AWS IAM EC2访问实例ID

时间:2014-09-24 12:40:33

标签: amazon-web-services amazon-ec2 amazon-iam

尝试将用户设置为只能访问一种类型的实例,并且只能停止并启动实例。但是当我为它设置一个策略时,我只是得到一个错误,说没有授权:

 An error occurred fetching instance data: You are not authorized to perform this operation.

从安全页面检索帐户ID。

为了测试我已允许所有行动(ec2:*)并尝试了这些政策

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "ec2:*", 
      "Effect": "Allow",
      "Resource": "arn:aws:ec2:us-east-1:XXXXXXXXXX:instance/i-XXXXXXX"    
    }
  ]
}

标签dev 

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1411556016000",
      "Effect": "Allow",
      "Action": [
        "ec2:StartInstances",
        "ec2:StopInstances"
      ],
      "Resource" : "*"
      "Condition": {
        "ArnEquals": {
          "ec2:ResourceTag/Environment": "dev"
        }
      }
    }
  ]
}

1 个答案:

答案 0 :(得分:0)

这可能与this question重复,但要回答,您可能还需要授予DescribeInstances权限。

相关问题
最新问题