翻訳は機械翻訳により提供されています。提供された翻訳内容と英語版の間で齟齬、不一致または矛盾がある場合、英語版が優先します。
通話分析のリソースアクセスロールを使用する
通話アカウントでは、メディアインサイトパイプライン設定で使用するリソースアクセスロールを作成する必要があります。クロスアカウントロールは、使用できません。
通話分析の設定で有効にする機能によっては、追加のリソースポリシーを使用する必要があります。詳細については、次のセクションを展開してください。
このロールには少なくとも次のポリシーが必要です。
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": [ "transcribe:StartCallAnalyticsStreamTranscription", "transcribe:StartStreamTranscription" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetMedia" ], "Resource": "arn:aws:kinesisvideo:
us-east-1
:111122223333
:stream/Chime*" }, { "Effect": "Allow", "Action": [ "kinesisvideo:GetDataEndpoint", "kinesisvideo:GetMedia" ], "Resource": "arn:aws:kinesisvideo:us-east-1
:111122223333
:stream/*", "Condition": { "StringLike": { "aws:ResourceTag/AWSServiceName": "ChimeSDK" } } }, { "Effect": "Allow", "Action": ["kms:Decrypt"], "Resource": "arn:aws:kms:us-east-1
:111122223333
:key/*", "Condition": { "StringLike": { "aws:ResourceTag/AWSServiceName": "ChimeSDK" } } } ] }
次の信頼ポリシーも使用する必要があります。
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "mediapipelines.chime.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "aws:SourceAccount": "
111122223333
" }, "ArnLike": { "aws:SourceARN": "arn:aws:chime:*:111122223333
:*" } } } ] }
KinesisDataStreamSink
を使用する場合は、次のポリシーを追加します。
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": [ "kinesis:PutRecord" ], "Resource": [ "arn:aws:kinesis:
us-east-1
:111122223333
:stream/output_stream_name
" ] }, { "Effect": "Allow", "Action": [ "kms:GenerateDataKey" ], "Resource": [ "arn:aws:kms:us-east-1
:111122223333
:key/*" ], "Condition": { "StringLike": { "aws:ResourceTag/AWSServiceName": "ChimeSDK" } } } ] }
S3RecordingSink
を使用する場合は、次のポリシーを追加します。
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": [ "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectTagging", ], "Resource": [ "arn:aws:s3:::
input_bucket_path
/*" ] }, { "Effect": "Allow", "Action": [ "kinesisvideo:GetDataEndpoint", "kinesisvideo:ListFragments", "kinesisvideo:GetMediaForFragmentList" ], "Resource": [ "arn:aws:kinesisvideo:us-east-1
:111122223333
:stream/*" ], "Condition": { "StringLike": { "aws:ResourceTag/AWSServiceName": "ChimeSDK" } } }, { "Effect": "Allow", "Action": [ "kinesisvideo:ListFragments", "kinesisvideo:GetMediaForFragmentList" ], "Resource": [ "arn:aws:kinesisvideo:us-east-1
:111122223333
:stream/Chime*" ] }, { "Effect": "Allow", "Action": [ "kms:GenerateDataKey" ], "Resource": [ "arn:aws:kms:us-east-1
:111122223333
:key/*" ], "Condition": { "StringLike": { "aws:ResourceTag/AWSServiceName": "ChimeSDK" } } } ] }
AmazonTranscribeCallAnalyticsProcessor
の通話後分析機能を使用する場合は、次のポリシーを追加します。
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": [ "arn:aws:iam::
111122223333
:role/transcribe_role_name
" ], "Condition": { "StringEquals": { "iam:PassedToService": "transcribe.streaming.amazonaws.com" } } } ] }
VoiceEnhancementSinkConfiguration
の要素を使用する場合は、次のポリシーを追加します。
{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "s3:GetObject", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectTagging" ], "Resource":[ "arn:aws:s3:::
input_bucket_path
/*" ] }, { "Effect":"Allow", "Action":[ "kinesisvideo:GetDataEndpoint", "kinesisvideo:ListFragments", "kinesisvideo:GetMediaForFragmentList" ], "Resource":[ "arn:aws:kinesisvideo:us-east-1
:111122223333
:stream/*" ], "Condition":{ "StringLike":{ "aws:ResourceTag/AWSServiceName":"ChimeSDK" } } }, { "Effect":"Allow", "Action":[ "kinesisvideo:ListFragments", "kinesisvideo:GetMediaForFragmentList" ], "Resource":[ "arn:aws:kinesisvideo:us-east-1
:111122223333
:stream/Chime*" ] }, { "Effect":"Allow", "Action":[ "kms:GenerateDataKey" ], "Resource":[ "arn:aws:kms:us-east-1
:111122223333
:key/*" ], "Condition":{ "StringLike":{ "aws:ResourceTag/AWSServiceName":"ChimeSDK" } } } ] }
VoiceAnalyticsProcessor
を使用する場合は、定義したシンクに応じて、LambdaFunctionSink
、SqsQueueSink
、SnsTopicSink
のポリシーを追加してください。
LambdaFunctionSink
ポリシー:{ "Version": "2012-10-17", "Statement": [ { "Action": [ "lambda:InvokeFunction", "lambda:GetPolicy" ], "Resource": [ "arn:aws:lambda:
us-east-1
:111122223333
:function
:function_name
" ], "Effect": "Allow" } ] }SqsQueueSink
ポリシー{ "Version": "2012-10-17", "Statement": [ { "Action": [ "sqs:SendMessage", "sqs:GetQueueAttributes" ], "Resource": [ "arn:aws:sqs:
us-east-1
:111122223333
:queue_name
" ], "Effect": "Allow" }, { "Effect": "Allow", "Action": ["kms:GenerateDataKey", "kms:Decrypt"], "Resource": "arn:aws:kms:us-east-1
:111122223333
:key/*", "Condition": { "StringLike": { "aws:ResourceTag/AWSServiceName": "ChimeSDK" } } } ] }SnsTopicSink
ポリシー:{ "Version": "2012-10-17", "Statement": [ { "Action": [ "sns:Publish", "sns:GetTopicAttributes" ], "Resource": [ "arn:aws:sns:
us-east-1
:111122223333
:topic_name
" ], "Effect": "Allow" }, { "Effect": "Allow", "Action": ["kms:GenerateDataKey", "kms:Decrypt"], "Resource": "arn:aws:kms:us-east-1
:111122223333
:key/*", "Condition": { "StringLike": { "aws:ResourceTag/AWSServiceName": "ChimeSDK" } } } ] }