[英]What are the permission required for EC2 create Instance
我正在嘗試創建一個策略來授予用戶創建 Ec2 實例的權限,但我不想在寫入時授予所有權限。 請驗證這些權限是否足夠或某些權限是否額外
{
"Version": "2020-06-16",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeInstances",
"ec2:DescribeImages",
"ec2:DescribeKeyPairs",
"ec2:DescribeVpcs",
"ec2:CreateSecurityGroup",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateKeyPair"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "ec2:RunInstances",
"Resource": "*"
}
]
}
在這里您必須授予創建標簽訪問權限,至於運行實例,這是必須的選項。這里我附上我的政策供您參考。
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:DescribeImages",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:DescribeInstances",
"ec2:DescribeVpcs",
"ec2:CreateSecurityGroup",
"ec2:CreateTags",
"ec2:DescribeInstanceTypes",
"ec2:RunInstances",
"ec2:DescribeSubnets",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups"
],
"Resource": "*"
}
]
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.