仅创建快照的 AWS 政策
AWS policy for creating only the snapshots
我已将以下策略附加到 IAM 用户,该用户应允许用户创建 EC2 实例(支持 EBS)的快照。
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1473146965806",
"Action": [
"ec2:CreateSnapshot"
],
"Effect": "Allow",
"Resource": "arn:aws:ec2:*:MY_ACCOUNT_ID:*/*"
}
]
}
但是当用户尝试执行创建快照的命令时,出现以下错误:
An error occurred (UnauthorizedOperation) when calling the CreateSnapshot
operation: You are not authorized to perform this operation.
政策中有什么不正确的地方?
CreateSnapshot 不支持资源级权限,您可以使用通配符 "Resource":"*":
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1473146965806",
"Action": [
"ec2:CreateSnapshot"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
我已将以下策略附加到 IAM 用户,该用户应允许用户创建 EC2 实例(支持 EBS)的快照。
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1473146965806",
"Action": [
"ec2:CreateSnapshot"
],
"Effect": "Allow",
"Resource": "arn:aws:ec2:*:MY_ACCOUNT_ID:*/*"
}
]
}
但是当用户尝试执行创建快照的命令时,出现以下错误:
An error occurred (UnauthorizedOperation) when calling the CreateSnapshot
operation: You are not authorized to perform this operation.
政策中有什么不正确的地方?
CreateSnapshot 不支持资源级权限,您可以使用通配符 "Resource":"*":
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1473146965806",
"Action": [
"ec2:CreateSnapshot"
],
"Effect": "Allow",
"Resource": "*"
}
]
}