使用自訂 IAM 政策管理 Amazon Connect 主控台存取權的必要許可 - Amazon Connect

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

使用自訂 IAM 政策管理 Amazon Connect 主控台存取權的必要許可

如果您使用自訂 IAM 政策來管理 Amazon Connect 主控台的存取權,則您的使用者需要本文中列出的部分或全部許可,具體取決於他們需要執行的任務。

注意

使用自訂 IAM 政策中的 connect:* 會授予您的使用者本文中列出的所有 Amazon Connect 許可。

注意

Amazon Connect 主控台上的某些頁面 (例如任務Customer Profiles) 要求您在內嵌政策中新增許可。

AmazonConnect_FullAccess 政策

若要允許 Amazon Connect 的完整讀取/寫入存取權,您必須將兩個政策附加到使用者、群組或角色。附加 AmazonConnect_FullAccess 政策和具有以下內容的自訂政策:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "AttachAnyPolicyToAmazonConnectRole", "Effect": "Allow", "Action": "iam:PutRolePolicy", "Resource": "arn:aws:iam::*:role/aws-service-role/connect.amazonaws.com/AWSServiceRoleForAmazonConnect*" } ] }

若要允許使用者來建立執行個體,確保它們具備 AmazonConnect_FullAccess 政策所授與的許可。

當您使用 AmazonConnect_FullAccess 政策時,請注意以下事項:

  • 若要使用您選擇的名稱建立 Amazon S3 儲存貯體,或在從 Amazon Connect 管理員網站建立或更新執行個體時,使用現有的儲存貯體,則需要其他權限。如果您為通話錄音、聊天文字記錄、通話文字記錄和其他資料選擇預設儲存位置,系統會在這些物件前面加上「amazon-connect-」。

  • aws/connect KMS 金鑰可作為預設加密選項使用。若要使用自訂加密金鑰,請指派其他 KMS 權限給使用者。

  • 為使用者指派其他權限,將 Amazon Polly、Live Media Streaming、Data Streaming 和 Lex 機器人等其他 AWS 資源連接至其 Amazon Connect 執行個體。

AmazonConnectReadOnlyAccess 政策

若要允許唯讀存取權,您只需要附加 AmazonConnectReadOnlyAccess 政策。

Amazon Connect 主控台首頁

下圖顯示 Amazon Connect 主控台首頁範例,其中有一個指向執行個體別名的箭頭。選擇執行個體別名,以導覽至執行個體詳細資訊頁面。

Amazon Connect 虛擬聯絡中心執行個體頁面,即執行個體別名。

使用下表所列的權限來管理此頁面的存取權限。

動作/使用案例 需要的許可

列出執行個體

connect:ListInstances

ds:DescribeDirectories

描述執行個體:檢視執行個體/目前設定的詳細資料

connect:DescribeInstance

connect:ListLambdaFunctions

connect:ListLexBots

connect:ListInstanceStorageConfigs

connect:ListApprovedOrigins

connect:ListSecurityKeys

connect:DescribeInstanceAttributes

connect:DescribeInstanceStorageConfig

ds:DescribeDirectories

建立執行個體

connect:AssociateCustomerProfilesDomain

connect:CreateInstance

connect:DescribeInstance

connect:ListInstances

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceAttribute

ds:CheckAlias

ds:CreateAlias

ds:AuthorizeApplication

ds:UnauthorizeApplication

ds:CreateIdentityPoolDirectory

ds:DescribeDirectories

iam:CreateServiceLinkedRole

iam:PutRolePolicy

kms:創建權限

kms:描述金鑰

kms:ListAliases

kms:RetireGrant

logs:CreateLogGroup

s3:CreateBucket

s3:GetBucketLocation

s3:ListAllMyBuckets

servicequotas:GetServiceQuota

profile:CreateDomain

profile:GetDomain

profile:GetProfileObjectType

profile:ListAccountIntegrations

profile:ListDomains

profile:ListProfileObjectTypeTemplates

profile:PutIntegration

刪除執行個體

connect:DescribeInstance

connect:DeleteInstance

connect:ListInstances

ds:DescribeDirectories

ds:DeleteDirectory

ds:UnauthorizeApplication

執行個體詳細資訊頁面

下圖顯示您用來存取每個詳細執行個體頁面的導覽功能表。

Amazon Connect 執行個體頁面上的導覽功能表。

若要存取詳細的執行個體頁面,您需要 Amazon Connect 主控台首頁 (描述/清單) 的許可。或者,使用 AmazonConnectReadOnlyAccess 政策。

