本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
您可以将该 AmazonDataZoneCrossAccountAdmin 策略附加到您的 IAM 身份。
该政策允许用户使用Amazon DataZone 关联账户。
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ram:UpdateResourceShare",
"ram:DeleteResourceShare",
"ram:AssociateResourceShare",
"ram:DisassociateResourceShare",
"ram:GetResourceShares"
],
"Resource": "*",
"Condition": {
"StringLike": {
"ram:ResourceShareName": [
"DataZone*"
]
}
}
},
{
"Effect": "Allow",
"Action": [
"datazone:PutEnvironmentBlueprintConfiguration",
"datazone:GetEnvironmentBlueprintConfiguration",
"datazone:DeleteEnvironmentBlueprintConfiguration",
"datazone:ListEnvironmentBlueprintConfigurations",
"datazone:ListDomains",
"datazone:GetDomain",
"datazone:GetEnvironmentBlueprint",
"datazone:ListEnvironmentBlueprints",
"datazone:ListEnvironments",
"datazone:GetEnvironment",
"ram:AcceptResourceShareInvitation",
"ram:RejectResourceShareInvitation",
"ram:Get*",
"ram:List*"
],
"Resource": "*"
}
]
}
