本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
AmazonRedshiftQueryEditorV2ReadWriteSharing
描述:授予使用 Amazon Redshift 查詢編輯器 V2 與資源共用的能力。授予的委託人可以讀取、寫入和共用自己的資源。獲得授予的主體可以讀取和更新與其團隊共用的資源。此政策也會授予其他必要服務的存取權。這包括在 AWS Secrets Manager 中列出 Amazon Redshift 叢集和管理主體的查詢編輯器 V2 秘密的許可。
AmazonRedshiftQueryEditorV2ReadWriteSharing 是AWS 受管政策。
使用此政策
您可以AmazonRedshiftQueryEditorV2ReadWriteSharing連接到您的使用者、群組和角色。
政策詳細資訊
-
類型: AWS 受管政策
-
建立時間:2021 年 9 月 24 日 14:25 UTC
-
編輯時間:2024 年 2 月 21 日 17:30 UTC
-
ARN:
arn:aws:iam::aws:policy/AmazonRedshiftQueryEditorV2ReadWriteSharing
政策版本
政策版本: v9 (預設)
政策的預設版本是定義政策許可的版本。當具有 政策的使用者或角色提出存取 AWS 資源的請求時, 會 AWS 檢查政策的預設版本,以決定是否允許請求。
JSON 政策文件
{
"Version" : "2012-10-17",
"Statement" : [
{
"Sid" : "RedshiftPermissions",
"Effect" : "Allow",
"Action" : [
"redshift:DescribeClusters",
"redshift-serverless:ListNamespaces",
"redshift-serverless:ListWorkgroups"
],
"Resource" : "*"
},
{
"Sid" : "SecretsManagerPermissions",
"Effect" : "Allow",
"Action" : [
"secretsmanager:CreateSecret",
"secretsmanager:GetSecretValue",
"secretsmanager:DeleteSecret",
"secretsmanager:TagResource"
],
"Resource" : "arn:aws:secretsmanager:*:*:sqlworkbench!*",
"Condition" : {
"StringEquals" : {
"secretsmanager:ResourceTag/sqlworkbench-resource-owner" : "${aws:userid}"
}
}
},
{
"Sid" : "ResourceGroupsTaggingPermissions",
"Effect" : "Allow",
"Action" : [
"tag:GetResources"
],
"Resource" : "*",
"Condition" : {
"StringEquals" : {
"aws:CalledViaLast" : "sqlworkbench.amazonaws.com"
}
}
},
{
"Sid" : "AmazonRedshiftQueryEditorV2NonResourceLevelPermissions",
"Effect" : "Allow",
"Action" : [
"sqlworkbench:CreateFolder",
"sqlworkbench:PutTab",
"sqlworkbench:BatchDeleteFolder",
"sqlworkbench:DeleteTab",
"sqlworkbench:GenerateSession",
"sqlworkbench:GetAccountInfo",
"sqlworkbench:GetAccountSettings",
"sqlworkbench:GetUserInfo",
"sqlworkbench:GetUserWorkspaceSettings",
"sqlworkbench:PutUserWorkspaceSettings",
"sqlworkbench:ListConnections",
"sqlworkbench:ListFiles",
"sqlworkbench:ListTabs",
"sqlworkbench:UpdateFolder",
"sqlworkbench:ListRedshiftClusters",
"sqlworkbench:DriverExecute",
"sqlworkbench:ListTaggedResources",
"sqlworkbench:ListQueryExecutionHistory",
"sqlworkbench:GetQueryExecutionHistory",
"sqlworkbench:ListNotebooks",
"sqlworkbench:GetSchemaInference",
"sqlworkbench:GetAutocompletionMetadata",
"sqlworkbench:GetAutocompletionResource"
],
"Resource" : "*"
},
{
"Sid" : "AmazonRedshiftQueryEditorV2CreateOwnedResourcePermissions",
"Effect" : "Allow",
"Action" : [
"sqlworkbench:CreateConnection",
"sqlworkbench:CreateSavedQuery",
"sqlworkbench:CreateChart",
"sqlworkbench:CreateNotebook",
"sqlworkbench:DuplicateNotebook",
"sqlworkbench:CreateNotebookFromVersion",
"sqlworkbench:ImportNotebook"
],
"Resource" : "*",
"Condition" : {
"StringEquals" : {
"aws:RequestTag/sqlworkbench-resource-owner" : "${aws:userid}"
}
}
},
{
"Sid" : "AmazonRedshiftQueryEditorV2OwnerSpecificPermissions",
"Effect" : "Allow",
"Action" : [
"sqlworkbench:DeleteChart",
"sqlworkbench:DeleteConnection",
"sqlworkbench:DeleteSavedQuery",
"sqlworkbench:GetChart",
"sqlworkbench:GetConnection",
"sqlworkbench:GetSavedQuery",