下表列出每個詳細執行個體頁面的精細權限。

注意

若要執行 編輯 動作,使用者還需要 清單描述 權限。

概觀頁面

動作/使用案例 需要的許可
建立服務連結角色

connect:DescribeInstance

connect:ListInstances

connect:DescribeInstanceAttribute

connect:UpdateInstanceAttribute

connect:ListIntegrationAssociations

profile:ListAccountIntegrations

ds:DescribeDirectories

iam:CreateServiceLinkedRole

iam:PutRolePolicy

電話頁面

動作/使用案例 需要的許可
檢視電話選項 connect:DescribeInstance

啟用/停用電話選項

connect:UpdateInstanceAttribute

檢視傳出活動

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:GetInstanceOnboardingJobStatus

connect:DescribeInstance

connect:DescribeInstanceAttribute

kms:描述金鑰

啟用/停用外傳出活動

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:GetInstanceOnboardingJobStatus

connect-campaigns:StartInstanceOnboardingJob

connect-campaigns:DeleteInstanceOnboardingJob

connect-campaigns:DeleteConnectInstanceConfig

connect:DescribeInstance

connect:DescribeInstanceAttribute

connect:UpdateInstanceAttribute

iam:CreateServiceLinkedRole

iam:DeleteServiceLinkedRole

iam:AttachRolePolicy

iam:PutRolePolicy

iam:DeleteRolePolicy

events:PutRule

events:PutTargets

events:DeleteRule

events:RemoveTargets

events:DescribeRule

events:ListTargetsByRule

ds:DescribeDirectories

kms:描述金鑰

kms:ListKeys

kms:創建權限

kms:RetireGrant

資料儲存頁面

通話錄音區段

動作/使用案例 需要的許可

檢視通話錄音

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

編輯通話錄音

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:GetBucketAcl

s3:CreateBucket

kms:創建權限

kms:描述金鑰

kms:ListAliases

kms:RetireGrant

iam:PutRolePolicy

畫面錄製區段

動作/使用案例 需要的許可

檢視畫面錄製

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

編輯畫面錄製

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:GetBucketAcl

s3:CreateBucket

iam:PutRolePolicy

kms:創建權限

kms:描述金鑰

kms:ListAliases

kms:RetireGrant

聊天文字記錄區段

動作/使用案例 需要的許可

檢視聊天文字記錄

connect:DescribeInstance

connect:DescribeInstanceStorageConfig

connect:ListInstanceStorageConfigs

編輯聊天文字記錄

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:GetBucketAcl

s3:CreateBucket

kms:創建權限

kms:描述金鑰

kms:ListAliases

kms:RetireGrant

iam:PutRolePolicy

附件區段

動作/使用案例 需要的許可

檢視聊天附件

connect:DescribeInstance

connect:DescribeInstanceStorageConfig

connect:ListInstanceStorageConfigs

編輯聊天附件

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:CreateBucket

s3:GetBucketAcl

kms:創建權限

kms:描述金鑰

kms:ListAliases

kms:RetireGrant

iam:PutRolePolicy

即時媒體串流區段

動作/使用案例 需要的許可

檢視即時媒體串流

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

編輯即時媒體串流

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

kms:創建權限

kms:描述金鑰

kms:RetireGrant

iam:PutRolePolicy

匯出的報告區段

動作/使用案例 需要的許可

檢視匯出的報告

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

編輯匯出的報告

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect: DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:CreateBucket

