Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
AWSElasticDisasterRecoveryConsoleFullAccess_v2
Keterangan: Kebijakan ini menyediakan akses penuh ke semua publik APIs AWS Elastic Disaster Recovery (AWS DRS), serta semua publik APIs di AWS layanan lain yang digunakan oleh AWS DRS Console. Lampirkan kebijakan ini ke pengguna atau peran Anda.
AWSElasticDisasterRecoveryConsoleFullAccess_v2
adalah kebijakan yang AWS dikelola.
Menggunakan kebijakan ini
Anda dapat melampirkan AWSElasticDisasterRecoveryConsoleFullAccess_v2
ke pengguna, grup, dan peran Anda.
Rincian kebijakan
-
Jenis: kebijakan AWS terkelola
-
Waktu pembuatan: 27 November 2023, 13:35 UTC
-
Waktu telah diedit: 05 Januari 2025, 15:22 UTC
-
ARN:
arn:aws:iam::aws:policy/AWSElasticDisasterRecoveryConsoleFullAccess_v2
Versi kebijakan
Versi kebijakan: v4 (default)
Versi default kebijakan adalah versi yang menentukan izin untuk kebijakan tersebut. Saat pengguna atau peran dengan kebijakan membuat permintaan untuk mengakses AWS sumber daya, AWS periksa versi default kebijakan untuk menentukan apakah akan mengizinkan permintaan tersebut.
Dokumen kebijakan JSON
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "ConsoleFullAccess1",
"Effect" : "Allow",
"Action" : [
"drs:*"
],
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess2",
"Effect" : "Allow",
"Action" : [
"kms:ListAliases",
"kms:DescribeKey"
],
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess3",
"Effect" : "Allow",
"Action" : [
"ec2:DescribeAccountAttributes",
"ec2:DescribeAvailabilityZones",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeInstanceStatus",
"ec2:DescribeInstanceTypeOfferings",
"ec2:DescribeLaunchTemplateVersions",
"ec2:DescribeLaunchTemplates",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshots",
"ec2:DescribeSubnets",
"ec2:DescribeVolumes",
"ec2:GetEbsEncryptionByDefault",
"ec2:GetEbsDefaultKmsKeyId",
"ec2:DescribeKeyPairs",
"ec2:DescribeCapacityReservations",
"ec2:DescribeHosts",
"ec2:GetInstanceTypesFromInstanceRequirements"
],
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess4",
"Effect" : "Allow",
"Action" : "license-manager:ListLicenseConfigurations",
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess5",
"Effect" : "Allow",
"Action" : "resource-groups:ListGroups",
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess6",
"Effect" : "Allow",
"Action" : "elasticloadbalancing:DescribeLoadBalancers",
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess7",
"Effect" : "Allow",
"Action" : [
"iam:ListInstanceProfiles",
"iam:ListRoles"
],
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess8",
"Effect" : "Allow",
"Action" : "iam:PassRole",
"Resource" : [
"arn:aws:iam::*:role/service-role/AWSElasticDisasterRecoveryConversionServerRole",
"arn:aws:iam::*:role/service-role/AWSElasticDisasterRecoveryRecoveryInstanceRole",
"arn:aws:iam::*:role/service-role/AWSElasticDisasterRecoveryRecoveryInstanceWithLaunchActionsRole"
],
"Condition" : {
"StringEquals" : {
"iam:PassedToService" : "ec2.amazonaws.com"
}
}
},
{
"Sid" : "ConsoleFullAccess9",
"Effect" : "Allow",
"Action" : [
"ec2:DeleteSnapshot"
],
"Resource" : "arn:aws:ec2:*:*:snapshot/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess10",
"Effect" : "Allow",
"Action" : [
"ec2:CreateLaunchTemplateVersion",
"ec2:ModifyLaunchTemplate",
"ec2:DeleteLaunchTemplateVersions",
"ec2:CreateTags",
"ec2:DeleteTags"
],
"Resource" : "arn:aws:ec2:*:*:launch-template/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
}
}
},
{
"Sid" : "ConsoleFullAccess11",
"Effect" : "Allow",
"Action" : [
"ec2:CreateLaunchTemplate"
],
"Resource" : "arn:aws:ec2:*:*:launch-template/*",
"Condition" : {
"Null" : {
"aws:RequestTag/AWSElasticDisasterRecoveryManaged" : "false"
}
}
},
{
"Sid" : "ConsoleFullAccess12",
"Effect" : "Allow",
"Action" : [
"ec2:DeleteVolume"
],
"Resource" : "arn:aws:ec2:*:*:volume/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess13",
"Effect" : "Allow",
"Action" : [
