Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
Migrasi ke izin berbutir halus untuk perjanjian Artifact AWS
catatan
Konten halaman ini hanya berlaku untuk AWS Wilayah komersial, dan saat ini tidak berlaku untuk AWS GovCloud (US) Regions.
AWSArtifact sekarang memungkinkan pelanggan untuk menggunakan izin berbutir halus untuk perjanjian. Melalui izin halus ini, pelanggan memiliki kontrol terperinci dalam menyediakan akses ke fitur seperti melihat dan menerima perjanjian non-pengungkapan, serta menerima dan mengakhiri perjanjian.
Untuk mengakses perjanjian melalui izin berbutir halus, Anda dapat menggunakan atau kebijakan AWSArtifactAgreementsFullAccess terkelola AWSArtifactAgreementsReadOnlyAccessatau memperbarui izin sesuai rekomendasi di bawah ini. Jika sebelumnya Anda memilih untuk tidak menggunakan izin berbutir halus, Anda harus ikut serta menggunakan tautan “opt-in to fine-grained permission for AWS Artifact agreement” yang tersedia di konsol perjanjian.
Anda memiliki opsi untuk mengakses perjanjian dengan izin lama melalui tautan “opt-out of the fine-grained permission for AWS Artifact agreement” yang tersedia di konsol jika ada masalah dengan memperbarui izin baru.
penting
IAMTindakan warisan artifact:DownloadAgreement akan dihentikan pada 24 Februari 2025. Setelah 24 Februari 2025, IAM kebijakan yang berisi tindakan ini akan mengarah pada peringatan di Editor Kebijakan.
Migrasi ke izin baru
IAMTindakan warisan "DownloadAgreement" telah digantikan oleh tindakan "GetAgreement" untuk mengunduh perjanjian yang tidak diterima dan oleh tindakan "GetCustomerAgreement" untuk mengunduh perjanjian yang diterima. Selain itu, tindakan yang lebih terperinci telah diperkenalkan untuk mengontrol akses untuk melihat dan menerima perjanjian non-pengungkapan (). NDAs Untuk memanfaatkan tindakan terperinci ini dan mempertahankan kemampuan untuk melihat dan melaksanakan perjanjian, pengguna harus mengganti kebijakan yang ada yang berisi izin lama dengan kebijakan yang berisi izin berbutir halus.
Migrasikan izin untuk mengunduh perjanjian di tingkat akun
Kebijakan Warisan:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "artifact:DownloadAgreement" ], "Resource": [ "arn:aws:artifact::*:customer-agreement/*", "arn:aws:artifact:::agreement/*" ] } ] }
Kebijakan Baru dengan izin berbutir halus:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ListAgreementsActions", "Effect": "Allow", "Action": [ "artifact:ListAgreements", "artifact:ListCustomerAgreements" ], "Resource": "*" }, { "Sid": "GetAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetCustomerAgreement", "artifact:GetAgreement", "artifact:GetNdaForAgreement", "artifact:AcceptNdaForAgreement" ], "Resource": [ "arn:aws:artifact::*:customer-agreement/*", "arn:aws:artifact:::agreement/*" ] } ] }
Migrasi izin khusus non-sumber daya untuk mengunduh, menerima, dan mengakhiri perjanjian di tingkat akun
Kebijakan Warisan:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "artifact:AcceptAgreement", "artifact:DownloadAgreement", "artifact:TerminateAgreement" ], "Resource": [ "arn:aws:artifact::*:customer-agreement/*", "arn:aws:artifact:::agreement/*" ] } ] }
Kebijakan Baru dengan izin berbutir halus:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ListAgreementActions", "Effect": "Allow", "Action": [ "artifact:ListAgreements", "artifact:ListCustomerAgreements" ], "Resource": "*" }, { "Sid": "AWSAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetAgreement", "artifact:AcceptNdaForAgreement", "artifact:GetNdaForAgreement", "artifact:AcceptAgreement" ], "Resource": "arn:aws:artifact:::agreement/*" }, { "Sid": "CustomerAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetCustomerAgreement", "artifact:TerminateAgreement" ], "Resource": "arn:aws:artifact::*:customer-agreement/*" } ] }
