本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
AmazonLexFullAccess
描述:提供通过 AWS Management Console 对 Amazon Lex 的完全访问权限。此外还提供创建 Lex 服务关联角色的权限,并授予 Lex 调用一组有限的 Lambda 函数的权限。
AmazonLexFullAccess 是一项 AWS 托管式策略。
使用此策略
您可以将 AmazonLexFullAccess 附加到您的用户、组和角色。
策略详细信息
-
类型:AWS 托管策略
-
创建时间:2017 年 4 月 11 日 23:20 UTC
-
编辑时间:2024 年 4 月 16 日 20:06 UTC
-
ARN:
arn:aws:iam::aws:policy/AmazonLexFullAccess
策略版本
策略版本:v9(默认)
此策略的默认版本是定义策略权限的版本。当使用该策略的用户或角色请求访问 AWS 资源时,AWS 会检查策略的默认版本以确定是否允许该请求。
JSON 策略文档
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "AmazonLexFullAccessStatement1",
"Effect" : "Allow",
"Action" : [
"cloudwatch:GetMetricStatistics",
"cloudwatch:DescribeAlarms",
"cloudwatch:DescribeAlarmsForMetric",
"kms:DescribeKey",
"kms:ListAliases",
"lambda:GetPolicy",
"lambda:ListFunctions",
"lex:*",
"polly:DescribeVoices",
"polly:SynthesizeSpeech",
"kendra:ListIndices",
"iam:ListRoles",
"s3:ListAllMyBuckets",
"logs:DescribeLogGroups",
"s3:GetBucketLocation"
],
"Resource" : [
"*"
]
},
{
"Sid" : "AmazonLexFullAccessStatement2",
"Effect" : "Allow",
"Action" : [
"lambda:AddPermission",
"lambda:RemovePermission"
],
"Resource" : "arn:aws:lambda:*:*:function:AmazonLex*",
"Condition" : {
"StringEquals" : {
"lambda:Principal" : "lex.amazonaws.com"
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement3",
"Effect" : "Allow",
"Action" : [
"iam:GetRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots",
"arn:aws:iam::*:role/aws-service-role/channels.lex.amazonaws.com/AWSServiceRoleForLexChannels",
"arn:aws:iam::*:role/aws-service-role/lexv2.amazonaws.com/AWSServiceRoleForLexV2Bots*",
"arn:aws:iam::*:role/aws-service-role/channels.lexv2.amazonaws.com/AWSServiceRoleForLexV2Channels*",
"arn:aws:iam::*:role/aws-service-role/replication.lexv2.amazonaws.com/AWSServiceRoleForLexV2Replication*"
]
},
{
"Sid" : "AmazonLexFullAccessStatement4",
"Effect" : "Allow",
"Action" : [
"iam:CreateServiceLinkedRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots"
],
"Condition" : {
"StringEquals" : {
"iam:AWSServiceName" : "lex.amazonaws.com"
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement5",
"Effect" : "Allow",
"Action" : [
"iam:CreateServiceLinkedRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/channels.lex.amazonaws.com/AWSServiceRoleForLexChannels"
],
"Condition" : {
"StringEquals" : {
"iam:AWSServiceName" : "channels.lex.amazonaws.com"
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement6",
"Effect" : "Allow",
"Action" : [
"iam:CreateServiceLinkedRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/lexv2.amazonaws.com/AWSServiceRoleForLexV2Bots*"
],
"Condition" : {
"StringEquals" : {
"iam:AWSServiceName" : "lexv2.amazonaws.com"
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement7",
"Effect" : "Allow",
"Action" : [
"iam:CreateServiceLinkedRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/channels.lexv2.amazonaws.com/AWSServiceRoleForLexV2Channels*"
],
"Condition" : {
"StringEquals" : {
"iam:AWSServiceName" : "channels.lexv2.amazonaws.com"
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement8",
"Effect" : "Allow",
"Action" : [
"iam:CreateServiceLinkedRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/replication.lexv2.amazonaws.com/AWSServiceRoleForLexV2Replication*"
],
"Condition" : {
"StringEquals" : {
"iam:AWSServiceName" : "replication.lexv2.amazonaws.com"
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement9",
"Effect" : "Allow",
"Action" : [
"iam:DeleteServiceLinkedRole",
"iam:GetServiceLinkedRoleDeletionStatus"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots",
"arn:aws:iam::*:role/aws-service-role/channels.lex.amazonaws.com/AWSServiceRoleForLexChannels",
"arn:aws:iam::*:role/aws-service-role/lexv2.amazonaws.com/AWSServiceRoleForLexV2Bots*",
"arn:aws:iam::*:role/aws-service-role/channels.lexv2.amazonaws.com/AWSServiceRoleForLexV2Channels*",
"arn:aws:iam::*:role/aws-service-role/replication.lexv2.amazonaws.com/AWSServiceRoleForLexV2Replication*"
]
},
{
"Sid" : "AmazonLexFullAccessStatement10",
"Effect" : "Allow",
"Action" : [
"iam:PassRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots"
],
"Condition" : {
"StringEquals" : {
"iam:PassedToService" : [
"lex.amazonaws.com"
]
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement11",
"Effect" : "Allow",
"Action" : [
"iam:PassRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/lexv2.amazonaws.com/AWSServiceRoleForLexV2Bots*"
],
"Condition" : {
"StringEquals" : {
"iam:PassedToService" : [
"lexv2.amazonaws.com"
]
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement12",
"Effect" : "Allow",
"Action" : [
"iam:PassRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/channels.lexv2.amazonaws.com/AWSServiceRoleForLexV2Channels*"
],
"Condition" : {
"StringEquals" : {
"iam:PassedToService" : [
"channels.lexv2.amazonaws.com"
]
}
}
},
{
"Sid" : "AmazonLexFullAccessStatement13",
"Effect" : "Allow",
"Action" : [
"iam:PassRole"
],
"Resource" : [
"arn:aws:iam::*:role/aws-service-role/replication.lexv2.amazonaws.com/AWSServiceRoleForLexV2Replication*"
],
"Condition" : {
"StringEquals" : {
"iam:PassedToService" : [
"lexv2.amazonaws.com"
]
}
}
}
]
}了解更多信息