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:TerminateInstances",
"ec2:ModifyInstanceAttribute",
"ec2:GetConsoleOutput",
"ec2:GetConsoleScreenshot"
],
"Resource" : "arn:aws:ec2:*:*:instance/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess14",
"Effect" : "Allow",
"Action" : [
"ec2:RevokeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:AuthorizeSecurityGroupEgress"
],
"Resource" : "arn:aws:ec2:*:*:security-group/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess15",
"Effect" : "Allow",
"Action" : [
"ec2:CreateVolume"
],
"Resource" : "arn:aws:ec2:*:*:volume/*",
"Condition" : {
"Null" : {
"aws:RequestTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess16",
"Effect" : "Allow",
"Action" : "ec2:CreateSecurityGroup",
"Resource" : "arn:aws:ec2:*:*:vpc/*"
},
{
"Sid" : "ConsoleFullAccess17",
"Effect" : "Allow",
"Action" : [
"ec2:CreateSecurityGroup"
],
"Resource" : "arn:aws:ec2:*:*:security-group/*",
"Condition" : {
"Null" : {
"aws:RequestTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess18",
"Effect" : "Allow",
"Action" : [
"ec2:CreateSnapshot"
],
"Resource" : "arn:aws:ec2:*:*:volume/*",
"Condition" : {
"Null" : {
"ec2:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess19",
"Effect" : "Allow",
"Action" : [
"ec2:CreateSnapshot"
],
"Resource" : "arn:aws:ec2:*:*:snapshot/*",
"Condition" : {
"Null" : {
"aws:RequestTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess20",
"Effect" : "Allow",
"Action" : [
"ec2:DetachVolume",
"ec2:AttachVolume"
],
"Resource" : "arn:aws:ec2:*:*:instance/*",
"Condition" : {
"Null" : {
"ec2:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess21",
"Effect" : "Allow",
"Action" : [
"ec2:DetachVolume",
"ec2:AttachVolume",
"ec2:StartInstances",
"ec2:GetConsoleOutput",
"ec2:GetConsoleScreenshot"
],
"Resource" : "arn:aws:ec2:*:*:instance/*",
"Condition" : {
"StringEquals" : {
"ec2:ResourceTag/AWSDRS" : "AllowLaunchingIntoThisInstance"
},
"ForAnyValue:StringEquals" : {
"aws:CalledVia" : [
"drs.amazonaws.com"
]
}
}
},
{
"Sid" : "ConsoleFullAccess22",
"Effect" : "Allow",
"Action" : [
"ec2:AttachVolume"
],
"Resource" : "arn:aws:ec2:*:*:volume/*",
"Condition" : {
"Null" : {
"ec2:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess23",
"Effect" : "Allow",
"Action" : [
"ec2:DetachVolume"
],
"Resource" : "arn:aws:ec2:*:*:volume/*",
"Condition" : {
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess24",
"Effect" : "Allow",
"Action" : [
"ec2:RunInstances"
],
"Resource" : "arn:aws:ec2:*:*:instance/*",
"Condition" : {
"Null" : {
"aws:RequestTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess25",
"Effect" : "Allow",
"Action" : [
"ec2:RunInstances"
],
"Resource" : [
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:volume/*",
"arn:aws:ec2:*:*:subnet/*",
"arn:aws:ec2:*:*:image/*",
"arn:aws:ec2:*:*:network-interface/*",
"arn:aws:ec2:*:*:launch-template/*"
],
"Condition" : {
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess26",
"Effect" : "Allow",
"Action" : "ec2:CreateTags",
"Resource" : [
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:volume/*",
"arn:aws:ec2:*:*:snapshot/*",
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:network-interface/*"
],
"Condition" : {
"StringEquals" : {
"ec2:CreateAction" : [
"CreateSecurityGroup",
"CreateVolume",
"CreateSnapshot",
"RunInstances",
"CreateNetworkInterface"
]
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess27",
"Effect" : "Allow",
"Action" : "ec2:CreateTags",
"Resource" : "arn:aws:ec2:*:*:launch-template/*",
"Condition" : {
"StringEquals" : {
"ec2:CreateAction" : [
"CreateLaunchTemplate"
]
}
}
},
{
"Sid" : "ConsoleFullAccess28",
"Effect" : "Allow",
"Action" : [
"cloudformation:DescribeStacks",
"cloudformation:ListStacks"
],
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess29",
"Effect" : "Allow",
"Action" : [
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess30",
"Effect" : "Allow",
"Action" : [
"ssm:DescribeInstanceInformation",
"ssm:DescribeParameters"
],
"Resource" : [
"*"
],
"Condition" : {
