本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
管理標籤政策的先決條件和許可
此頁面說明在中管理標籤原則的必要條件和必要權限 AWS Organizations。
管理標籤政策的先決條件
需要符合下列條件才能使用標籤政策:
若要評估是否符合標籤政策,請使用 AWS Resource Groups。如需評估合規性需求的相關資訊,請參閱 AWS Resource Groups 使用者指南中的先決條件和許可。
管理標籤政策的許可
下列範例IAM原則提供管理標籤原則的權限。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ManageTagPolicies", "Effect": "Allow", "Action": [ "organizations:ListPoliciesForTarget", "organizations:ListTargetsForPolicy", "organizations:DescribeEffectivePolicy", "organizations:DescribePolicy", "organizations:ListRoots", "organizations:DisableAWSServiceAccess", "organizations:DetachPolicy", "organizations:DeletePolicy", "organizations:DescribeAccount", "organizations:DisablePolicyType", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListPolicies", "organizations:ListAccountsForParent", "organizations:ListAccounts", "organizations:EnableAWSServiceAccess", "organizations:ListCreateAccountStatus", "organizations:DescribeOrganization", "organizations:UpdatePolicy", "organizations:EnablePolicyType", "organizations:DescribeOrganizationalUnit", "organizations:AttachPolicy", "organizations:ListParents", "organizations:ListOrganizationalUnitsForParent", "organizations:CreatePolicy", "organizations:DescribeCreateAccountStatus" ], "Resource": "*" } ] }
如需有關IAM策略和權限的詳細資訊,請參閱《使IAM用者指南》。
