本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
AmazonS3FilesFullAccess
描述:通过提供对所有 S3 文件的完全访问权限 AWS 管理控制台。
AmazonS3FilesFullAccess 是一项 AWS 托管式策略。
使用此策略
您可以将 AmazonS3FilesFullAccess 附加到您的用户、组和角色。
策略详细信息
-
类型: AWS 托管策略
-
创建时间:世界标准时间 2026 年 4 月 7 日 12:42
-
编辑时间:世界标准时间 2026 年 4 月 7 日 12:42
-
ARN:
arn:aws:iam::aws:policy/AmazonS3FilesFullAccess
策略版本
策略版本:v1(默认)
此策略的默认版本是定义策略权限的版本。当使用该策略的用户或角色请求访问 AWS 资源时, AWS 会检查策略的默认版本以确定是否允许该请求。
JSON 策略文档
{ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "S3FilesPermissions", "Effect" : "Allow", "Action" : "s3files:*", "Resource" : "*" }, { "Sid" : "EC2NetworkingPermissions", "Effect" : "Allow", "Action" : [ "ec2:DescribeSubnets", "ec2:DescribeNetworkInterfaces", "ec2:DescribeNetworkInterfaceAttribute", "ec2:CreateNetworkInterface", "ec2:DeleteNetworkInterface", "ec2:ModifyNetworkInterfaceAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeVpcs", "ec2:DescribeAvailabilityZones" ], "Resource" : "*" }, { "Sid" : "S3BucketPermissions", "Effect" : "Allow", "Action" : [ "s3:GetBucketNotification", "s3:PutBucketNotification" ], "Resource" : "arn:aws:s3:::*" }, { "Sid" : "EventBridgeManage", "Effect" : "Allow", "Action" : [ "events:DeleteRule", "events:PutRule", "events:PutTargets", "events:RemoveTargets" ], "Condition" : { "StringEquals" : { "events:ManagedBy" : "elasticfilesystem.amazonaws.com" } }, "Resource" : [ "arn:aws:events:*:*:rule/DO-NOT-DELETE-S3-Files*" ] }, { "Sid" : "EventBridgeRead", "Effect" : "Allow", "Action" : [ "events:DescribeRule", "events:ListRules", "events:ListTargetsByRule" ], "Resource" : [ "arn:aws:events:*:*:rule/*" ] }, { "Sid" : "IAMPassRoleForS3Files", "Effect" : "Allow", "Action" : "iam:PassRole", "Resource" : "arn:aws:iam::*:role/*", "Condition" : { "StringEquals" : { "iam:PassedToService" : "elasticfilesystem.amazonaws.com" } } } ] }
了解详情