kms:描述金鑰

kms:ListAliases

kms:RetireGrant

kms:創建權限

iam:PutRolePolicy

資料串流頁面

聯絡記錄區段

動作/使用案例 需要的許可

檢視資料串流 – 聯絡記錄

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

編輯聯絡記錄

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

firehose:ListDeliveryStreams

firehose:DescribeDeliveryStream

kinesis:ListStreams

kinesis:DescribeStream

iam:PutRolePolicy

客服人員事件區段

動作/使用案例 需要的許可

檢視資料串流 – 客服人員事件

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

編輯客服人員事件

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

kinesis:ListStreams

kinesis: DescribeStream

iam:PutRolePolicy

流程頁面

流量安全性金鑰區段

動作/使用案例 需要的許可

檢視流量安全性金鑰

connect:DescribeInstance

connect:ListSecurityKeys

新增/移除流程安全性金鑰

connect:AssociateSecurityKey

connect:DisassociateSecurityKey

Lex 機器人區段

動作/使用案例 需要的許可

檢視 Lex 機器人

connect:ListLexBots

connect:ListBots

新增/移除 Lex 機器人

lex:GetBots

lex:GetBot

lex:CreateResourcePolicy

lex:DeleteResourcePolicy

lex:UpdateResourcePolicy

lex:DescribeBotAlias

lex:ListBotAliases

lex:ListBots

connect:AssociateBot

connect:DisassociateBot

connect:ListBots

connect:AssociateLexBot

connect:DisassociateLexBot

connect:ListLexBots

iam:PutRolePolicy

Lambda 函數區段

動作/使用案例 需要的許可

檢視 Lambda 函數

connect:ListLambdaFunctions

新增/移除 Lambda 函數

connect:ListLambdaFunctions

connect:AssociateLambdaFunction

connect:DisassociateLambdaFunction

iam:PutRolePolicy

lambda:ListFunctions

lambda:AddPermission

lambda:RemovePermission

流程日誌區段

動作/使用案例 需要的許可

檢視流程日誌組態

connect:DescribeInstance

connect:DescribeInstanceAttribute

啟用/停用流程日誌

logs:CreateLogGroup

Amazon Polly 區段

動作/使用案例 需要的許可

檢視 Amazon Polly 選項

connect:DescribeInstance

connect:DescribeInstanceAttribute

更新 Amazon Polly 選項

connect:UpdateInstanceAttribute

Contact Lens 連接器頁面

動作/使用案例 需要的許可

檢視 Contact Lens 連接器

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:GetVoiceConnectorExternalSystemsConfiguration

Add/Update/Remove Contact Lens 連接器

chime:CreateVoiceConnector

chime:DeleteVoiceConnector

chime:DeleteVoiceConnectorTermination

chime:DeleteVoiceConnectorTerminationCredentials

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:PutVoiceConnectorLoggingConfiguration

chime:PutVoiceConnectorTermination

chime:PutVoiceConnectorTerminationCredentials

chime:UpdateVoiceConnector

chime:CreateConnectAnalyticsConnector

chime:PutVoiceConnectorExternalSystemsConfiguration

chime:GetVoiceConnectorExternalSystemsConfiguration

chime:DeleteVoiceConnectorExternalSystemsConfiguration

chime:AssociateVoiceConnectorConnect

chime:DisassociateVoiceConnectorConnect

chime:TagResources

chime:UntagResources

chime:ListTagsForResource

語音傳輸整合

動作/使用案例 需要的許可

檢視外部語音傳輸連接器

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:GetVoiceConnectorExternalSystemsConfiguration

