Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
AWSElasticBeanstalkService
Deskripsi: Kebijakan ini berada di jalur penghentian. Lihat dokumentasi untuk panduan: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/iam-servicerole.html. AWS Kebijakan peran Layanan Elastic Beanstalk yang memberikan izin untuk membuat & mengelola sumber daya ( AutoScalingyaitu:, EC2, CloudFormation S3,, ELB, dll.) Atas nama Anda.
AWSElasticBeanstalkServiceadalah kebijakan yang AWS dikelola.
Menggunakan kebijakan ini
Anda dapat melampirkan AWSElasticBeanstalkService ke pengguna, grup, dan peran Anda.
Rincian kebijakan
-
Jenis: Kebijakan peran layanan
-
Waktu pembuatan: 11 April 2016, 20:27 UTC
-
Waktu yang telah diedit: 10 Mei 2023, 19:29 UTC
-
ARN:
arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService
Versi kebijakan
Versi kebijakan: v17 (default)
Versi default kebijakan adalah versi yang menentukan izin untuk kebijakan tersebut. Saat pengguna atau peran dengan kebijakan membuat permintaan untuk mengakses AWS sumber daya, AWS periksa versi default kebijakan untuk menentukan apakah akan mengizinkan permintaan tersebut.
Dokumen kebijakan JSON
{ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "AllowCloudformationOperationsOnElasticBeanstalkStacks", "Effect" : "Allow", "Action" : [ "cloudformation:*" ], "Resource" : [ "arn:aws:cloudformation:*:*:stack/awseb-*", "arn:aws:cloudformation:*:*:stack/eb-*" ] }, { "Sid" : "AllowDeleteCloudwatchLogGroups", "Effect" : "Allow", "Action" : [ "logs:DeleteLogGroup" ], "Resource" : [ "arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk*" ] }, { "Sid" : "AllowECSTagResource", "Effect" : "Allow", "Action" : [ "ecs:TagResource" ], "Resource" : "*", "Condition" : { "StringEquals" : { "ecs:CreateAction" : [ "CreateCluster", "RegisterTaskDefinition" ] } } }, { "Sid" : "AllowS3OperationsOnElasticBeanstalkBuckets", "Effect" : "Allow", "Action" : [ "s3:*" ], "Resource" : [ "arn:aws:s3:::elasticbeanstalk-*", "arn:aws:s3:::elasticbeanstalk-*/*" ] }, { "Sid" : "AllowLaunchTemplateRunInstances", "Effect" : "Allow", "Action" : "ec2:RunInstances", "Resource" : "*", "Condition" : { "ArnLike" : { "ec2:LaunchTemplate" : "arn:aws:ec2:*:*:launch-template/*" } } }, { "Sid" : "AllowELBAddTags", "Effect" : "Allow", "Action" : [ "elasticloadbalancing:AddTags" ], "Resource" : "*", "Condition" : { "StringEquals" : { "elasticloadbalancing:CreateAction" : [ "CreateLoadBalancer" ] } } }, { "Sid" : "AllowOperations", "Effect" : "Allow", "Action" : [ "autoscaling:AttachInstances", "autoscaling:CreateAutoScalingGroup", "autoscaling:CreateLaunchConfiguration", "autoscaling:CreateOrUpdateTags", "autoscaling:DeleteLaunchConfiguration", "autoscaling:DeleteAutoScalingGroup", "autoscaling:DeleteScheduledAction", "autoscaling:DescribeAccountLimits", "autoscaling:DescribeAutoScalingGroups", "autoscaling:DescribeAutoScalingInstances", "autoscaling:DescribeLaunchConfigurations", "autoscaling:DescribeLoadBalancers", "autoscaling:DescribeNotificationConfigurations", "autoscaling:DescribeScalingActivities", "autoscaling:DescribeScheduledActions", "autoscaling:DetachInstances", "autoscaling:DeletePolicy", "autoscaling:PutScalingPolicy", "autoscaling:PutScheduledUpdateGroupAction", "autoscaling:PutNotificationConfiguration", "autoscaling:ResumeProcesses", "autoscaling:SetDesiredCapacity", "autoscaling:SuspendProcesses", "autoscaling:TerminateInstanceInAutoScalingGroup", "autoscaling:UpdateAutoScalingGroup", "cloudwatch:PutMetricAlarm", "ec2:AssociateAddress", "ec2:AllocateAddress", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateLaunchTemplate", "ec2:CreateLaunchTemplateVersion", "ec2:DescribeLaunchTemplates", "ec2:DescribeLaunchTemplateVersions", "ec2:DeleteLaunchTemplate", "ec2:DeleteLaunchTemplateVersions", "ec2:CreateSecurityGroup", "ec2:DeleteSecurityGroup", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeSnapshots", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeInstanceAttribute", "ec2:DescribeSpotInstanceRequests", "ec2:DescribeVpcClassicLink", "ec2:DisassociateAddress", "ec2:ReleaseAddress", "ec2:RevokeSecurityGroupEgress", "ec2:RevokeSecurityGroupIngress", "ec2:TerminateInstances", "ecs:CreateCluster", "ecs:DeleteCluster", "ecs:DescribeClusters", "ecs:RegisterTaskDefinition", "elasticbeanstalk:*", "elasticloadbalancing:ApplySecurityGroupsToLoadBalancer", "elasticloadbalancing:ConfigureHealthCheck", "elasticloadbalancing:CreateLoadBalancer", "elasticloadbalancing:DeleteLoadBalancer", "elasticloadbalancing:DeregisterInstancesFromLoadBalancer", "elasticloadbalancing:DescribeInstanceHealth", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeTargetHealth", "elasticloadbalancing:RegisterInstancesWithLoadBalancer", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:RegisterTargets", "elasticloadbalancing:DeregisterTargets", "iam:ListRoles", "iam:PassRole", "logs:CreateLogGroup", "logs:PutRetentionPolicy", "logs:DescribeLogGroups", "rds:DescribeDBEngineVersions", "rds:DescribeDBInstances", "rds:DescribeOrderableDBInstanceOptions", "s3:GetObject", "s3:GetObjectAcl", "s3:ListBucket", "sns:CreateTopic", "sns:GetTopicAttributes", "sns:ListSubscriptionsByTopic", "sns:Subscribe", "sns:SetTopicAttributes", "sqs:GetQueueAttributes", "sqs:GetQueueUrl", "codebuild:CreateProject", "codebuild:DeleteProject", "codebuild:BatchGetBuilds", "codebuild:StartBuild" ], "Resource" : [ "*" ] } ] }
Pelajari selengkapnya
