it for you.
To use the policy generator go to this link.
First select the type of policy you want to create, in this example we will choose an IAM policy
Then choose whether you want to Allow or Deny and choose the service that you allow or deny access to. You can then select an action.
You can then add a condition i.e you might want to allow access to everyone except for any connections from a particular IP address
Then click Generate Policy to generate the JSON code
Copy your code and use it in your policy
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Stmt1550417309987", "Action": [ "ses:SendEmail" ], "Effect": "Allow", "Resource": "*" }, { "Sid": "Stmt1550417930166", "Action": [ "ses:SendRawEmail" ], "Effect": "Allow", "Resource": "*", "Condition": { "StringEquals": { "aws:SourceIp": "10.20.30.4" } } } ] }