查看 Amazon ECS 服务部署所需的权限
当您遵循授予最低权限的最佳实践时,需要添加额外的权限,以便在控制台中查看服务部署。
您需要执行以下操作的权限:
ListServiceDeployments
DescribeServiceDeployments
DescribeServiceRevisions
您需要访问以下资源的权限:
服务
服务部署
服务修订
以下示例策略包含所需的权限,并将操作限制到特定服务。
将 account
、cluster-name
和 service-name
替换为您的值。
{ "Statement": [ { "Effect": "Allow", "Action": [ "ecs:ListServiceDeployments", "ecs:DescribeServiceDeployments", "ecs:DescribeServiceRevisions" ], "Resource": [ "arn:aws:ecs:us-east-1:123456789012:service/cluster-name/service-name", "arn:aws:ecs:us-east-1:123456789012:service-deployment/cluster-name/service-name/*", "arn:aws:ecs:us-east-1:123456789012:service-revision/cluster-name/service-name/*" ] } ] }