Migrasi izin khusus non-sumber daya untuk mengunduh, menerima, dan mengakhiri perjanjian di tingkat Organisasi
Kebijakan Warisan:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "artifact:AcceptAgreement", "artifact:DownloadAgreement", "artifact:TerminateAgreement" ], "Resource": [ "arn:aws:artifact::*:customer-agreement/*", "arn:aws:artifact:::agreement/*" ] }, { "Effect": "Allow", "Action": "iam:ListRoles", "Resource": "arn:aws:iam:::role/*" }, { "Effect": "Allow", "Action": "iam:CreateServiceLinkedRole", "Resource": "arn:aws:iam:::role/aws-service-role/artifact.amazonaws.com/AWSServiceRoleForArtifact" }, { "Effect": "Allow", "Action": [ "organizations:DescribeOrganization", "organizations:EnableAWSServiceAccess", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization" ], "Resource": "*" } ] }
Kebijakan Baru dengan izin berbutir halus:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ListAgreementActions", "Effect": "Allow", "Action": [ "artifact:ListAgreements", "artifact:ListCustomerAgreements" ], "Resource": "*" }, { "Sid": "AWSAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetAgreement", "artifact:AcceptNdaForAgreement", "artifact:GetNdaForAgreement", "artifact:AcceptAgreement" ], "Resource": "arn:aws:artifact:::agreement/*" }, { "Sid": "CustomerAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetCustomerAgreement", "artifact:TerminateAgreement" ], "Resource": "arn:aws:artifact::*:customer-agreement/*" }, { "Sid": "CreateServiceLinkedRoleForOrganizationsIntegration", "Effect": "Allow", "Action": [ "iam:CreateServiceLinkedRole" ], "Resource": "arn:aws:iam::*:role/aws-service-role/artifact.amazonaws.com/AWSServiceRoleForArtifact", "Condition": { "StringEquals": { "iam:AWSServiceName": [ "artifact.amazonaws.com" ] } } }, { "Sid": "GetRoleToCheckForRoleExistence", "Effect": "Allow", "Action": [ "iam:GetRole" ], "Resource": "arn:aws:iam::*:role/aws-service-role/artifact.amazonaws.com/AWSServiceRoleForArtifact" }, { "Sid": "EnableServiceTrust", "Effect": "Allow", "Action": [ "organizations:EnableAWSServiceAccess", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganization" ], "Resource": "*" } ] }
Migrasi izin khusus sumber daya untuk mengunduh, menerima, dan mengakhiri perjanjian di tingkat akun
Kebijakan Warisan:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "artifact:AcceptAgreement", "artifact:DownloadAgreement" ], "Resource": [ "arn:aws:artifact:::agreement/AWS Business Associate Addendum" ] }, { "Effect": "Allow", "Action": [ "artifact:TerminateAgreement" ], "Resource": [ "arn:aws:artifact::*:customer-agreement/*" ] } ] }
Kebijakan Baru dengan izin berbutir halus:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ListAgreementActions", "Effect": "Allow", "Action": [ "artifact:ListAgreements", "artifact:ListCustomerAgreements" ], "Resource": "*" }, { "Sid": "AWSAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetAgreement", "artifact:AcceptNdaForAgreement", "artifact:GetNdaForAgreement", "artifact:AcceptAgreement" ], "Resource": "arn:aws:artifact:::agreement/agreement-9c1kBcYznTkcpRIm" }, { "Sid": "CustomerAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetCustomerAgreement", "artifact:TerminateAgreement" ], "Resource": "arn:aws:artifact::*:customer-agreement/*" } ] }
Migrasi izin khusus sumber daya untuk mengunduh, menerima, dan mengakhiri perjanjian di tingkat organisasi