Add/Update/Remove外部語音傳輸連接器

chime:CreateVoiceConnector

chime:DeleteVoiceConnector

chime:DeleteVoiceConnectorTermination

chime:DeleteVoiceConnectorTerminationCredentials

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:PutVoiceConnectorLoggingConfiguration

chime:PutVoiceConnectorTermination

chime:PutVoiceConnectorTerminationCredentials

chime:UpdateVoiceConnector

chime:CreateConnectAnalyticsConnector

chime:PutVoiceConnectorExternalSystemsConfiguration

chime:GetVoiceConnectorExternalSystemsConfiguration

chime:DeleteVoiceConnectorExternalSystemsConfiguration

chime:AssociateVoiceConnectorConnect

chime:DisassociateVoiceConnectorConnect

chime:TagResources

chime:UntagResources

chime:ListTagsForResource

應用程式整合頁面

動作/使用案例 需要的許可

檢視核准的來源

connect:DescribeInstance

connect:ListApprovedOrigins

編輯核准的來源

connect: AssociateApprovedOrigin

connect:ListApprovedOrigins

connect:DisassociateApprovedOrigin

客戶設定檔頁面

動作/使用案例 需要的許可

查看客戶設定檔

app-integrations:ListEventIntegrations

appflow:DescribeConnectorEntity

appflow:DescribeConnectorProfiles

appflow:DescribeFlow

appflow:ListFlows

appflow:ListConnectorEntities

appflow:ListConnectorProfiles

cloudwatch:GetMetricData

connect:DescribeInstance

connect:ListInstances

ds:DescribeDirectories

iam:ListRoles

kinesis:DescribeStreamSummary

kms:解密

kms:描述金鑰

kms:產生資料金鑰

kms:ListKeys

profile:GetCalculatedAttributeDefinition

profile:GetDomain

profile:GetEventStream

profile:GetIdentityResolutionJob

profile:GetIntegration

profile:GetProfileObjectType

profile:GetProfileObjectTypeTemplate

profile:GetWorkflow

profile:ListAccountIntegrations

profile:ListCalculatedAttributeDefinitions

profile:ListDomains

profile:ListEventStreams

profile:ListIdentityResolutionJobs

profile:ListIntegrations

profile:ListProfileObjectTypes

profile:ListProfileObjectTypeTemplates

sqs:ListQueues

編輯客戶設定檔

app-integrations:CreateEventIntegration

app-integrations:ListEventIntegrations

appflow:CreateFlow

appflow:CreateConnectorProfile

appflow:DescribeFlow

appflow:DeleteFlow

appflow:DescribeConnectorEntity

appflow:DescribeConnectorProfiles

appflow:ListFlows

appflow:ListConnectorEntities

appflow:ListConnectorProfiles

appflow:StartFlow

cloudwatch:GetMetricData

connect:DescribeInstance

connect:ListInstances

ds:DescribeDirectories

events:CreateEventBus

events:DescribeEventBus

events:DescribeEventSource

events:ListEventSources

iam:CreateRole

iam:CreatePolicy

iam:AttachRolePolicy

iam:ListRoles

iam:PutRolePolicy

kinesis:DescribeStreamSummary

kinesis:ListStreams

kms:創建權限

kms:解密

kms:描述金鑰

kms:產生資料金鑰

kms:ListAliases

kms:ListKeys

kms:ListGrants

profile:CreateDomain

profile:CreateEventStream

profile:CreateIntegrationWorkflow

profile:DeleteEventStream

profile:DeleteIntegration

profile:DeleteDomain

profile:DeleteProfileObjectType

profile:DetectProfileObjectType

profile:GetCalculatedAttributeDefinition

profile:GetDomain

profile:GetEventStream

profile:GetIdentityResolutionJob

profile:GetIntegration

