本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
AWSAWS Marketplace 卖家托管政策
AWS 托管策略是由创建和管理的独立策略 AWS。 AWS 托管策略旨在为许多常见用例提供权限,以便您可以开始为用户、组和角色分配权限。
请记住, AWS 托管策略可能不会为您的特定用例授予最低权限权限,因为它们可供所有 AWS 客户使用。我们建议通过定义特定于您的使用场景的客户托管式策略来进一步减少权限。
您无法更改 AWS 托管策略中定义的权限。如果 AWS 更新 AWS 托管策略中定义的权限,则更新会影响该策略所关联的所有委托人身份(用户、组和角色)。 AWS 当新服务启动或现有服务 AWS 服务 有新API操作可用时,最有可能更新 AWS 托管策略。
有关更多信息,请参阅《IAM用户指南》中的AWS 托管策略。
本部分列出了用于管理卖家对 AWS Marketplace的访问的每项策略。有关买家政策的信息,请参阅《买家指南》中的 AWS Marketplace AWS Marketplace 买家AWS 托管政策。
主题
- AWS 托管策略:AWSMarketplaceAmiIngestion
- AWS 托管策略:AWSMarketplaceFullAccess
- AWS 托管策略:AWSMarketplaceGetEntitlements
- AWS 托管策略:AWSMarketplaceMeteringFullAccess
- AWS 托管策略:AWSMarketplaceMeteringRegisterUsage
- AWS 托管策略:AWSMarketplaceSellerFullAccess
- AWS 托管策略:AWSMarketplaceSellerProductsFullAccess
- AWS 托管策略:AWSMarketplaceSellerProductsReadOnly
- AWS 托管策略:AWSVendorInsightsVendorFullAccess
- AWS 托管策略:AWSVendorInsightsVendorReadOnly
- AWS MarketplaceAWS 托管策略的更新
AWS 托管策略:AWSMarketplaceAmiIngestion
您可以使用此策略创建服务角色,然后使用该角色代表您执行操作。 AWS Marketplace 有关使用 AWSMarketplaceAmiIngestion 的更多信息,请参阅允许 AWS Marketplace 访问您的 AMI。
此政策用于向贡献者授予权限, AWS Marketplace 允许他们复制您的 Amazon 系统映像 (AMIs) 以便在上架它们 AWS Marketplace。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "ec2:ModifySnapshotAttribute" ], "Effect": "Allow", "Resource": "arn:aws:ec2:us-east-1::snapshot/snap-*" }, { "Action": [ "ec2:DescribeImageAttribute", "ec2:DescribeImages", "ec2:DescribeSnapshotAttribute", "ec2:ModifyImageAttribute" ], "Effect": "Allow", "Resource": "*" } ] }
AWS 托管策略:AWSMarketplaceFullAccess
您可以将该AWSMarketplaceFullAccess策略附加到您的IAM身份。
该政策授予管理权限,允许卖家 AWS Marketplace 和买家完全访问和相关服务。这些权限包括以下能力:
-
订阅和取消订阅 AWS Marketplace 软件。
-
从中管理 AWS Marketplace 软件实例 AWS Marketplace。
-
在您的账户中创建和管理 Private Marketplace。
-
提供对亚马逊和亚马逊 S EC2 EC2 ystem AWS CloudFormation s Manager 的访问权限。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "aws-marketplace:*", "cloudformation:CreateStack", "cloudformation:DescribeStackResource", "cloudformation:DescribeStackResources", "cloudformation:DescribeStacks", "cloudformation:List*", "ec2:AuthorizeSecurityGroupEgress", "ec2:AuthorizeSecurityGroupIngress", "ec2:CreateSecurityGroup", "ec2:CreateTags", "ec2:DescribeAccountAttributes", "ec2:DescribeAddresses", "ec2:DeleteSecurityGroup", "ec2:DescribeImages", "ec2:DescribeInstances", "ec2:DescribeKeyPairs", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeTags", "ec2:DescribeVpcs", "ec2:RunInstances", "ec2:StartInstances", "ec2:StopInstances", "ec2:TerminateInstances" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "ec2:CopyImage", "ec2:DeregisterImage", "ec2:DescribeSnapshots", "ec2:DeleteSnapshot", "ec2:CreateImage", "ec2:DescribeInstanceStatus", "ssm:GetAutomationExecution", "ssm:UpdateDocumentDefaultVersion", "ssm:CreateDocument", "ssm:StartAutomationExecution", "ssm:ListDocuments", "ssm:UpdateDocument", "ssm:DescribeDocument", "sns:ListTopics", "sns:GetTopicAttributes", "sns:CreateTopic", "iam:GetRole", "iam:GetInstanceProfile", "iam:ListRoles", "iam:ListInstanceProfiles" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:GetObject" ], "Resource": [ "arn:aws:s3:::*image-build*" ] }, { "Effect": "Allow", "Action": [ "sns:Publish", "sns:setTopicAttributes" ], "Resource": "arn:aws:sns:*:*:*image-build*" }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": [ "*" ], "Condition": { "StringLike": { "iam:PassedToService": [ "ec2.amazonaws.com", "ssm.amazonaws.com" ] } } } ] }
