Is there a method in the IAM system to allow or deny access to a specific instance?
Only for VPC based instances
Amazon EC2 uses SSH keys, Windows passwords, and security groups to control who has access to the
operating system of specific Amazon EC2 instances. There’s no method in the IAM system to allow or deny
access to the operating system of a specific instance.