profile:GetProfileObjectType

profile:GetProfileObjectTypeTemplate

profile:GetWorkflow

profile:ListAccountIntegrations

profile:ListCalculatedAttributeDefinitions

profile:ListDomains

profile:ListEventStreams

profile:ListIdentityResolutionJobs

profile:ListIntegrations

profile:ListProfileObjectTypes

profile:ListProfileObjectTypeTemplates

profile:PutIntegration

profile:PutProfileObjectType

profile:TagResource

設定檔:UntagResource

profile:UpdateDomain

s3:GetBucketLocation

s3:GetBucketPolicy

s3:GetObject

s3:HeadBucket

s3:ListAllMyBuckets

s3:ListBucket

s3:ListObjectsV2

s3:PutBucketPolicy

s3:SelectObjectContent

sqs:ListQueues

任務頁面

動作/使用案例 需要的許可

查看任務整合

app-integrations:GetEventIntegration

connect:ListIntegrationAssociations

編輯任務整合

app-integrations:CreateEventIntegration

app-integrations:GetEventIntegration

app-integrations:ListEventIntegrations

app-integrations:DeleteEventIntegrationAssociation

app-integrations:CreateEventIntegrationAssociation

appflow:CreateFlow

appflow:CreateConnectorProfile

appflow:DescribeFlow

appflow:DeleteFlow

appflow:DeleteConnectorProfile

appflow:DescribeConnectorEntity

appflow:ListFlows

appflow:ListConnectorEntities

appflow:StartFlow

connect:ListIntegrationAssociations

connect:DeleteIntegrationAssociation

connect:ListUseCases

connect:DeleteUseCase

events:ActivateEventSource

events:CreateEventBus

events:DescribeEventBus

events:DescribeEventSource

events:ListEventSources

events:ListTargetsByRule

events:PutRule

events:PutTargets

events:DeleteRule

events:RemoveTargets

kms:創建權限

kms:描述金鑰

kms:ListAliases

kms:ListKeys

kms:ListGrants

案例頁面

動作/使用案例 需要的許可

檢視案例網域詳細資訊

connect:ListInstances

ds:DescribeDirectories

connect:ListIntegrationAssociations

cases:GetDomain

加入案例

connect:ListInstances

connect:ListIntegrationAssociations

cases:GetDomain

cases:CreateDomain

connect:CreateIntegrationAssociation

connect:DescribeInstance

iam:PutRolePolicy

客戶身分驗證頁面

動作/使用案例 需要的許可

檢視客戶身分驗證

connect:ListIntegrationAssociations

cognito-idp:ListUserPools

cognito-idp:DescribeUserPool

加入客戶身分驗證

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

connect:ListIntegrationAssociations

cognito-idp:ListUserPools

cognito-idp:DescribeUserPool

cognito-idp:ListUserPoolClients

cognito-idp:TagResource

cognito-idp:CreateUserPool

外撥行銷活動頁面

動作/使用案例 需要的許可
檢視傳出活動

connect:ListIntegrationAssociations

connect:ListPhoneNumbersV2

connect:SearchEmailAddresses

connect:DescribeInstance

connect:DescribeInstanceAttribute

kms:描述金鑰

kms:ListKeys

profile:ListAccountIntegrations

profile:ListIntegrations

profile:ListDomains

profile:GetDomain

wisdom:ListKnowledgeBases

wisdom:GetKnowledgeBase

connect-campaigns:GetInstanceOnboardingJobStatus

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:ListConnectInstanceIntegrations

建立對外行銷活動

connect-campaigns:StartInstanceOnboardingJob

connect-campaigns:DeleteInstanceOnboardingJob

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:GetInstanceOnboardingJobStatus

