我需要什么权限的aws ec2等待

时间:2018-05-10 09:33:43

标签: amazon-web-services amazon-ec2

-bash-4.2$ aws ec2 wait instance-running $ARG

Waiter InstanceRunning failed: You are not authorized to perform this operation.

现在你去IAM并看到一个巨大的权限列表,没有等待字...,所以你查看https://docs.aws.amazon.com/cli/latest/reference/ec2/wait/index.html#cli-aws-ec2-wait并找不到所需权限列表......

那么:aws ec2 wait需要什么权限?..

3 个答案:

答案 0 :(得分:2)

纯粹通过尝试和失败我找到了那些对我有用的东西:

{
    "Version": "1980-09-19",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ec2:StartInstances",
                "ec2:StopInstances"
            ],
            "Resource": "arn:aws:ec2:us-east-1:00000000:instance/i-abababababab"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeInstances",
                "ec2:ReportInstanceStatus"
            ],
            "Resource": "*"
        }
    ]
}

我假设您不需要startstop只是wait,但我将其包括在内,因为您将wait与其中任何一个配对使用。

简而言之,这些是:DescribeInstancesReportInstanceStatus

答案 1 :(得分:0)

WaiterInstanceRunning需要ec2:DescribeInstanceStatus-ReportInstanceStatus向AWS报告实例状态(当实例处于意外状态时)

答案 2 :(得分:0)

下面的命令似乎也需要“ ec2:DescribeInstanceStatus”

aws ec2 wait instance-status-ok --region eu-west-1 --instance-ids