AWS 托管策略:AWSMarketplaceGetEntitlements
您可以将该AWSMarketplaceGetEntitlements策略附加到您的IAM身份。
此政策授予只读权限,允许软件即服务 (SaaS) 产品销售商检查客户是否已订阅其 AWS Marketplace SaaS 产品。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Sid" : "AWSMarketplaceGetEntitlements", "Effect" : "Allow", "Action": [ "aws-marketplace:GetEntitlements" ], "Resource": "*" } ] }
AWS 托管策略:AWSMarketplaceMeteringFullAccess
您可以将该AWSMarketplaceMeteringFullAccess策略附加到您的IAM身份。
此政策向贡献者授予权限,允许他们报告与之对应的计量使用量AMI和开启灵活消费定价的容器产品。 AWS Marketplace
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "aws-marketplace:MeterUsage" ], "Effect": "Allow", "Resource": "*" } ] }
AWS
托管策略:AWSMarketplaceMeteringRegisterUsage
您可以将该AWSMarketplaceMeteringRegisterUsage策略附加到您的IAM身份。
此政策向贡献者授予权限,允许他们报告与按小时定价的容器产品相对应的计量使用量。 AWS Marketplace
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Action": [ "aws-marketplace:RegisterUsage" ], "Effect": "Allow", "Resource": "*" } ] }
AWS 托管策略:AWSMarketplaceSellerFullAccess
您可以将该AWSMarketplaceSellerFullAccess策略附加到您的IAM身份。
该政策授予管理权限,允许他们完全访问卖家对基于商品的所有操作 AWS Marketplace AWS Marketplace 管理门户,包括和管理EC2AMIAMI基于亚马逊的商品。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Sid": "MarketplaceManagement", "Effect": "Allow", "Action": [ "aws-marketplace-management:uploadFiles", "aws-marketplace-management:viewMarketing", "aws-marketplace-management:viewReports", "aws-marketplace-management:viewSupport", "aws-marketplace-management:viewSettings", "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:StartChangeSet", "aws-marketplace:CancelChangeSet", "aws-marketplace:ListEntities", "aws-marketplace:DescribeEntity", "aws-marketplace:ListTasks", "aws-marketplace:DescribeTask", "aws-marketplace:UpdateTask", "aws-marketplace:CompleteTask", "aws-marketplace:GetSellerDashboard", "aws-marketplace:ListAssessments", "aws-marketplace:DescribeAssessment", "ec2:DescribeImages", "ec2:DescribeSnapshots", "ec2:ModifyImageAttribute", "ec2:ModifySnapshotAttribute" ], "Resource": "*" }, { "Sid": "AgreementAccess", "Action": [ "aws-marketplace:SearchAgreements", "aws-marketplace:DescribeAgreement", "aws-marketplace:GetAgreementTerms" ], "Effect": "Allow", "Resource": "*", "Condition": { "StringEquals": { "aws-marketplace:PartyType": "Proposer" }, "ForAllValues:StringEquals": { "aws-marketplace:AgreementType": [ "PurchaseAgreement" ] } } }, { "Sid": "IAMGetRole", "Effect": "Allow", "Action": [ "iam:GetRole" ], "Resource": "arn:aws:iam::*:role/*" }, { "Sid": "AssetScanning", "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "assets.marketplace.amazonaws.com" } } }, { "Sid": "VendorInsights", "Effect": "Allow", "Action": [ "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListSecurityProfileSnapshots" ], "Resource": "*" }, { "Sid": "TagManagement", "Effect": "Allow", "Action": [ "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:ListTagsForResource" ], "Resource": "arn:aws:aws-marketplace:*:*:AWSMarketplace/*" }, { "Sid": "SellerSettings", "Effect": "Allow", "Action": [ "aws-marketplace-management:GetSellerVerificationDetails", "aws-marketplace-management:PutSellerVerificationDetails", "aws-marketplace-management:GetBankAccountVerificationDetails", "aws-marketplace-management:PutBankAccountVerificationDetails", "aws-marketplace-management:GetSecondaryUserVerificationDetails", "aws-marketplace-management:PutSecondaryUserVerificationDetails", "aws-marketplace-management:GetAdditionalSellerNotificationRecipients", "aws-marketplace-management:PutAdditionalSellerNotificationRecipients", "payments:GetPaymentInstrument", "payments:CreatePaymentInstrument", "payments:ListPaymentInstruments", "payments:ListTagsForResource", "payments:TagResource", "payments:UntagResource", "tax:GetTaxInterview", "tax:PutTaxInterview", "tax:GetTaxInfoReportingDocument" ], "Resource": "*" }, { "Sid": "Support", "Effect": "Allow", "Action": [ "support:CreateCase" ], "Resource": "*" }, { "Sid": "ResourcePolicyManagement", "Effect": "Allow", "Action": [ "aws-marketplace:GetResourcePolicy", "aws-marketplace:PutResourcePolicy", "aws-marketplace:DeleteResourcePolicy" ], "Resource": "arn:aws:aws-marketplace:*:*:AWSMarketplace/*" } ] }
AWS
托管策略:AWSMarketplaceSellerProductsFullAccess
您可以将该AWSMarketplaceSellerProductsFullAccess策略附加到您的IAM身份。
该政策向贡献者授予权限,允许他们完全访问管理商品 AWS Marketplace 管理门户、以及管理AMI基于商品的亚马逊EC2AMI产品。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:StartChangeSet", "aws-marketplace:CancelChangeSet", "aws-marketplace:ListEntities", "aws-marketplace:DescribeEntity", "aws-marketplace:ListTasks", "aws-marketplace:DescribeTask", "aws-marketplace:UpdateTask", "aws-marketplace:CompleteTask", "aws-marketplace:ListAssessments", "aws-marketplace:DescribeAssessment", "ec2:DescribeImages", "ec2:DescribeSnapshots", "ec2:ModifyImageAttribute", "ec2:ModifySnapshotAttribute" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "iam:GetRole" ], "Resource": "arn:aws:iam::*:role/*" }, { "Effect": "Allow", "Action": [ "iam:PassRole" ], "Resource": "arn:aws:iam::*:role/*", "Condition": { "StringEquals": { "iam:PassedToService": "assets.marketplace.amazonaws.com" } } }, { "Effect": "Allow", "Action": [ "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListSecurityProfileSnapshots" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "aws-marketplace:TagResource", "aws-marketplace:UntagResource", "aws-marketplace:ListTagsForResource" ], "Resource": "arn:aws:aws-marketplace:*:*:AWSMarketplace/*" }, { "Effect": "Allow", "Action": [ "aws-marketplace:GetResourcePolicy", "aws-marketplace:PutResourcePolicy", "aws-marketplace:DeleteResourcePolicy" ], "Resource": "arn:aws:aws-marketplace:*:*:AWSMarketplace/*" } ] }
AWS
托管策略:AWSMarketplaceSellerProductsReadOnly
您可以将该AWSMarketplaceSellerProductsReadOnly策略附加到您的IAM身份。