connect-campaigns:DeleteConnectInstanceConfig

connect:DescribeInstance

connect:DescribeInstanceAttribute

connect:UpdateInstanceAttribute

iam:CreateServiceLinkedRole

iam:DeleteServiceLinkedRole

iam:AttachRolePolicy

iam:PutRolePolicy

iam:DeleteRolePolicy

events:PutRule

events:PutTargets

events:DeleteRule

events:RemoveTargets

events:DescribeRule

events:ListTargetsByRule

ds:DescribeDirectories

kms:描述金鑰

kms:ListKeys

kms:創建權限

kms:RetireGrant

profile:CreateDomain

profile:ListAccountIntegrations

profile:ListIntegrations

profile:PutIntegration

profile:PutProfileObjectType

connect:CreateIntegrationAssociation

connect:ListIntegrationAssociations

connect:UpdateInstanceAttribute

connect:AssociateCustomerProfilesDomain

connect-campaigns:ListConnectInstanceIntegrations

connect-campaigns:PutConnectInstanceIntegration

wisdom:CreateKnowledgeBase

wisdom:ListKnowledgeBases

Amazon Q in Connect 頁面

動作/使用案例 需要的許可

檢視網域和整合

wisdom:ListAssistantAssociations

appflow:DescribeConnectorProfiles

app-integrations:GetDataIntegration

connect:DescribeInstance

connect:DescribeInstanceAttribute

connect:ListIntegrationAssociations

kms:描述金鑰

kms:ListGrants

wisdom:GetAssistant

wisdom:GetKnowledgeBase

wisdom:ListAssistantAssociations

新增或移除網域

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

connect:ListIntegrationAssociations

iam:DeleteRolePolicy

iam:PutRolePolicy

kms:創建權限

kms:描述金鑰

kms:ListAliases

wisdom:CreateAssistant

wisdom:DeleteAssistant

wisdom:GetAssistant

wisdom:ListAssistantAssociations

wisdom:ListAssistants

wisdom:TagResource

新增或移除整合

wisdom:ListAssistantAssociations

app-integrations:CreateDataIntegration

app-integrations:CreateDataIntegrationAssociation

app-integrations:DeleteDataIntegrationAssociation

app-integrations:GetDataIntegration

app-integrations:ListDataIntegrations

appflow:CreateConnectorProfile

appflow:CreateFlow

appflow:DeleteFlow

appflow:DescribeConnector

appflow:DescribeConnectorEntity

appflow:DescribeConnectorProfiles

appflow:DescribeConnectors

appflow:DescribeFlow

appflow:ListConnectorEntities

appflow:StartFlow

appflow:StopFlow

appflow:TagResource

appflow:UseConnectorProfile

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

connect:ListIntegrationAssociations

iam:DeleteRolePolicy

iam:PutRolePolicy

kms:創建權限

kms:解密

kms:描述金鑰

kms:產生資料金鑰

kms:ListAliases

kms:ListGrants

secretsmanager:CreateSecret

secretsmanager:PutResourcePolicy

wisdom:CreateAssistantAssociation

wisdom:CreateKnowledgeBase

wisdom:DeleteAssistantAssociation

wisdom:DeleteKnowledgeBase

wisdom:GetAssistant

wisdom:GetKnowledgeBase

wisdom:ListAssistantAssociations

wisdom:ListKnowledgeBases

wisdom:TagResource

Voice ID 頁面

動作/使用案例 需要的許可

檢視 Voice ID 整合

voiceid:DescribeDomain

voiceid:ListDomains

voiceid:RegisterComplianceConsent

voiceid:DescribeComplianceConsent

connect:ListIntegrationAssociations

編輯 Voice ID 整合

voiceid:DescribeDomain

voiceid:ListDomains

voiceid:RegisterComplianceConsent

voiceid:DescribeComplianceConsent

voiceid:UpdateDomain

voiceid:CreateDomain

connect:ListIntegrationAssociations

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

events:PutRule

events:DeleteRule

events:PutTargets

events:RemoveTargets

iam:PutRolePolicy

預測、容量規劃和排程頁面

動作/使用案例 需要的許可

檢視預測、容量規劃和排程

connect:DescribeForecastingPlanningSchedulingIntegration

啟用預測、容量規劃和排程

connect:UpdateInstanceAttribute

connect:StartForecastingPlanningSchedulingIntegration

停用預測、容量規劃和排程

connect:UpdateInstanceAttribute

connect:StopForecastingPlanningSchedulingIntegration

聯合

SAML 聯合

動作/使用案例 需要的許可

SAML 聯合

connect:GetFederationToken

行政/緊急聯合

動作/使用案例 需要的許可

行政/緊急聯合

connect:GetFederationToken