メニュー
AWS Identity and Access Management
ユーザーガイド

AWS Elastic Beanstalk: 特定の環境またはアプリケーションへのフルアクセスを許可する

は、特定の Elastic Beanstalk 環境またはアプリケーションへのフルアクセスを許可します。

Copy
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "elasticbeanstalk:CheckDNSAvailability", "elasticbeanstalk:CreateStorageLocation", "elasticbeanstalk:Describe*", "elasticbeanstalk:ApplyEnvironmentManagedAction", "ec2:Describe*", "autoscaling:Describe*", "elasticloadbalancing:Describe*", "cloudwatch:Describe*", "cloudwatch:Get*", "cloudwatch:List*", "rds:Describe*" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:ComposeEnvironments", "elasticbeanstalk:CreateApplication", "elasticbeanstalk:DeleteApplication", "elasticbeanstalk:UpdateApplication" ], "Resource": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:application/<APPLICATION-ID>" ] }, { "Effect": "Allow", "Action": [ "elasticbeanstalk:CreateApplicationVersion", "elasticbeanstalk:DeleteApplicationVersion", "elasticbeanstalk:UpdateApplicationVersion" ], "Resource": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:applicationversion/*" ], "Condition": { "StringEquals": { "elasticbeanstalk:InApplication": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:application/<APPLICATION-ID>" ] } } }, { "Effect": "Allow", "Action": [ "elasticbeanstalk:CreateConfigurationTemplate", "elasticbeanstalk:DeleteConfigurationTemplate", "elasticbeanstalk:UpdateConfigurationTemplate" ], "Resource": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:configurationtemplate/*" ], "Condition": { "StringEquals": { "elasticbeanstalk:InApplication": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:application/<APPLICATION-ID>" ], "elasticbeanstalk:FromSolutionStack": [ "arn:aws:elasticbeanstalk:<REGION>::solutionstack/<STACK-ID>" ] } } }, { "Effect": "Allow", "Action": [ "elasticbeanstalk:ListAvailableSolutionStacks" ], "Resource": [ "arn:aws:elasticbeanstalk:<REGION>::solutionstack/<STACK-ID>" ] }, { "Effect": "Allow", "Action": [ "elasticbeanstalk:AbortEnvironmentUpdate", "elasticbeanstalk:CreateEnvironment", "elasticbeanstalk:DeleteEnvironmentConfiguration", "elasticbeanstalk:RebuildEnvironment", "elasticbeanstalk:RequestEnvironmentInfo", "elasticbeanstalk:RestartAppServer", "elasticbeanstalk:RetrieveEnvironmentInfo", "elasticbeanstalk:SwapEnvironmentCNAMEs", "elasticbeanstalk:TerminateEnvironment", "elasticbeanstalk:UpdateEnvironment", "elasticbeanstalk:ValidateConfigurationSettings" ], "Resource": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:environment/<ENVIRONMENT-ID>" ], "Condition": { "StringEqualsIfExists": { "elasticbeanstalk:InApplication": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:application/<APPLICATION-ID>" ], "elasticbeanstalk:FromApplicationVersion": [ "arn:aws:elasticbeanstalk:<REGION>:<ACCOUNTNUMBER>:applicationversion/*" ] } } } ] }