此政策授予只读权限,允许用户查看基于商品的亚马逊产品 AWS Marketplace 管理门户,以及查看AMI基于亚马逊的产品中EC2AMI使用的商品。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "aws-marketplace:ListChangeSets", "aws-marketplace:DescribeChangeSet", "aws-marketplace:ListEntities", "aws-marketplace:DescribeEntity", "aws-marketplace:ListTasks", "aws-marketplace:DescribeTask", "aws-marketplace:ListAssessments", "aws-marketplace:DescribeAssessment", "ec2:DescribeImages", "ec2:DescribeSnapshots" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "aws-marketplace:ListTagsForResource" ], "Resource": "arn:aws:aws-marketplace:*:*:AWSMarketplace/*" }, ] }
AWS 托管策略:AWSVendorInsightsVendorFullAccess
您可以将该AWSVendorInsightsVendorFullAccess策略附加到您的IAM身份。
此政策授予在 AWS Marketplace 供应商洞察上创建和管理所有资源的完全访问权限。 AWS Marketplace 在本指南中,Vendor Insights将评估人确定为买方和供应商等同于卖方。 AWS Marketplace 更新AWSVendorInsightsVendorFullAccess以添加协议搜索、更新配置文件快照、供应商标记,并允许对 AWS Artifact 第三方报告进行只读访问。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "aws-marketplace:DescribeEntity", "Resource": "arn:aws:aws-marketplace:*:*:*/SaaSProduct/*" }, { "Effect": "Allow", "Action": "aws-marketplace:ListEntities", "Resource": "*" }, { "Effect": "Allow", "Action": [ "vendor-insights:CreateDataSource", "vendor-insights:UpdateDataSource", "vendor-insights:DeleteDataSource", "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:CreateSecurityProfile", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:AssociateDataSource", "vendor-insights:DisassociateDataSource", "vendor-insights:UpdateSecurityProfile", "vendor-insights:ActivateSecurityProfile", "vendor-insights:DeactivateSecurityProfile", "vendor-insights:UpdateSecurityProfileSnapshotCreationConfiguration", "vendor-insights:UpdateSecurityProfileSnapshotReleaseConfiguration", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListSecurityProfileSnapshots" "vendor-insights:TagResource", "vendor-insights:UntagResource", "vendor-insights:ListTagsForResource", ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "aws-marketplace:AcceptAgreementApprovalRequest", "aws-marketplace:RejectAgreementApprovalRequest", "aws-marketplace:GetAgreementApprovalRequest", "aws-marketplace:ListAgreementApprovalRequests" "aws-marketplace:CancelAgreement", "aws-marketplace:SearchAgreements" ], "Resource": "*", "Condition": { "ForAllValues:StringEquals": { "aws-marketplace:AgreementType": "VendorInsightsAgreement" } } }, { "Effect": "Allow", "Action": [ "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports", ], "Resource": "arn:aws:artifact:*::report/*" } ] }
AWS 托管策略:AWSVendorInsightsVendorReadOnly
您可以将该AWSVendorInsightsVendorReadOnly策略附加到您的IAM身份。
此政策授予查看 AWS Marketplace 供应商洞察资料和相关资源的只读访问权限。 AWS Marketplace 在本指南中,Vendor Insights将评估人确定为买方和供应商等同于卖方。 AWS Marketplace 更新AWSVendorInsightsVendorReadOnly为添加列出标签的权限并允许对 AWS Artifact 第三方报告进行只读访问。
权限详细信息