Kebijakan Warisan:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "artifact:AcceptAgreement", "artifact:DownloadAgreement", "artifact:TerminateAgreement" ], "Resource": [ "arn:aws:artifact::*:customer-agreement/*", "arn:aws:artifact:::agreement/AWS Organizations Business Associate Addendum" ] }, { "Effect": "Allow", "Action": "iam:ListRoles", "Resource": "arn:aws:iam:::role/*" }, { "Effect": "Allow", "Action": "iam:CreateServiceLinkedRole", "Resource": "arn:aws:iam:::role/aws-service-role/artifact.amazonaws.com/AWSServiceRoleForArtifact" }, { "Effect": "Allow", "Action": [ "organizations:DescribeOrganization", "organizations:EnableAWSServiceAccess", "organizations:ListAccounts", "organizations:ListAWSServiceAccessForOrganization" ], "Resource": "*" } ] }
Kebijakan Baru dengan izin berbutir halus:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ListAgreementActions", "Effect": "Allow", "Action": [ "artifact:ListAgreements", "artifact:ListCustomerAgreements" ], "Resource": "*" }, { "Sid": "AWSAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetAgreement", "artifact:AcceptNdaForAgreement", "artifact:GetNdaForAgreement", "artifact:AcceptAgreement" ], "Resource": "arn:aws:artifact:::agreement/agreement-y03aUwMAEorHtqjv" }, { "Sid": "CustomerAgreementActions", "Effect": "Allow", "Action": [ "artifact:GetCustomerAgreement", "artifact:TerminateAgreement" ], "Resource": "arn:aws:artifact::*:customer-agreement/*" }, { "Sid": "CreateServiceLinkedRoleForOrganizationsIntegration", "Effect": "Allow", "Action": [ "iam:CreateServiceLinkedRole" ], "Resource": "arn:aws:iam::*:role/aws-service-role/artifact.amazonaws.com/AWSServiceRoleForArtifact", "Condition": { "StringEquals": { "iam:AWSServiceName": [ "artifact.amazonaws.com" ] } } }, { "Sid": "GetRoleToCheckForRoleExistence", "Effect": "Allow", "Action": [ "iam:GetRole" ], "Resource": "arn:aws:iam::*:role/aws-service-role/artifact.amazonaws.com/AWSServiceRoleForArtifact" }, { "Sid": "EnableServiceTrust", "Effect": "Allow", "Action": [ "organizations:EnableAWSServiceAccess", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganization" ], "Resource": "*" } ] }
Legacy to Fine-Grained Resource Mapping untuk Perjanjian
Perjanjian ARN telah diperbarui untuk izin berbutir halus. Referensi sebelumnya untuk sumber daya perjanjian lama harus diganti dengan yang baruARN. Di bawah ini adalah ARN pemetaan Perjanjian antara warisan ke sumber daya berbutir halus.
| Nama Perjanjian | Artifak ARN untuk izin Legacy | Artifak ARN untuk izin berbutir halus |
|---|---|---|
|
AWSAdendum Rekanan Bisnis |
arn:aws:artefak: ::perjanjian/Adendum Rekanan Bisnis AWS |
arn:aws:artefak: ::perjanjian/perjanjian-9c1 T kBcYzn kcpRIm |
|
AWSAdendum Pelanggaran Data yang Dapat Diberitahu Selandia Baru |
arn:aws:artefak: ::perjanjian/Adendum Pelanggaran Data yang Dapat Diberitahu Selandia Baru AWS |
arn:aws:artefak: ::perjanjian/perjanjian-3 YRq9rGUIu72r7Gt |
|
AWSAdendum Pelanggaran Data Australia yang Dapat Diberitahukan |
arn:aws:artefak: ::perjanjian/Adendum Pelanggaran Data yang Dapat Diberitahu AWS Australia |
arn:aws:artefak: ::perjanjian/perjanjian- 8 9 sbLSDe bitmAXNr |
|
AWSSECAturan 17a-4 Adendum |
arn:aws:artefak: ::perjanjian/Aturan 17a-4 Adendum AWS SEC |
arn:aws:artefak: ::perjanjian/perjanjian-bexgr7sjv XAW4Gxu |
|
AWSSECAturan 18a-6 Adendum |
arn:aws:artefak: ::perjanjian/Aturan 18a-6 Adendum AWS SEC |
arn:aws:artefak: ::perjanjian/perjanjian- HZTdNwJuqOKLReXC |
|
AWSOrganizations Business Associate Addendum |
arn:aws:artefact: ::agreement/ Organizations Business Associate Addendum AWS |
arn:aws:artefak: ::perjanjian/perjanjian-y03 aUw MAEorHtqjv |
|
AWSOrganizations Australian Notifiable Data Breach Addendum |
arn:aws:artefact: AWS ::agreement/ Organizations Australian Notifiable Data Breach Addendum |
arn:aws:artefak: ::perjanjian/perjanjian-y pDMFXTe PE7kEg4b |
|
AWSOrganizations New Zealand Notifiable Data Breach Addendum |
arn:aws:artefact: ::agreement/ AWS Organizations Adendum Pelanggaran Data yang Dapat Diberitahu Selandia Baru |
arn:aws:artefak: ::perjanjian/perjanjian- 3 V52 uojEjr vOnvrh |