"ForAnyValue:StringEquals" : {
"aws:CalledVia" : [
"drs.amazonaws.com"
]
}
}
},
{
"Sid" : "ConsoleFullAccess31",
"Effect" : "Allow",
"Action" : [
"ssm:SendCommand",
"ssm:StartAutomationExecution"
],
"Resource" : [
"arn:aws:ssm:*:*:automation-definition/AWS-CreateImage:$DEFAULT",
"arn:aws:ssm:*:*:document/AWSMigration-ValidateNetworkConnectivity",
"arn:aws:ssm:*:*:document/AWSMigration-VerifyMountedVolumes",
"arn:aws:ssm:*:*:document/AWSMigration-ValidateHttpResponse",
"arn:aws:ssm:*:*:document/AWSMigration-ValidateDiskSpace",
"arn:aws:ssm:*:*:document/AWSMigration-VerifyProcessIsRunning",
"arn:aws:ssm:*:*:document/AWSMigration-LinuxTimeSyncSetting",
"arn:aws:ssm:*:*:document/AWSEC2-ApplicationInsightsCloudwatchAgentInstallAndConfigure"
],
"Condition" : {
"ForAnyValue:StringEquals" : {
"aws:CalledVia" : [
"drs.amazonaws.com"
]
}
}
},
{
"Sid" : "ConsoleFullAccess32",
"Effect" : "Allow",
"Action" : [
"ssm:SendCommand"
],
"Resource" : [
"arn:aws:ec2:*:*:instance/*"
],
"Condition" : {
"ForAnyValue:StringEquals" : {
"aws:CalledVia" : [
"drs.amazonaws.com"
]
},
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
}
}
},
{
"Sid" : "ConsoleFullAccess33",
"Effect" : "Allow",
"Action" : [
"ssm:ListDocuments",
"ssm:ListCommandInvocations"
],
"Resource" : "*"
},
{
"Sid" : "ConsoleFullAccess34",
"Effect" : "Allow",
"Action" : [
"ssm:GetParameter",
"ssm:PutParameter"
],
"Resource" : "arn:aws:ssm:*:*:parameter/ManagedByAWSElasticDisasterRecoveryService-*",
"Condition" : {
"StringEquals" : {
"aws:ResourceAccount" : "${aws:PrincipalAccount}"
}
}
},
{
"Sid" : "ConsoleFullAccess35",
"Effect" : "Allow",
"Action" : [
"ssm:DescribeDocument",
"ssm:GetDocument"
],
"Resource" : "arn:aws:ssm:*:*:document/*"
},
{
"Sid" : "ConsoleFullAccess36",
"Effect" : "Allow",
"Action" : [
"ssm:GetParameters"
],
"Resource" : [
"arn:aws:ssm:*:*:parameter/ManagedByAWSElasticDisasterRecovery-*"
],
"Condition" : {
"ForAnyValue:StringEquals" : {
"aws:CalledVia" : "ssm.amazonaws.com"
}
}
},
{
"Sid" : "ConsoleFullAccess37",
"Effect" : "Allow",
"Action" : [
"ssm:GetAutomationExecution"
],
"Resource" : "arn:aws:ssm:*:*:automation-execution/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
}
}
},
{
"Sid" : "ConsoleFullAccess38",
"Effect" : "Allow",
"Action" : [
"ec2:AssociateIamInstanceProfile"
],
"Resource" : [
"arn:aws:ec2:*:*:instance/*"
],
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess39",
"Effect" : "Allow",
"Action" : "ec2:CreateFleet",
"Resource" : [
"arn:aws:ec2:*:*:instance/*",
"arn:aws:ec2:*:*:fleet/*",
"arn:aws:ec2:*:*:volume/*",
"arn:aws:ec2:*:*:subnet/*",
"arn:aws:ec2:*:*:image/*",
"arn:aws:ec2:*:*:launch-template/*"
],
"Condition" : {
"ForAnyValue:StringEquals" : {
"aws:CalledVia" : [
"drs.amazonaws.com"
]
}
}
},
{
"Sid" : "ConsoleFullAccess40",
"Effect" : "Allow",
"Action" : "ec2:CreateTags",
"Resource" : [
"arn:aws:ec2:*:*:security-group/*",
"arn:aws:ec2:*:*:volume/*",
"arn:aws:ec2:*:*:snapshot/*",
"arn:aws:ec2:*:*:instance/*"
],
"Condition" : {
"StringEquals" : {
"ec2:CreateAction" : [
"CreateFleet"
]
},
"ForAnyValue:StringEquals" : {
"aws:CalledVia" : [
"drs.amazonaws.com"
]
}
}
},
{
"Sid" : "ConsoleFullAccess41",
"Effect" : "Allow",
"Action" : [
"ec2:CreateVolume"
],
"Resource" : "arn:aws:ec2:*:*:snapshot/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess42",
"Effect" : "Allow",
"Action" : [
"ec2:CreateNetworkInterface"
],
"Resource" : "arn:aws:ec2:*:*:network-interface/*",
"Condition" : {
"Null" : {
"aws:RequestTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
},
{
"Sid" : "ConsoleFullAccess43",
"Effect" : "Allow",
"Action" : [
"ec2:CreateNetworkInterface"
],
"Resource" : [
"arn:aws:ec2:*:*:subnet/*",
"arn:aws:ec2:*:*:security-group/*"
]
},
{
"Sid" : "ConsoleFullAccess44",
"Effect" : "Allow",
"Action" : [
"ec2:CreateNetworkInterfacePermission"
],
"Resource" : "arn:aws:ec2:*:*:network-interface/*",
"Condition" : {
"Null" : {
"aws:ResourceTag/AWSElasticDisasterRecoveryManaged" : "false"
},
"Bool" : {
"aws:ViaAWSService" : "true"
}
}
}
]
}