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "aws-marketplace:DescribeEntity", "Resource": "arn:aws:aws-marketplace:*:*:*/SaaSProduct/*" }, { "Effect": "Allow", "Action": "aws-marketplace:ListEntities", "Resource": "*" }, { "Effect": "Allow", "Action": [ "vendor-insights:GetDataSource", "vendor-insights:ListDataSources", "vendor-insights:ListSecurityProfiles", "vendor-insights:GetSecurityProfile", "vendor-insights:GetSecurityProfileSnapshot", "vendor-insights:ListSecurityProfileSnapshots" "vendor-insights:ListTagsForResource" ], "Resource": "*" }, { "Effect": "Allow", "Action": [ "artifact:GetReport", "artifact:GetReportMetadata", "artifact:GetTermForReport", "artifact:ListReports" ], "Resource": "arn:aws:artifact:*::report/*" } ] }
AWS MarketplaceAWS 托管策略的更新
查看 AWS Marketplace 自该服务开始跟踪这些更改以来 AWS 托管策略更新的详细信息。要获得有关此页面变更的自动提醒,请订RSS阅该 AWS Marketplace 文档历史记录页面上的订阅源。
| 更改 | 描述 | 日期 |
|---|---|---|
|
AWS Marketplace 添加了 |
2024年10月22日 | |
AWS Marketplace 添加了 |
2024年10月22日 |
|
AWS Marketplace 添加了 |
2024年10月22日 |
|
|
AWSMarketplaceSellerFullAccess - 更新的策略 |
更新了 |
2024 年 6 月 4 日 |
|
AWSMarketplaceGetEntitlements - 更新的策略 |
AWS Marketplace 已更新AWSMarketplaceGetEntitlementssid为在政策声明中添加。 |
2024 年 3 月 22 日 |
|
AWSMarketplaceSellerFullAccess - 更新的策略 |
AWS Marketplace 更新AWSMarketplaceSellerFullAccess为添加了创建服务相关角色的权限。 |
2024 年 3 月 15 日 |
|
AWSMarketplaceSellerFullAccess - 更新的策略 |
AWS Marketplace 更新AWSMarketplaceSellerFullAccess为添加了访问税务信息的权限。 |
2024 年 2 月 8 日 |
| AWSVendorInsightsVendorFullAccess-更新了政策 | AWS Marketplace 已更新AWSVendorInsightsVendorFullAccess以添加更新数据源的权限。 |
2023 年 10 月 18 日 |
|
AWSMarketplaceSellerFullAccess - 更新的策略 |
AWS Marketplace 更新AWSMarketplaceSellerFullAccess为添加共享实体的权限。 |
2023 年 6 月 1 日 |
|
AWSMarketplaceSellerFullAccess - 更新的策略 |
AWS Marketplace 已更新AWSMarketplaceSellerFullAccess,添加了与账户验证、银行账户验证、案例管理和卖家通知详情相关的权限。 |
2023 年 6 月 1 日 |
|
AWSMarketplaceSellerFullAccess - 更新的策略 |
AWS Marketplace 已更新AWSMarketplaceSellerFullAccess,添加了访问卖家控制面板的权限。 |
2022 年 12 月 23 日 |
|
AWSMarketplaceSellerFullAccess, AWSMarketplaceSellerProductsFullAccess, AWSMarketplaceSellerProductsReadOnly - 对现有策略的更新 |
AWS Marketplace 更新了新的基于标签的授权功能的策略。 |
2022 年 12 月 9 日 |
|
AWS Marketplace 已更新 AWSVendorInsightsVendorFullAccess |
AWS Marketplace 更新AWSMarketplaceSellerProductsFullAccess以添加协议搜索、更新配置文件快照、供应商标记,并允许对 AWS Artifact 第三方报告进行只读访问(预览)。 |
2022 年 11 月 30 日 |
| AWS Marketplace 已更新 AWSVendorInsightsVendorReadOnly | AWS Marketplace 更新AWSVendorInsightsVendorReadOnly为添加列出标签的权限并允许对 AWS Artifact
第三方报告进行只读访问(预览)。 |
2022 年 11 月 30 日 |
|
AWSVendorInsightsVendorFullAccess 和 AWSVendorInsightsVendorReadOnly— 添加了新政策 |
AWS Marketplace 为新功能 “ AWS Marketplace 供应商见解” 添加了政策:AWSMarketplaceSellerProductsFullAccess和AWSVendorInsightsVendorReadOnly。 |
2022 年 7 月 26 日 |
| AWSMarketplaceSellerProductsFullAccess和 AWSMarketplaceSellerFullAccess— 更新了政策 | AWS Marketplace 更新了新功能 “ AWS Marketplace 供应商见解” 的政策:AWSMarketplaceSellerProductsFullAccess和AWSMarketplaceSellerFullAccess。 |
2022 年 7 月 26 日 |
|
AWSMarketplaceSellerFullAccess 和 AWSMarketplaceSellerProductsFullAccess – 对现有策略的更新 |
AWS Marketplace 更新了政策,使iam:PassedToService条件仅适用于iam:PassRole。 |
2021 年 11 月 22 日 |
|
AWSMarketplaceFullAccess – 现有策略更新 |
AWS Marketplace 已从 |
2021 年 7 月 20 日 |
|
AWS Marketplace 已开始跟踪更改 |
AWS Marketplace 开始跟踪其 AWS 托管策略的更改。 |
2021 年 4 月 20 日 |
