AWS Mainframe Modernization Service(관리형 런타임 환경 환경 환경)는 더 이상 신규 고객에게 공개되지 않습니다. AWS Mainframe Modernization Service(관리형 런타임 환경 환경)와 유사한 기능은 AWS Mainframe Modernization Service(자체 관리형 환경)를 참조하세요. 기존 고객은 정상적으로 서비스를 계속 이용할 수 있습니다. 자세한 내용은 [AWS Mainframe Modernization 가용성 변경을](https://docs.aws.amazon.com/m2/latest/userguide/mainframe-modernization-availability-change.html) 참조하세요.

기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다.

# AWS 메인프레임 현대화 API 권한: 작업, 리소스 및 조건 참조
<a name="UsingWithM2_IAM_ResourcePermissions"></a>

아래에 있는 표를 참조하여 IAM 자격 증명에 연결할 수 있는 권한 정책(자격 증명 기반 정책)을 작성할 수 있습니다. 표에는 다음이 포함됩니다.
+ 각 AWS Mainframe Modernization API 작업.
+ 작업을 수행할 수 있는 권한을 부여할 수 있는 해당 작업.
+ 권한을 부여할 수 있는 AWS 리소스입니다.

 정책의 `Action` 필드에서 작업을 지정하고 정책의 `Resource` 필드에서 리소스 값을 지정합니다.

 AWS 메인프레임 현대화 정책에서 AWS 전역 조건 키를 사용하여 조건을 표시할 수 있습니다. AWS 키의 전체 목록은 *IAM 사용 설명서*의 [사용 가능한 전역 조건 키를 참조하세요](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#AvailableKeys).

