選取您的 Cookie 偏好設定

我們使用提供自身網站和服務所需的基本 Cookie 和類似工具。我們使用效能 Cookie 收集匿名統計資料,以便了解客戶如何使用我們的網站並進行改進。基本 Cookie 無法停用,但可以按一下「自訂」或「拒絕」以拒絕效能 Cookie。

如果您同意,AWS 與經核准的第三方也會使用 Cookie 提供實用的網站功能、記住您的偏好設定,並顯示相關內容,包括相關廣告。若要接受或拒絕所有非必要 Cookie,請按一下「接受」或「拒絕」。若要進行更詳細的選擇,請按一下「自訂」。

Granting required permissions for Amazon EC2 resources - Amazon Elastic Compute Cloud
此頁面尚未翻譯為您的語言。 請求翻譯

Granting required permissions for Amazon EC2 resources

By default, users, groups, and roles don't have permission to create or modify Amazon EC2 resources, or perform tasks using the Amazon EC2 API. To create or modify EC2 resources and perform tasks, see Identity and access management for Amazon EC2 in the Amazon EC2 User Guide.

When you make an API request, the parameters that you specify in the request determine the required permissions for your EC2 resources. If the user, group, or role that makes the request doesn’t have the required permission, the request fails. For example, to use RunInstances to launch an instance in a subnet (by specifying the SubnetId parameter), a user must have permission to use the VPC.

Resource-level permissions refers to the ability to specify which resources users are allowed to perform actions on. Amazon EC2 has partial support for resource-level permissions. This means that for certain Amazon EC2 actions, you can control when users are allowed to use those actions based on conditions that have to be fulfilled, or specific resources that users are allowed to use. For example, you can grant users permission to launch instances, but only of a specific type, and only using a specific AMI.

For more information about the resources that are created or modified by the Amazon EC2 actions, and the ARNs and Amazon EC2 condition keys that you can use in an IAM policy statement, see Actions, resources, and condition keys for Amazon EC2 in the Service Authorization Reference.

For example policies, see IAM policies for Amazon EC2 in the Amazon EC2 User Guide.

隱私權網站條款Cookie 偏好設定
© 2025, Amazon Web Services, Inc.或其附屬公司。保留所有權利。