IAM 用户的权限 - Amazon Elastic Compute Cloud

IAM 用户的权限

IAM 用户必须具有以下权限才能使用 Amazon Data Lifecycle Manager。

注意

仅控制台用户需要 ec2:DescribeAvailabilityZonesec2:DescribeRegionskms:ListAliaseskms:DescribeKey 权限。如果不需要访问控制台,则可以删除权限。

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "dlm:*", "Resource": "*" }, { "Effect": "Allow", "Action": "iam:PassRole", "Resource": [ "arn:aws:iam::accound_id:role/service-role/AWSDataLifecycleManagerDefaultRole", "arn:aws:iam::accound_id:role/service-role/AWSDataLifecycleManagerDefaultRoleForAMIManagement" ] }, { "Effect": "Allow", "Action": "iam:ListRoles", "Resource": "*" }, { "Effect": "Allow", "Action": [ "ec2:DescribeAvailabilityZones", "ec2:DescribeRegions", "kms:ListAliases", "kms:DescribeKey" ], "Resource": "*" } ] }

有关更多信息,请参阅 IAM 用户指南 中的更改 IAM 用户的权限