适用于Application Load Balancer的AWS完全访问策略

时间:2018-06-25 14:27:54

标签: amazon-web-services amazon-ec2

现在,我的AWS账户具有以下策略:

  • AmazonEC2FullAccess
  • AmazonSQSFullAccess
  • AmazonS3FullAccess
  • AmazonAPIGatewayInvokeFullAccess
  • CloudWatchFullAccess
  • AmazonKinesisFullAccess
  • AmazonRekognitionFullAccess
  • AmazonKinesisVideoStreamsFullAccess
  • AmazonKinesisFirehoseFullAccess
  • AmazonSNSFullAccess

要在VPC中设置具有自动伸缩组,目标组,子网的“应用程序负载平衡器”,我还需要其他哪些策略?

1 个答案:

答案 0 :(得分:-1)

AmazonVPCFullAccess,
AutoScalingFullAccess,
Application Load Balancer:
AssumeRolePolicyDocument={
    "Version": "2008-10-17",
    "Statement": [{
        "Effect": "Allow",
        "Principal": {"Service": ["ecs.amazonaws.com", "application-autoscaling.amazonaws.com"]},
        "Action": ["sts:AssumeRole"]
    }]
},
with ManagedPolicyArns
["arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceRole",
   "arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceAutoscaleRole"]

编写具有最小特权访问权限的自定义策略可能会更好

相关问题
最新问题