Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.
AWSBackupOperatorAccess
Descrizione: questa politica concede agli utenti le autorizzazioni per assegnare AWS risorse ai piani di backup, creare backup su richiesta e ripristinare i backup. Questa politica non consente all'utente di creare o modificare piani di backup o di eliminare i backup pianificati dopo la creazione.
AWSBackupOperatorAccessè una politica AWS gestita.
Utilizzo di questa politica
Puoi collegarti AWSBackupOperatorAccess ai tuoi utenti, gruppi e ruoli.
Dettagli della politica
-
Tipo: politica AWS gestita
-
Ora di creazione: 18 novembre 2019, 22:23 UTC
-
Ora modificata: 24 luglio 2024, 18:58 UTC
-
ARN:
arn:aws:iam::aws:policy/AWSBackupOperatorAccess
Versione della politica
Versione della politica: v16 (predefinita)
La versione predefinita della politica è la versione che definisce le autorizzazioni per la politica. Quando un utente o un ruolo con la politica effettua una richiesta di accesso a una AWS risorsa, AWS controlla la versione predefinita della politica per determinare se consentire la richiesta.
JSONdocumento di policy
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "AwsBackupAllAccess",
"Effect" : "Allow",
"Action" : [
"backup:Get*",
"backup:List*",
"backup:Describe*",
"backup:CreateBackupSelection",
"backup:DeleteBackupSelection",
"backup:StartBackupJob",
"backup:StartRestoreJob",
"backup:StartCopyJob"
],
"Resource" : "*"
},
{
"Sid" : "RDSDescribeAccess",
"Effect" : "Allow",
"Action" : [
"rds:DescribeDBSnapshots",
"rds:ListTagsForResource",
"rds:DescribeDBInstances",
"rds:describeDBEngineVersions",
"rds:describeOptionGroups",
"rds:describeOrderableDBInstanceOptions",
"rds:describeDBSubnetGroups",
"rds:DescribeDBClusterSnapshots",
"rds:DescribeDBClusters",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBClusterParameterGroups",
"rds:DescribeDBInstanceAutomatedBackups",
"rds:DescribeDBClusterAutomatedBackups"
],
"Resource" : "*"
},
{
"Sid" : "DynamoDBAccess",
"Effect" : "Allow",
"Action" : [
"dynamodb:ListBackups",
"dynamodb:ListTables"
],
"Resource" : "*"
},
{
"Sid" : "EFSAccess",
"Effect" : "Allow",
"Action" : [
"elasticfilesystem:DescribeFilesystems"
],
"Resource" : "arn:aws:elasticfilesystem:*:*:file-system/*"
},
{
"Sid" : "EC2Access",
"Effect" : "Allow",
"Action" : [
"ec2:DescribeSnapshots",
"ec2:DescribeVolumes",
"ec2:describeAvailabilityZones",
"ec2:DescribeVpcs",
"ec2:DescribeAccountAttributes",
"ec2:DescribeSecurityGroups",
"ec2:DescribeImages",
"ec2:DescribeSubnets",
"ec2:DescribePlacementGroups",
"ec2:DescribeInstances",
"ec2:DescribeInstanceTypes",
"ec2:DescribeVpcEndpoints",
"ec2:DescribeAddresses"
],
"Resource" : "*"
},
{
"Sid" : "TagReadAccess",
"Effect" : "Allow",
"Action" : [
"tag:GetTagKeys",
"tag:GetTagValues",
"tag:GetResources"
],
"Resource" : "*"
},
{
"Sid" : "StorageGatewaySCSIAccess",
"Effect" : "Allow",
"Action" : [
"storagegateway:DescribeCachediSCSIVolumes",
"storagegateway:DescribeStorediSCSIVolumes"
],
"Resource" : "arn:aws:storagegateway:*:*:gateway/*/volume/*"
},
{
"Sid" : "StorageGatewayReadAccess",
"Effect" : "Allow",
"Action" : [
"storagegateway:ListGateways"
],
"Resource" : "arn:aws:storagegateway:*:*:*"
},
{
"Sid" : "StorageGatewayDiskReadAccess",
"Effect" : "Allow",
"Action" : [
"storagegateway:DescribeGatewayInformation",
"storagegateway:ListLocalDisks"
],
"Resource" : "arn:aws:storagegateway:*:*:gateway/*"
},
{
"Sid" : "StorageGatewayVolumeReadAccess",
"Effect" : "Allow",
"Action" : [
"storagegateway:ListVolumes"
],
"Resource" : "*"
},
{
"Sid" : "IAMRoleAccess",
"Effect" : "Allow",
"Action" : [
"iam:ListRoles",
"iam:GetRole"
],
"Resource" : "*"
},
{
"Sid" : "PassRoleAccess",
"Effect" : "Allow",
"Action" : "iam:PassRole",
"Resource" : [
"arn:aws:iam::*:role/*AwsBackup*",
