本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
AWS 受管政策
受管政策是獨立的身分型政策,您可以連接到 AWS 帳戶中的多個使用者、群組和角色。您可以使用 AWS 受管政策來控制 Billing 中的存取。
AWS 受管政策是由 AWS. AWS managed 政策建立和管理的獨立政策旨在為許多常見使用案例提供許可。 AWS 受管政策可讓您比必須自行撰寫政策時更輕鬆地將適當的許可指派給使用者、群組和角色。
您無法變更 AWS 受管政策中定義的許可。 AWS 偶爾會更新受 AWS 管政策中定義的許可。執行這項動作時,更新會影響政策連接到的所有委託人實體 (使用者、群組和角色)。
Billing 為常見使用案例提供數個 AWS 受管政策。
主題
AWSPurchaseOrdersServiceRolePolicy
此受管政策准許完全存取帳單和成本管理主控台和採購訂單主控台。該政策允許使用者檢視、建立、更新及刪除帳戶的採購訂單。
{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "account:GetAccountInformation", "account:GetContactInformation", "aws-portal:*Billing", "consolidatedbilling:GetAccountBillingRole", "invoicing:GetInvoicePDF", "payments:GetPaymentInstrument", "payments:ListPaymentPreferences", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "tax:ListTaxRegistrations" ], "Resource":"*" } ] }
AWSBillingReadOnlyAccess
此受管政策會授予使用者對主控台中 AWS Billing and Cost Management 功能的唯讀存取權。
許可詳細資訊
此政策包含以下許可:
account– 擷取其 AWS 帳戶的相關資訊。aws-portal– 將整體檢視許可授予使用者 Billing and Cost Management 主控台頁面。billing– 擷取 AWS 帳單資訊的完整存取權,例如帳單偏好設定、作用中合約、套用的點數或折扣、IAM偏好設定、記錄賣方,以及帳單報告清單。budgets– 擷取針對 AWS Budgets 功能設定之動作的相關資訊。ce– 擷取成本和用量資訊、標籤和維度值,以檢視 AWS Cost Explorer 功能。consolidatedbilling– 使用合併帳單功能擷取有關 AWS 帳戶 設定的角色和詳細資訊。cur– 擷取有關其 AWS Cost and Usage Report 資料的資訊。freetier– 擷取 AWS 免費方案 提醒和用量偏好設定的相關資訊。invoicing– 擷取發票偏好設定的相關資訊。payments– 擷取融資、付款狀態和付款工具資訊。purchase-orders– 擷取與其採購訂單相關聯的發票資訊。sustainability– 根據其 AWS 用量擷取碳足跡資訊。tax– 從稅務設定擷取已註冊的稅務資訊。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "account:GetAccountInformation", "aws-portal:ViewBilling", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "budgets:DescribeBudgetActionsForBudget", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionHistories", "budgets:ViewBudget", "ce:DescribeCostCategoryDefinition", "ce:GetCostAndUsage", "ce:GetDimensionValues", "ce:GetTags", "ce:ListCostCategoryDefinitions", "ce:ListCostAllocationTags", "ce:ListCostAllocationTagBackfillHistory", "ce:ListTagsForResource", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "cur:DescribeReportDefinitions", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "payments:GetFinancingApplication", "payments:GetFinancingLine", "payments:GetFinancingLineWithdrawal", "payments:GetFinancingOption", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListFinancingApplications", "payments:ListFinancingLines", "payments:ListFinancingLineWithdrawals", "payments:ListPaymentInstruments", "payments:ListPaymentPreferences", "payments:ListPaymentProgramOptions", "payments:ListPaymentProgramStatus", "payments:ListTagsForResource", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ViewPurchaseOrders", "sustainability:GetCarbonFootprintSummary", "tax:GetTaxInheritance", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations" ], "Resource": "*" } ] }
Billing
此受管政策會授予使用者檢視和編輯 AWS Billing and Cost Management 主控台的許可。這包括檢視帳戶用量、修改預算和付款方式。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "account:GetAccountInformation", "aws-portal:*Billing", "aws-portal:*PaymentMethods", "aws-portal:*Usage", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "billing:PutContractInformation", "billing:RedeemCredits", "billing:UpdateBillingPreferences", "billing:UpdateIAMAccessPreference", "budgets:CreateBudgetAction", "budgets:DeleteBudgetAction", "budgets:DescribeBudgetActionsForBudget", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionHistories", "budgets:ExecuteBudgetAction", "budgets:ModifyBudget", "budgets:UpdateBudgetAction", "budgets:ViewBudget", "ce:CreateNotificationSubscription", "ce:CreateReport", "ce:CreateCostCategoryDefinition", "ce:DeleteNotificationSubscription", "ce:DeleteCostCategoryDefinition", "ce:DescribeCostCategoryDefinition", "ce:DeleteReport", "ce:GetCostAndUsage", "ce:GetDimensionValues", "ce:GetTags", "ce:ListCostAllocationTags", "ce:ListCostAllocationTagBackfillHistory", "ce:ListCostCategoryDefinitions", "ce:ListTagsForResource", "ce:StartCostAllocationTagBackfill", "ce:UpdateCostAllocationTagsStatus", "ce:UpdateNotificationSubscription", "ce:TagResource", "ce:UpdatePreferences", "ce:UpdateReport", "ce:UntagResource", "ce:UpdateCostCategoryDefinition", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "cur:DeleteReportDefinition", "cur:DescribeReportDefinitions", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "cur:ModifyReportDefinition", "cur:PutClassicReportPreferences", "cur:PutReportDefinition", "cur:ValidateReportDestination", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "freetier:PutFreeTierAlertPreference", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "invoicing:PutInvoiceEmailDeliveryPreferences", "payments:CreateFinancingApplication", "payments:CreatePaymentInstrument", "payments:DeletePaymentInstrument", "payments:GetFinancingApplication", "payments:GetFinancingLine", "payments:GetFinancingLineWithdrawal", "payments:GetFinancingOption", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListFinancingApplications", "payments:ListFinancingLines", "payments:ListFinancingLineWithdrawals", "payments:ListPaymentInstruments", "payments:ListPaymentPreferences", "payments:ListPaymentProgramOptions", "payments:ListPaymentProgramStatus", "payments:ListTagsForResource", "payments:MakePayment", "payments:TagResource", "payments:UntagResource", "payments:UpdateFinancingApplication", "payments:UpdatePaymentInstrument", "payments:UpdatePaymentPreferences", "pricing:DescribeServices", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "support:AddAttachmentsToSet", "support:CreateCase", "sustainability:GetCarbonFootprintSummary", "tax:BatchPutTaxRegistration", "tax:DeleteTaxRegistration", "tax:GetExemptions", "tax:GetTaxInheritance", "tax:GetTaxInterview", "tax:GetTaxRegistration", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations", "tax:PutTaxInheritance", "tax:PutTaxInterview", "tax:PutTaxRegistration", "tax:UpdateExemptions" ], "Resource": "*" } ] }
AWSAccountActivityAccess
此受管理政策會授與使用者檢視帳戶活動頁面的許可。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "account:GetRegionOptStatus", "account:GetAccountInformation", "account:GetAlternateContact", "account:GetChallengeQuestions", "account:GetContactInformation", "account:ListRegions", "aws-portal:ViewBilling", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "payments:ListPaymentPreferences" ], "Resource": "*" } ] }
AWSPriceListServiceFullAccess
此受管政策會授予使用者對 AWS 價目表服務的完整存取權。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AWSPriceListServiceFullAccess", "Effect": "Allow", "Action": [ "pricing:*" ], "Resource": "*" } ] }
Billing 的 AWS 受管政策更新 AWS
檢視自此服務開始追蹤這些變更以來, AWS Billing 受 AWS 管政策更新的詳細資訊。如需此頁面變更的自動提醒,請訂閱 AWS 帳單文件歷史記錄頁面上的RSS摘要。
| 變更 | 描述 | 日期 |
|---|---|---|
帳單和 AWSBillingReadOnlyAccess – 更新現有政策 |
我們已將下列付款許可新增至
我們已將下列付款許可新增至
|
2024 年 11 月 12 日 |
|
AWSPriceListServiceFullAccess – 已更新政策 |
我們新增了 AWS Price List Service |
2024 年 7 月 2 日 |
|
帳單和 AWSBillingReadOnlyAccess – 更新現有政策 |
我們已將下列成本分配標籤相關許可新增至
我們已將下列標籤相關許可新增至
|
2024 年 5 月 31 日 |
|
帳單和 AWSBillingReadOnlyAccess – 更新現有政策 |
我們已將下列成本分配標籤相關許可新增至
我們已將下列成本分配標籤相關許可新增至
|
2024 年 3 月 25 日 |
| 帳單和 AWSBillingReadOnlyAccess – 更新現有政策 |
我們已將下列成本分配標籤相關許可新增至
我們已將下列成本分配標籤相關許可新增至
|
2023 年 7 月 26 日 |
|
AWSPurchaseOrdersServiceRolePolicy、帳單 和 AWSBillingReadOnlyAccess - 更新現有政策 |
我們已將下列採購單標籤相關許可新增至
我們已將下列標籤相關許可新增至
|
2023 年 7 月 17 日 |
|
AWSPurchaseOrdersServiceRolePolicy、帳單 和 AWSBillingReadOnlyAccess - 更新現有政策 AWSAccountActivityAccess – 為 AWS Billing 記錄新的 AWS 受管政策 |
在所有政策中新增更新的動作集 | 2023 年 3 月 6 日 |
|
AWSPurchaseOrdersServiceRolePolicy – 更新現有政策 |
AWS 帳單已移除不必要的許可。 |
2021 年 11 月 18 日 |
|
AWS 帳單已開始追蹤變更 |
AWS 帳單已開始追蹤其 AWS 受管政策的變更。 |
2021 年 11 月 18 日 |
