本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
AWSElasticBeanstalkService
描述:此策略已进入弃用路径。有关指南,请参阅文档:https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/iam-servicerole.html。AWSElastic Beanstalk 服务角色策略,授予代表您创建和管理资源(即:AutoScaling、EC2、S3、CloudFormation、ELB 等)的权限。
AWSElasticBeanstalkService 是一项 AWS 托管式策略。
使用此策略
您可以将 AWSElasticBeanstalkService 附加到您的用户、组和角色。
策略详细信息
-
类型:服务角色策略
-
创建时间:2016 年 4 月 11 日 20:27 UTC
-
编辑时间:2023 年 5 月 10 日 19:29 UTC
-
ARN:
arn:aws:iam::aws:policy/service-role/AWSElasticBeanstalkService
策略版本
策略版本:v17(默认)
此策略的默认版本是定义策略权限的版本。当使用该策略的用户或角色请求访问 AWS 资源时,AWS 会检查策略的默认版本以确定是否允许该请求。
JSON 策略文档
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "AllowCloudformationOperationsOnElasticBeanstalkStacks",
"Effect" : "Allow",
"Action" : [
"cloudformation:*"
],
"Resource" : [
"arn:aws:cloudformation:*:*:stack/awseb-*",
"arn:aws:cloudformation:*:*:stack/eb-*"
]
},
{
"Sid" : "AllowDeleteCloudwatchLogGroups",
"Effect" : "Allow",
"Action" : [
"logs:DeleteLogGroup"
],
"Resource" : [
"arn:aws:logs:*:*:log-group:/aws/elasticbeanstalk*"
]
},
{
"Sid" : "AllowECSTagResource",
"Effect" : "Allow",
"Action" : [
"ecs:TagResource"
],
"Resource" : "*",
"Condition" : {
"StringEquals" : {
"ecs:CreateAction" : [
"CreateCluster",
"RegisterTaskDefinition"
]
}
}
},
{
"Sid" : "AllowS3OperationsOnElasticBeanstalkBuckets",
"Effect" : "Allow",
"Action" : [
"s3:*"
],
"Resource" : [
"arn:aws:s3:::elasticbeanstalk-*",
"arn:aws:s3:::elasticbeanstalk-*/*"
]
},
{
"Sid" : "AllowLaunchTemplateRunInstances",
"Effect" : "Allow",
"Action" : "ec2:RunInstances",
"Resource" : "*",
"Condition" : {
"ArnLike" : {
"ec2:LaunchTemplate" : "arn:aws:ec2:*:*:launch-template/*"
}
}
},
{
"Sid" : "AllowELBAddTags",
"Effect" : "Allow",
"Action" : [
"elasticloadbalancing:AddTags"
],
"Resource" : "*",
"Condition" : {
"StringEquals" : {
"elasticloadbalancing:CreateAction" : [
"CreateLoadBalancer"
]
}
}
},
{
"Sid" : "AllowOperations",
"Effect" : "Allow",
"Action" : [
"autoscaling:AttachInstances",
"autoscaling:CreateAutoScalingGroup",
"autoscaling:CreateLaunchConfiguration",
"autoscaling:CreateOrUpdateTags",
"autoscaling:DeleteLaunchConfiguration",
"autoscaling:DeleteAutoScalingGroup",
"autoscaling:DeleteScheduledAction",
"autoscaling:DescribeAccountLimits",
"autoscaling:DescribeAutoScalingGroups",
"autoscaling:DescribeAutoScalingInstances",
"autoscaling:DescribeLaunchConfigurations",
"autoscaling:DescribeLoadBalancers",
"autoscaling:DescribeNotificationConfigurations",
"autoscaling:DescribeScalingActivities",
"autoscaling:DescribeScheduledActions",
"autoscaling:DetachInstances",
"autoscaling:DeletePolicy",
"autoscaling:PutScalingPolicy",
"autoscaling:PutScheduledUpdateGroupAction",
"autoscaling:PutNotificationConfiguration",
"autoscaling:ResumeProcesses",
"autoscaling:SetDesiredCapacity",
"autoscaling:SuspendProcesses",
"autoscaling:TerminateInstanceInAutoScalingGroup",
"autoscaling:UpdateAutoScalingGroup",
"cloudwatch:PutMetricAlarm",
"ec2:AssociateAddress",
"ec2:AllocateAddress",
"ec2:AuthorizeSecurityGroupEgress",
"ec2:AuthorizeSecurityGroupIngress",
"ec2:CreateLaunchTemplate",
"ec2:CreateLaunchTemplateVersion",
"ec2:DescribeLaunchTemplates",
"ec2:DescribeLaunchTemplateVersions",
"ec2:DeleteLaunchTemplate",
"ec2:DeleteLaunchTemplateVersions",
"ec2:CreateSecurityGroup",
"ec2:DeleteSecurityGroup",
"ec2:DescribeAccountAttributes",
"ec2:DescribeAddresses",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:DescribeKeyPairs",
"ec2:DescribeSecurityGroups",
"ec2:DescribeSnapshots",
"ec2:DescribeSubnets",
"ec2:DescribeVpcs",
"ec2:DescribeInstanceAttribute",
"ec2:DescribeSpotInstanceRequests",
"ec2:DescribeVpcClassicLink",
"ec2:DisassociateAddress",
"ec2:ReleaseAddress",
"ec2:RevokeSecurityGroupEgress",
"ec2:RevokeSecurityGroupIngress",
"ec2:TerminateInstances",
"ecs:CreateCluster",
"ecs:DeleteCluster",
"ecs:DescribeClusters",
"ecs:RegisterTaskDefinition",
"elasticbeanstalk:*",
"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer",
"elasticloadbalancing:ConfigureHealthCheck",
"elasticloadbalancing:CreateLoadBalancer",
"elasticloadbalancing:DeleteLoadBalancer",
"elasticloadbalancing:DeregisterInstancesFromLoadBalancer",
"elasticloadbalancing:DescribeInstanceHealth",
"elasticloadbalancing:DescribeLoadBalancers",
"elasticloadbalancing:DescribeTargetHealth",
"elasticloadbalancing:RegisterInstancesWithLoadBalancer",
"elasticloadbalancing:DescribeTargetGroups",
"elasticloadbalancing:RegisterTargets",
"elasticloadbalancing:DeregisterTargets",
"iam:ListRoles",
"iam:PassRole",
"logs:CreateLogGroup",
"logs:PutRetentionPolicy",
"logs:DescribeLogGroups",
"rds:DescribeDBEngineVersions",
"rds:DescribeDBInstances",
"rds:DescribeOrderableDBInstanceOptions",
"s3:GetObject",
"s3:GetObjectAcl",
"s3:ListBucket",
"sns:CreateTopic",
"sns:GetTopicAttributes",
"sns:ListSubscriptionsByTopic",
"sns:Subscribe",
"sns:SetTopicAttributes",
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl",
"codebuild:CreateProject",
"codebuild:DeleteProject",
"codebuild:BatchGetBuilds",
"codebuild:StartBuild"
],
"Resource" : [
"*"
]
}
]
}了解更多信息
