Cant see instance when apply a custom policy in IAM in AWS

Question

I have created a policy for restricting access of a user to a single instance as:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1392113879000",
      "Effect": "Allow",
      "Action": [
        "ec2:*"
      ],
      "Resource": [
        "arn:aws:ec2:us-east-1:account:instance/instance_id"
      ]
    }
  ]
}

But I am getting this error:

You are not authorized to describe Running Instances
You are not authorized to describe Elastic IPs 
You are not authorized to describe Volumes 
You are not authorized to describe Snapshots 
You are not authorized to describe Key Pairs 
You are not authorized to describe Load Balancers 
You are not authorized to describe Placement Groups 
You are not authorized to describe Security Groups

I cant see the instance in the console. If i cant implement this thing then what is the use of policies!!

Im stuck please help

Answer 1

from iam-policies-for-amazon-ec2

Currently, not all API actions support individual ARNs; we'll add support for additional API actions and ARNs for additional Amazon EC2 resources later. For information about which ARNs you can use with which Amazon EC2 API actions, as well as supported condition keys for each ARN, see Supported Resources and Conditions for Amazon EC2 API Actions.

So, wiritng ec2:* is not going to help you. Instead, you should provide exact API actions that you wish to grant to this user.

Also, quoting from the same link referred above:

To specify all resources, or if a specific API action does not support ARNs, use the * wildcard in the Resource element as follows:

Assigning restrictive EC2 IAM polices is a bit complicated. You may want to read above referred link in detail as well as this link.

Answer 2

Check your region. Your policy uses US-East-1, but where are your instances? US-West-2?