"sqlworkbench:ListSavedQueryVersions",
"sqlworkbench:UpdateChart",
"sqlworkbench:UpdateConnection",
"sqlworkbench:UpdateSavedQuery",
"sqlworkbench:AssociateConnectionWithTab",
"sqlworkbench:AssociateQueryWithTab",
"sqlworkbench:AssociateConnectionWithChart",
"sqlworkbench:AssociateNotebookWithTab",
"sqlworkbench:UpdateFileFolder",
"sqlworkbench:ListTagsForResource",
"sqlworkbench:GetNotebook",
"sqlworkbench:UpdateNotebook",
"sqlworkbench:DeleteNotebook",
"sqlworkbench:DuplicateNotebook",
"sqlworkbench:CreateNotebookCell",
"sqlworkbench:DeleteNotebookCell",
"sqlworkbench:UpdateNotebookCellContent",
"sqlworkbench:UpdateNotebookCellLayout",
"sqlworkbench:BatchGetNotebookCell",
"sqlworkbench:ListNotebookVersions",
"sqlworkbench:CreateNotebookVersion",
"sqlworkbench:GetNotebookVersion",
"sqlworkbench:DeleteNotebookVersion",
"sqlworkbench:RestoreNotebookVersion",
"sqlworkbench:CreateNotebookFromVersion",
"sqlworkbench:ExportNotebook",
"sqlworkbench:ImportNotebook"
],
"Resource" : "*",
"Condition" : {
"StringEquals" : {
"aws:ResourceTag/sqlworkbench-resource-owner" : "${aws:userid}"
}
}
},
{
"Sid" : "AmazonRedshiftQueryEditorV2TagOnlyUserIdPermissions",
"Effect" : "Allow",
"Action" : "sqlworkbench:TagResource",
"Resource" : "*",
"Condition" : {
"ForAllValues:StringEquals" : {
"aws:TagKeys" : "sqlworkbench-resource-owner"
},
"StringEquals" : {
"aws:ResourceTag/sqlworkbench-resource-owner" : "${aws:userid}",
"aws:RequestTag/sqlworkbench-resource-owner" : "${aws:userid}"
}
}
},
{
"Sid" : "AmazonRedshiftQueryEditorV2TeamReadWriteAccessPermissions",
"Effect" : "Allow",
"Action" : [
"sqlworkbench:GetChart",
"sqlworkbench:GetConnection",
"sqlworkbench:GetSavedQuery",
"sqlworkbench:ListSavedQueryVersions",
"sqlworkbench:ListTagsForResource",
"sqlworkbench:UpdateChart",
"sqlworkbench:UpdateConnection",
"sqlworkbench:UpdateSavedQuery",
"sqlworkbench:AssociateConnectionWithTab",
"sqlworkbench:AssociateQueryWithTab",
"sqlworkbench:AssociateConnectionWithChart",
"sqlworkbench:AssociateNotebookWithTab",
"sqlworkbench:GetNotebook",
"sqlworkbench:DuplicateNotebook",
"sqlworkbench:BatchGetNotebookCell",
"sqlworkbench:ListNotebookVersions",
"sqlworkbench:GetNotebookVersion",
"sqlworkbench:CreateNotebookFromVersion",
"sqlworkbench:ExportNotebook"
],
"Resource" : "*",
"Condition" : {
"StringEquals" : {
"aws:ResourceTag/sqlworkbench-team" : "${aws:PrincipalTag/sqlworkbench-team}"
}
}
},
{
"Sid" : "AmazonRedshiftQueryEditorV2TagOnlyTeamPermissions",
"Effect" : "Allow",
"Action" : "sqlworkbench:TagResource",
"Resource" : "*",
"Condition" : {
"ForAllValues:StringEquals" : {
"aws:TagKeys" : "sqlworkbench-team"
},
"StringEquals" : {
"aws:ResourceTag/sqlworkbench-resource-owner" : "${aws:userid}",
"aws:RequestTag/sqlworkbench-team" : "${aws:PrincipalTag/sqlworkbench-team}"
}
}
},
{
"Sid" : "AmazonRedshiftQueryEditorV2UntagOnlyTeamPermissions",
"Effect" : "Allow",
"Action" : "sqlworkbench:UntagResource",
"Resource" : "*",
"Condition" : {
"ForAllValues:StringEquals" : {
"aws:TagKeys" : "sqlworkbench-team"
},
"StringEquals" : {
"aws:ResourceTag/sqlworkbench-resource-owner" : "${aws:userid}"
}
}
}
]
}進一步了解
