翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。
AWSDeepLensServiceRolePolicy
説明: AWS DeepLens に AWS のサービス、DeepLens と IoT、S3 、GreenGrass、AWS Lambda などの依存関係に必要なリソースとロールへのアクセスを付与します。
AWSDeepLensServiceRolePolicy は AWS マネージドポリシーです。
このポリシーを使用すると
ユーザー、グループおよびロールに AWSDeepLensServiceRolePolicy をアタッチできます。
ポリシーの詳細
-
タイプ: サービスロールポリシー
-
作成日時: 2017 年 11 月 29 日 15:46 UTC
-
編集日時: 2019 年 9 月 25 日 19:25 UTC
-
ARN:
arn:aws:iam::aws:policy/service-role/AWSDeepLensServiceRolePolicy
ポリシーのバージョン
ポリシーのバージョン: v6 (デフォルト)
ポリシーのデフォルトバージョンは、ポリシーのアクセス許可を定義するバージョンです。ポリシーを適用したユーザーまたはロールが AWS リソースへのアクセスをリクエストすると、AWS はポリシーのデフォルトバージョンを確認し、リクエストを許可するかどうかを判断します。
JSON ポリシードキュメント
{ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "DeepLensIoTThingAccess", "Effect" : "Allow", "Action" : [ "iot:CreateThing", "iot:DeleteThing", "iot:DeleteThingShadow", "iot:DescribeThing", "iot:GetThingShadow", "iot:UpdateThing", "iot:UpdateThingShadow" ], "Resource" : [ "arn:aws:iot:*:*:thing/deeplens*" ] }, { "Sid" : "DeepLensIoTCertificateAccess", "Effect" : "Allow", "Action" : [ "iot:AttachThingPrincipal", "iot:DetachThingPrincipal", "iot:UpdateCertificate", "iot:DeleteCertificate", "iot:DetachPrincipalPolicy" ], "Resource" : [ "arn:aws:iot:*:*:thing/deeplens*", "arn:aws:iot:*:*:cert/*" ] }, { "Sid" : "DeepLensIoTCreateCertificateAndPolicyAccess", "Effect" : "Allow", "Action" : [ "iot:CreateKeysAndCertificate", "iot:CreatePolicy", "iot:CreatePolicyVersion" ], "Resource" : [ "*" ] }, { "Sid" : "DeepLensIoTAttachCertificatePolicyAccess", "Effect" : "Allow", "Action" : [ "iot:AttachPrincipalPolicy" ], "Resource" : [ "arn:aws:iot:*:*:policy/deeplens*", "arn:aws:iot:*:*:cert/*" ] }, { "Sid" : "DeepLensIoTDataAccess", "Effect" : "Allow", "Action" : [ "iot:GetThingShadow", "iot:UpdateThingShadow" ], "Resource" : [ "arn:aws:iot:*:*:thing/deeplens*" ] }, { "Sid" : "DeepLensIoTEndpointAccess", "Effect" : "Allow", "Action" : [ "iot:DescribeEndpoint" ], "Resource" : [ "*" ] }, { "Sid" : "DeepLensAccess", "Effect" : "Allow", "Action" : [ "deeplens:*" ], "Resource" : [ "*" ] }, { "Sid" : "DeepLensS3ObjectAccess", "Effect" : "Allow", "Action" : [ "s3:GetObject" ], "Resource" : [ "arn:aws:s3:::deeplens*" ] }, { "Sid" : "DeepLensS3Buckets", "Effect" : "Allow", "Action" : [ "s3:DeleteBucket", "s3:ListBucket" ], "Resource" : [ "arn:aws:s3:::deeplens*" ] }, { "Sid" : "DeepLensCreateS3Buckets", "Effect" : "Allow", "Action" : [ "s3:CreateBucket" ], "Resource" : [ "*" ] }, { "Sid" : "DeepLensIAMPassRoleAccess", "Effect" : "Allow", "Action" : [ "iam:PassRole" ], "Resource" : [ "*" ], "Condition" : { "StringEquals" : { "iam:PassedToService" : [ "greengrass.amazonaws.com", "sagemaker.amazonaws.com" ] } } }, { "Sid" : "DeepLensIAMLambdaPassRoleAccess", "Effect" : "Allow", "Action" : [ "iam:PassRole" ], "Resource" : [ "arn:aws:iam::*:role/AWSDeepLens*", "arn:aws:iam::*:role/service-role/AWSDeepLens*" ], "Condition" : { "StringEqualsIfExists" : { "iam:PassedToService" : "lambda.amazonaws.com" } } }, { "Sid" : "DeepLensGreenGrassAccess", "Effect" : "Allow", "Action" : [ "greengrass:AssociateRoleToGroup", "greengrass:AssociateServiceRoleToAccount", "greengrass:CreateResourceDefinition", "greengrass:CreateResourceDefinitionVersion", "greengrass:CreateCoreDefinition", "greengrass:CreateCoreDefinitionVersion", "greengrass:CreateDeployment", "greengrass:CreateFunctionDefinition", "greengrass:CreateFunctionDefinitionVersion", "greengrass:CreateGroup", "greengrass:CreateGroupCertificateAuthority", "greengrass:CreateGroupVersion", "greengrass:CreateLoggerDefinition", "greengrass:CreateLoggerDefinitionVersion", "greengrass:CreateSubscriptionDefinition", "greengrass:CreateSubscriptionDefinitionVersion", "greengrass:DeleteCoreDefinition", "greengrass:DeleteFunctionDefinition", "greengrass:DeleteGroup", "greengrass:DeleteLoggerDefinition", "greengrass:DeleteSubscriptionDefinition", "greengrass:DisassociateRoleFromGroup", "greengrass:DisassociateServiceRoleFromAccount", "greengrass:GetAssociatedRole", "greengrass:GetConnectivityInfo", "greengrass:GetCoreDefinition", "greengrass:GetCoreDefinitionVersion", "greengrass:GetDeploymentStatus", "greengrass:GetDeviceDefinition", "greengrass:GetDeviceDefinitionVersion", "greengrass:GetFunctionDefinition", "greengrass:GetFunctionDefinitionVersion", "greengrass:GetGroup", "greengrass:GetGroupCertificateAuthority", "greengrass:GetGroupCertificateConfiguration", "greengrass:GetGroupVersion", "greengrass:GetLoggerDefinition", "greengrass:GetLoggerDefinitionVersion", "greengrass:GetResourceDefinition", "greengrass:GetServiceRoleForAccount", "greengrass:GetSubscriptionDefinition", "greengrass:GetSubscriptionDefinitionVersion", "greengrass:ListCoreDefinitionVersions", "greengrass:ListCoreDefinitions", "greengrass:ListDeployments", "greengrass:ListDeviceDefinitionVersions", "greengrass:ListDeviceDefinitions", "greengrass:ListFunctionDefinitionVersions", "greengrass:ListFunctionDefinitions", "greengrass:ListGroupCertificateAuthorities", "greengrass:ListGroupVersions", "greengrass:ListGroups", "greengrass:ListLoggerDefinitionVersions", "greengrass:ListLoggerDefinitions", "greengrass:ListSubscriptionDefinitionVersions", "greengrass:ListSubscriptionDefinitions", "greengrass:ResetDeployments", "greengrass:UpdateConnectivityInfo", "greengrass:UpdateCoreDefinition", "greengrass:UpdateDeviceDefinition", "greengrass:UpdateFunctionDefinition", "greengrass:UpdateGroup", "greengrass:UpdateGroupCertificateConfiguration", "greengrass:UpdateLoggerDefinition", "greengrass:UpdateSubscriptionDefinition", "greengrass:UpdateResourceDefinition" ], "Resource" : [ "*" ] }, { "Sid" : "DeepLensLambdaAdminFunctionAccess", "Effect" : "Allow", "Action" : [ "lambda:CreateFunction", "lambda:DeleteFunction", "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:ListFunctions", "lambda:ListVersionsByFunction", "lambda:PublishVersion", "lambda:UpdateFunctionCode", "lambda:UpdateFunctionConfiguration" ], "Resource" : [ "arn:aws:lambda:*:*:function:deeplens*" ] }, { "Sid" : "DeepLensLambdaUsersFunctionAccess", "Effect" : "Allow", "Action" : [ "lambda:GetFunction", "lambda:GetFunctionConfiguration", "lambda:ListFunctions", "lambda:ListVersionsByFunction" ], "Resource" : [ "arn:aws:lambda:*:*:function:*" ] }, { "Sid" : "DeepLensSageMakerWriteAccess", "Effect" : "Allow", "Action" : [ "sagemaker:CreateTrainingJob", "sagemaker:DescribeTrainingJob", "sagemaker:StopTrainingJob" ], "Resource" : [ "arn:aws:sagemaker:*:*:training-job/deeplens*" ] }, { "Sid" : "DeepLensSageMakerReadAccess", "Effect" : "Allow", "Action" : [ "sagemaker:DescribeTrainingJob" ], "Resource" : [ "arn:aws:sagemaker:*:*:training-job/*" ] }, { "Sid" : "DeepLensKinesisVideoStreamAccess", "Effect" : "Allow", "Action" : [ "kinesisvideo:CreateStream", "kinesisvideo:DescribeStream", "kinesisvideo:DeleteStream" ], "Resource" : [ "arn:aws:kinesisvideo:*:*:stream/deeplens*/*" ] }, { "Sid" : "DeepLensKinesisVideoEndpointAccess", "Effect" : "Allow", "Action" : [ "kinesisvideo:GetDataEndpoint" ], "Resource" : [ "*" ] } ] }
詳細はこちら
