Amazon ec2 IAM策略不起作用
我的IAM政策如下:Amazon ec2 IAM策略不起作用,amazon-ec2,amazon-iam,Amazon Ec2,Amazon Iam,我的IAM政策如下: { "Version": "2012-10-17", "Statement": [ { "Sid": "TheseActionsDontSupportResourceLevelPermissions", "Effect": "Allow", "Action": ["ec2:Describe*"], "Resource": "*" }, { "Sid": "TheseAct
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "TheseActionsDontSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": ["ec2:Describe*"],
"Resource": "*"
},
{
"Sid": "TheseActionsSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": [
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:StopInstances",
"ec2:StartInstances"
],
"Resource": "arn:aws:ec2:us-east-1:127890:instance/i-31f"
}
]
}
但这项政策对我不起作用。请帮助您首先需要描述您需要完成的任务,但对于初学者,您在第一个
操作
语句中缺少ec2:descripbeinstances
:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "TheseActionsDontSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": "ec2:DescribeInstances",
"Resource": "*"
},
{
"Sid": "TheseActionsSupportResourceLevelPermissions",
"Effect": "Allow",
"Action": [
"ec2:RunInstances",
"ec2:TerminateInstances",
"ec2:StopInstances",
"ec2:StartInstances"
],
"Resource": "arn:aws:ec2:us-east-1:accountid:instance/id number"
}
]
}
确保您使用了正确的accountid和实例id。您能描述一下您试图用策略实现的目标吗?我希望用户只查看实例,并且应该对其实例具有“开始-停止”权限。请允许我尝试。我想查看所有实例,但我只想启动和停止特定的实例,但我已编辑此策略它仍然不工作检查我的编辑。您需要
ec2:descripbeinstances
。确保使用了正确的accountid和正确的实例id。如果我想将用户限制为多个实例,只需添加“资源”:“arn:aws:ec2:us-east-1:accountid:instance/id number”
多次?