**참고**  
작업을 지정하려면 `m2:` 접두사 다음에 API 작업 명칭을 사용합니다(예: `m2:CreateApplication`).


**AWS 메인프레임 현대화 API 및 작업에 필요한 권한**  

| AWS 메인프레임 현대화 API 작업 | 필요한 권한(API 작업) | 리소스 | 
| --- | --- | --- | 
|  [CancelBatchJobExecution](https://docs.aws.amazon.com/m2/latest/APIReference/API_CancelBatchJobExecution.html)  |  | 애플리케이션 | 
| [CreateApplication](https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateApplication.html)  | `iam:PassRole`<br />`kms:DescribeKey`<br />`kms:CreateGrant`<br />`s3:GetObject`<br />`s3:ListBucket ` | 애플리케이션 | 
| [CreateDataSetImportTask](https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateDataSetImportTask.html)  | `s3:GetObject` | 애플리케이션 | 
| [CreateDataSetExportTask](https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateDataSetExportTask.html) | `kms:DescribeKey`<br />`s3:PutObject` | 애플리케이션 | 
| [CreateDeployment](https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateDeployment.html)  | `elasticloadbalancing:AddTags`<br />`elasticloadbalancing:CreateListener`<br />`elasticloadbalancing:CreateTargetGroup`<br />`elasticloadbalancing:RegisterTargets`<br />`elasticloadbalancing:DeleteListener`<br />`elasticloadbalancing:DeleteTargetGroup`<br />`elasticloadbalancing:DeregisterTargets`<br />`elasticloadbalancing:DeleteLoadBalancer`<br />`logs:CreateLogDelivery`<br />`logs:GetLogDelivery`<br />`logs:UpdateLogDelivery`<br />`logs:DeleteLogDelivery`<br />`logs:ListLogDeliveries`<br />`logs:PutResourcePolicy`<br />`logs:DescribeResourcePolicies`<br />`logs:DescribeLogGroups` | 애플리케이션 | 
|  [CreateEnvironment](https://docs.aws.amazon.com/m2/latest/APIReference/API_CreateEnvironment.html)  | `ec2:CreateNetworkInterface`<br />`ec2:CreateNetworkInterfacePermission`<br />`ec2:DescribeNetworkInterfaces`<br />`ec2:DescribeSecurityGroups`<br />`ec2:DescribeSubnets`<br />`ec2:DescribeVpcAttribute`<br />`ec2:DescribeVpcs`<br />`ec2:ModifyNetworkInterfaceAttribute`<br />`elasticfilesystem:DescribeMountTargets`<br />`elasticloadbalancing:AddTags`<br />`elasticloadbalancing:CreateLoadBalancer`<br />`elasticloadbalancing:DeleteLoadBalancer`<br />`kms:DescribeKey`<br />`kms:CreateGrant`<br />`fsx:DescribeFileSystems`<br />`iam:CreateServiceLinkedRole` | 환경 | 
|  [DeleteApplication](https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteApplication.html)  | `elasticloadbalancing:DeleteListener`<br />`elasticloadbalancing:DeleteTargetGroup`<br />`logs:DeleteLogDelivery` | 애플리케이션 | 
|  [DeleteApplicationFromEnvironment](https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteApplicationFromEnvironment.html)  | `elasticloadbalancing:DeleteListener`<br />`elasticloadbalancing:DeleteTargetGroup` | 애플리케이션<br />환경 | 
|  [DeleteEnvironment](https://docs.aws.amazon.com/m2/latest/APIReference/API_DeleteEnvironment.html)  | `elasticloadbalancing:DeleteLoadBalancer` | 환경 | 
|  [GetApplication](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetApplication.html)  |   | 애플리케이션 | 
| [GetApplicationVersion](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetApplicationVersion.html)  |  | 애플리케이션 | 
|  [GetBatchJobExecution](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetBatchJobExecution.html)  |   | 애플리케이션 | 
|  [GetDataSetDetails](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDataSetDetails.html)  |   | 애플리케이션 | 
|  [GetDataSetImportTask](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDataSetImportTask.html)  |   | 애플리케이션 | 
| [GetDataSetExportTask](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDataSetExportTask.html) |  | 애플리케이션 | 
|  [GetDeployment](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetDeployment.html)  |   | 애플리케이션 | 
|  [GetEnvironment](https://docs.aws.amazon.com/m2/latest/APIReference/API_GetEnvironment.html)  |   | 환경 | 
| [ListApplications](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListApplications.html)  |  | \* | 
|  [ListApplicationVersions](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListApplicationVersions.html)  |   | \* | 
|  [ListBatchJobDefinitions](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListBatchJobDefinitions.html)  |   | \* | 
|  [ListBatchJobExecutions](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListBatchJobExecutions.html)  | `` | \* | 
|  [ListDataSetImportHistory](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDataSetImportHistory.html)  |   | \* | 
| [ListDataSetExportHistory](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDataSetExportHistory.html) |  | \* | 
|  [ListDataSets](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDataSets.html)  |   | \* | 
| [ListDeployments](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListDeployments.html)  |  | \* | 
|  [ListEngineVersions](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListEngineVersions.html)  |   | \* | 
| [ListEnvironments](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListEnvironments.html)  |  | \* | 
|  [ListTagsForResource](https://docs.aws.amazon.com/m2/latest/APIReference/API_ListTagsForResource.html)  |  | \* | 
|  [StartApplication](https://docs.aws.amazon.com/m2/latest/APIReference/API_StartApplication.html)  |  | 애플리케이션 | 
|  [StartBatchJob](https://docs.aws.amazon.com/m2/latest/APIReference/API_StartBatchJob.html)  |   | 애플리케이션 | 
|  [StopApplication](https://docs.aws.amazon.com/m2/latest/APIReference/API_StopApplication.html)  |   | 애플리케이션 | 
|  [TagResource](https://docs.aws.amazon.com/m2/latest/APIReference/API_TagResource.html)  |   | \* | 
|  [UntagResource](https://docs.aws.amazon.com/m2/latest/APIReference/API_UntagResource.html)  |   | \* | 
|  [UpdateApplication](https://docs.aws.amazon.com/m2/latest/APIReference/API_UpdateApplication.html)  | `s3:GetObject`<br />`s3:ListBucket` | 애플리케이션 | 
|  [UpdateEnvironment](https://docs.aws.amazon.com/m2/latest/APIReference/API_UpdateEnvironment.html)  | `kms:DescribeKey` | 환경 |