"arn:aws:iam::*:role/*AWSBackup*"
],
"Condition" : {
"StringLike" : {
"iam:PassedToService" : "backup.amazonaws.com"
}
}
},
{
"Sid" : "OrganizationsAccess",
"Effect" : "Allow",
"Action" : "organizations:DescribeOrganization",
"Resource" : "*"
},
{
"Sid" : "SSMReadAccess",
"Effect" : "Allow",
"Action" : [
"ssm:CancelCommand",
"ssm:GetCommandInvocation"
],
"Resource" : "*"
},
{
"Sid" : "SSMComandAccess",
"Effect" : "Allow",
"Action" : "ssm:SendCommand",
"Resource" : [
"arn:aws:ssm:*:*:document/AWSEC2-CreateVssSnapshot",
"arn:aws:ec2:*:*:instance/*"
]
},
{
"Sid" : "FSXDescribeAccess",
"Effect" : "Allow",
"Action" : "fsx:DescribeBackups",
"Resource" : "arn:aws:fsx:*:*:backup/*"
},
{
"Sid" : "FSxFileAccess",
"Effect" : "Allow",
"Action" : "fsx:DescribeFileSystems",
"Resource" : "arn:aws:fsx:*:*:file-system/*"
},
{
"Sid" : "FSxVolumeAccess",
"Effect" : "Allow",
"Action" : "fsx:DescribeVolumes",
"Resource" : "arn:aws:fsx:*:*:volume/*/*"
},
{
"Sid" : "FSxMachineAccess",
"Effect" : "Allow",
"Action" : "fsx:DescribeStorageVirtualMachines",
"Resource" : "arn:aws:fsx:*:*:storage-virtual-machine/*/*"
},
{
"Sid" : "DirectoryServiceAccess",
"Effect" : "Allow",
"Action" : "ds:DescribeDirectories",
"Resource" : "*"
},
{
"Sid" : "BackupGatewayListAccess",
"Effect" : "Allow",
"Action" : [
"backup-gateway:ListGateways",
"backup-gateway:ListHypervisors",
"backup-gateway:ListTagsForResource",
"backup-gateway:ListVirtualMachines"
],
"Resource" : "*"
},
{
"Sid" : "BackupGatewayHypervisorAccess",
"Effect" : "Allow",
"Action" : [
"backup-gateway:GetHypervisor",
"backup-gateway:GetHypervisorPropertyMappings"
],
"Resource" : "arn:aws:backup-gateway:*:*:hypervisor/*"
},
{
"Sid" : "BackupGatewayMachineAccess",
"Effect" : "Allow",
"Action" : [
"backup-gateway:GetVirtualMachine"
],
"Resource" : "arn:aws:backup-gateway:*:*:vm/*"
},
{
"Sid" : "BackupGatewayAccess",
"Effect" : "Allow",
"Action" : [
"backup-gateway:GetBandwidthRateLimitSchedule",
"backup-gateway:GetGateway"
],
"Resource" : "arn:aws:backup-gateway:*:*:gateway/*"
},
{
"Sid" : "CloudWatchAccess",
"Effect" : "Allow",
"Action" : "cloudwatch:GetMetricData",
"Resource" : "*"
},
{
"Sid" : "TimestreamListAccess",
"Effect" : "Allow",
"Action" : [
"timestream:ListDatabases",
"timestream:ListTables"
],
"Resource" : [
"arn:aws:timestream:*:*:database/*"
]
},
{
"Sid" : "TimestreamDescribeAccess",
"Effect" : "Allow",
"Action" : [
"timestream:DescribeEndpoints"
],
"Resource" : "*"
},
{
"Sid" : "S3ListAccess",
"Effect" : "Allow",
"Action" : [
"s3:ListAllMyBuckets"
],
"Resource" : "arn:aws:s3:::*"
},
{
"Sid" : "RedshiftAccess",
"Effect" : "Allow",
"Action" : [
"redshift:DescribeClusters",
"redshift:DescribeClusterSubnetGroups",
"redshift:DescribeClusterSnapshots",
"redshift:DescribeSnapshotSchedules"
],
"Resource" : [
"arn:aws:redshift:*:*:cluster:*",
"arn:aws:redshift:*:*:subnetgroup:*",
"arn:aws:redshift:*:*:snapshot:*/*",
"arn:aws:redshift:*:*:snapshotschedule:*"
]
},
{
"Sid" : "RedshiftOptionsAccess",
"Effect" : "Allow",
"Action" : [
"redshift:DescribeNodeConfigurationOptions",
"redshift:DescribeOrderableClusterOptions",
"redshift:DescribeClusterParameterGroups",
"redshift:DescribeClusterTracks"
],
"Resource" : "*"
},
{
"Sid" : "CloudFormationAccess",
"Effect" : "Allow",
"Action" : [
"cloudformation:ListStacks"
],
"Resource" : [
"arn:aws:cloudformation:*:*:stack/*"
]
},
{
"Sid" : "SAPAccess",
"Effect" : "Allow",
"Action" : [
"ssm-sap:GetOperation",
"ssm-sap:ListDatabases"
],
"Resource" : "*"
},
{
"Sid" : "SAPDatabaseAccess",
"Effect" : "Allow",
"Action" : [
"ssm-sap:GetDatabase",
"ssm-sap:ListTagsForResource"
],
"Resource" : "arn:aws:ssm-sap:*:*:*"
},
{
"Sid" : "RAMAccess",
"Effect" : "Allow",
"Action" : [
"ram:GetResourceShareAssociations"
],
"Resource" : "*"
}
]
}Ulteriori informazioni
