本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
AWS Resilience Hub 角色和IAM許可參考
您可以使用 AWS Resilience Hub AWSResilienceHubAsssessmentExecutionPolicy AWS 受管政策和下列其中一個角色特定的政策,將IAM許可授予使用 所需的角色。如需 AWS 受管政策的詳細資訊,請參閱 AWSResilienceHubAsssessmentExecutionPolicy。
建議的角色政策 AWS Resilience Hub:
IAM Infrastructure Application Manager 角色的許可
下列政策會授予基礎設施應用程式管理員角色所需的必要許可。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "InfrastructureApplicationManager", "Effect": "Allow", "Action": [ "resiliencehub:AddDraftAppVersionResourceMappings", "resiliencehub:CreateAppVersionAppComponent", "resiliencehub:CreateAppVersionResource", "resiliencehub:CreateRecommendationTemplate", "resiliencehub:DeleteAppAssessment", "resiliencehub:DeleteAppInputSource", "resiliencehub:DeleteAppVersionAppComponent", "resiliencehub:DeleteAppVersionResource", "resiliencehub:DeleteRecommendationTemplate", "resiliencehub:Describe*", "resiliencehub:List*", "resiliencehub:PublishAppVersion", "resiliencehub:PutDraftAppVersionTemplate", "resiliencehub:RemoveDraftAppVersionResourceMappings", "resiliencehub:ResolveAppVersionResources", "resiliencehub:StartAppAssessment", "resiliencehub:TagResource", "resiliencehub:UntagResource", "resiliencehub:UpdateAppVersion", "resiliencehub:UpdateAppVersionAppComponent", "resiliencehub:UpdateAppVersionResource" ], "Resource": "*" } ] }
IAM Business continuity Manager 角色的許可
下列政策會授予業務連續性管理員角色所需的必要許可。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "BusinessContinuityManager", "Effect": "Allow", "Action": [ "resiliencehub:CreateResiliencyPolicy", "resiliencehub:DeleteResiliencyPolicy", "resiliencehub:Describe*", "resiliencehub:List*", "resiliencehub:ResolveAppVersionResources", "resiliencehub:TagResource", "resiliencehub:UntagResource", "resiliencehub:UpdateAppVersion", "resiliencehub:UpdateAppVersionAppComponent", "resiliencehub:UpdateAppVersionResource", "resiliencehub:UpdateResiliencyPolicy" ], "Resource": "*" } ] }
IAM 應用程式擁有者角色的許可
下列政策會授予應用程式擁有者角色所需的必要許可。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ApplicationOwner", "Effect": "Allow", "Action": [ "resiliencehub:AddDraftAppVersionResourceMappings", "resiliencehub:BatchUpdateRecommendationStatus", "resiliencehub:CreateApp", "resiliencehub:CreateAppVersionAppComponent", "resiliencehub:CreateAppVersionResource", "resiliencehub:CreateRecommendationTemplate", "resiliencehub:CreateResiliencyPolicy", "resiliencehub:DeleteApp", "resiliencehub:DeleteAppAssessment", "resiliencehub:DeleteAppInputSource", "resiliencehub:DeleteAppVersionAppComponent", "resiliencehub:DeleteAppVersionResource", "resiliencehub:DeleteRecommendationTemplate", "resiliencehub:DeleteResiliencyPolicy", "resiliencehub:Describe*", "resiliencehub:ImportResourcesToDraftAppVersion", "resiliencehub:List*", "resiliencehub:PublishAppVersion", "resiliencehub:PutDraftAppVersionTemplate", "resiliencehub:RemoveDraftAppVersionResourceMappings", "resiliencehub:ResolveAppVersionResources", "resiliencehub:StartAppAssessment", "resiliencehub:TagResource", "resiliencehub:UntagResource", "resiliencehub:UpdateApp", "resiliencehub:UpdateAppVersion", "resiliencehub:UpdateAppVersionAppComponent", "resiliencehub:UpdateAppVersionResource", "resiliencehub:UpdateResiliencyPolicy" ], "Resource": "*" } ] }
IAM 授予唯讀存取權的許可
下列政策會授予唯讀存取所需的必要許可。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ReadOnly", "Effect": "Allow", "Action": [ "resiliencehub:Describe*", "resiliencehub:List*", "resiliencehub:ResolveAppVersionResources" ], "Resource": "*" } ] }
