AWSBackupOperatorAccess - AWS Policy gestita

Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.

AWSBackupOperatorAccess

Descrizione: questa politica concede agli utenti le autorizzazioni per assegnare AWS risorse ai piani di backup, creare backup su richiesta e ripristinare i backup. Questa politica non consente all'utente di creare o modificare piani di backup o di eliminare i backup pianificati dopo la creazione.

AWSBackupOperatorAccessè una politica AWS gestita.

Utilizzo di questa politica

Puoi collegarti AWSBackupOperatorAccess ai tuoi utenti, gruppi e ruoli.

Dettagli della politica

  • Tipo: politica AWS gestita

  • Ora di creazione: 18 novembre 2019, 22:23 UTC

  • Ora modificata: 24 luglio 2024, 18:58 UTC

  • ARN: arn:aws:iam::aws:policy/AWSBackupOperatorAccess

Versione della politica

Versione della politica: v16 (predefinita)

La versione predefinita della politica è la versione che definisce le autorizzazioni per la politica. Quando un utente o un ruolo con la politica effettua una richiesta di accesso a una AWS risorsa, AWS controlla la versione predefinita della politica per determinare se consentire la richiesta.

JSONdocumento di policy

{ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "AwsBackupAllAccess", "Effect" : "Allow", "Action" : [ "backup:Get*", "backup:List*", "backup:Describe*", "backup:CreateBackupSelection", "backup:DeleteBackupSelection", "backup:StartBackupJob", "backup:StartRestoreJob", "backup:StartCopyJob" ], "Resource" : "*" }, { "Sid" : "RDSDescribeAccess", "Effect" : "Allow", "Action" : [ "rds:DescribeDBSnapshots", "rds:ListTagsForResource", "rds:DescribeDBInstances", "rds:describeDBEngineVersions", "rds:describeOptionGroups", "rds:describeOrderableDBInstanceOptions", "rds:describeDBSubnetGroups", "rds:DescribeDBClusterSnapshots", "rds:DescribeDBClusters", "rds:DescribeDBParameterGroups", "rds:DescribeDBClusterParameterGroups", "rds:DescribeDBInstanceAutomatedBackups", "rds:DescribeDBClusterAutomatedBackups" ], "Resource" : "*" }, { "Sid" : "DynamoDBAccess", "Effect" : "Allow", "Action" : [ "dynamodb:ListBackups", "dynamodb:ListTables" ], "Resource" : "*" }, { "Sid" : "EFSAccess", "Effect" : "Allow", "Action" : [ "elasticfilesystem:DescribeFilesystems" ], "Resource" : "arn:aws:elasticfilesystem:*:*:file-system/*" }, { "Sid" : "EC2Access", "Effect" : "Allow", "Action" : [ "ec2:DescribeSnapshots", "ec2:DescribeVolumes", "ec2:describeAvailabilityZones", "ec2:DescribeVpcs", "ec2:DescribeAccountAttributes", "ec2:DescribeSecurityGroups", "ec2:DescribeImages", "ec2:DescribeSubnets", "ec2:DescribePlacementGroups", "ec2:DescribeInstances", "ec2:DescribeInstanceTypes", "ec2:DescribeVpcEndpoints", "ec2:DescribeAddresses" ], "Resource" : "*" }, { "Sid" : "TagReadAccess", "Effect" : "Allow", "Action" : [ "tag:GetTagKeys", "tag:GetTagValues", "tag:GetResources" ], "Resource" : "*" }, { "Sid" : "StorageGatewaySCSIAccess", "Effect" : "Allow", "Action" : [ "storagegateway:DescribeCachediSCSIVolumes", "storagegateway:DescribeStorediSCSIVolumes" ], "Resource" : "arn:aws:storagegateway:*:*:gateway/*/volume/*" }, { "Sid" : "StorageGatewayReadAccess", "Effect" : "Allow", "Action" : [ "storagegateway:ListGateways" ], "Resource" : "arn:aws:storagegateway:*:*:*" }, { "Sid" : "StorageGatewayDiskReadAccess", "Effect" : "Allow", "Action" : [ "storagegateway:DescribeGatewayInformation", "storagegateway:ListLocalDisks" ], "Resource" : "arn:aws:storagegateway:*:*:gateway/*" }, { "Sid" : "StorageGatewayVolumeReadAccess", "Effect" : "Allow", "Action" : [ "storagegateway:ListVolumes" ], "Resource" : "*" }, { "Sid" : "IAMRoleAccess", "Effect" : "Allow", "Action" : [ "iam:ListRoles", "iam:GetRole" ], "Resource" : "*" }, { "Sid" : "PassRoleAccess", "Effect" : "Allow", "Action" : "iam:PassRole", "Resource" : [ "arn:aws:iam::*:role/*AwsBackup*", "arn:aws:iam::*:role/*AWSBackup*" ], "Condition" : { "StringLike" : { "iam:PassedToService" : "backup.amazonaws.com" } } }, { "Sid" : "OrganizationsAccess", "Effect" : "Allow", "Action" : "organizations:DescribeOrganization", "Resource" : "*" }, { "Sid" : "SSMReadAccess", "Effect" : "Allow", "Action" : [ "ssm:CancelCommand", "ssm:GetCommandInvocation" ], "Resource" : "*" }, { "Sid" : "SSMComandAccess", "Effect" : "Allow", "Action" : "ssm:SendCommand", "Resource" : [ "arn:aws:ssm:*:*:document/AWSEC2-CreateVssSnapshot", "arn:aws:ec2:*:*:instance/*" ] }, { "Sid" : "FSXDescribeAccess", "Effect" : "Allow", "Action" : "fsx:DescribeBackups", "Resource" : "arn:aws:fsx:*:*:backup/*" }, { "Sid" : "FSxFileAccess", "Effect" : "Allow", "Action" : "fsx:DescribeFileSystems", "Resource" : "arn:aws:fsx:*:*:file-system/*" }, { "Sid" : "FSxVolumeAccess", "Effect" : "Allow", "Action" : "fsx:DescribeVolumes", "Resource" : "arn:aws:fsx:*:*:volume/*/*" }, { "Sid" : "FSxMachineAccess", "Effect" : "Allow", "Action" : "fsx:DescribeStorageVirtualMachines", "Resource" : "arn:aws:fsx:*:*:storage-virtual-machine/*/*" }, { "Sid" : "DirectoryServiceAccess", "Effect" : "Allow", "Action" : "ds:DescribeDirectories", "Resource" : "*" }, { "Sid" : "BackupGatewayListAccess", "Effect" : "Allow", "Action" : [ "backup-gateway:ListGateways", "backup-gateway:ListHypervisors", "backup-gateway:ListTagsForResource", "backup-gateway:ListVirtualMachines" ], "Resource" : "*" }, { "Sid" : "BackupGatewayHypervisorAccess", "Effect" : "Allow", "Action" : [ "backup-gateway:GetHypervisor", "backup-gateway:GetHypervisorPropertyMappings" ], "Resource" : "arn:aws:backup-gateway:*:*:hypervisor/*" }, { "Sid" : "BackupGatewayMachineAccess", "Effect" : "Allow", "Action" : [ "backup-gateway:GetVirtualMachine" ], "Resource" : "arn:aws:backup-gateway:*:*:vm/*" }, { "Sid" : "BackupGatewayAccess", "Effect" : "Allow", "Action" : [ "backup-gateway:GetBandwidthRateLimitSchedule", "backup-gateway:GetGateway" ], "Resource" : "arn:aws:backup-gateway:*:*:gateway/*" }, { "Sid" : "CloudWatchAccess", "Effect" : "Allow", "Action" : "cloudwatch:GetMetricData", "Resource" : "*" }, { "Sid" : "TimestreamListAccess", "Effect" : "Allow", "Action" : [ "timestream:ListDatabases", "timestream:ListTables" ], "Resource" : [ "arn:aws:timestream:*:*:database/*" ] }, { "Sid" : "TimestreamDescribeAccess", "Effect" : "Allow", "Action" : [ "timestream:DescribeEndpoints" ], "Resource" : "*" }, { "Sid" : "S3ListAccess", "Effect" : "Allow", "Action" : [ "s3:ListAllMyBuckets" ], "Resource" : "arn:aws:s3:::*" }, { "Sid" : "RedshiftAccess", "Effect" : "Allow", "Action" : [ "redshift:DescribeClusters", "redshift:DescribeClusterSubnetGroups", "redshift:DescribeClusterSnapshots", "redshift:DescribeSnapshotSchedules" ], "Resource" : [ "arn:aws:redshift:*:*:cluster:*", "arn:aws:redshift:*:*:subnetgroup:*", "arn:aws:redshift:*:*:snapshot:*/*", "arn:aws:redshift:*:*:snapshotschedule:*" ] }, { "Sid" : "RedshiftOptionsAccess", "Effect" : "Allow", "Action" : [ "redshift:DescribeNodeConfigurationOptions", "redshift:DescribeOrderableClusterOptions", "redshift:DescribeClusterParameterGroups", "redshift:DescribeClusterTracks" ], "Resource" : "*" }, { "Sid" : "CloudFormationAccess", "Effect" : "Allow", "Action" : [ "cloudformation:ListStacks" ], "Resource" : [ "arn:aws:cloudformation:*:*:stack/*" ] }, { "Sid" : "SAPAccess", "Effect" : "Allow", "Action" : [ "ssm-sap:GetOperation", "ssm-sap:ListDatabases" ], "Resource" : "*" }, { "Sid" : "SAPDatabaseAccess", "Effect" : "Allow", "Action" : [ "ssm-sap:GetDatabase", "ssm-sap:ListTagsForResource" ], "Resource" : "arn:aws:ssm-sap:*:*:*" }, { "Sid" : "RAMAccess", "Effect" : "Allow", "Action" : [ "ram:GetResourceShareAssociations" ], "Resource" : "*" } ] }

Ulteriori informazioni