运行EMR作业的最低AWS策略要求

时间:2011-12-06 19:31:52

标签: amazon-web-services elastic-map-reduce mrjob

我想使用MRJob Python框架对来自S3存储桶com.test.mybucket的数据运行Elastic Mapreduce。但是我在S3中有很多其他数据,以及其他我不想触及的EC2实例。 AWS用户运行完整作业所需的最小访问凭证集是多少?

1 个答案:

答案 0 :(得分:1)

以下是一个例子:

{
    "Statement": [
        {
            "Action": [
                "s3:GetObject",
                "s3:ListBucket",
                "s3:PutObject",
                "s3:DeleteObject",
                "s3:GetBucketLocation"
            ],
            "Resource": [
                "arn:aws:s3:::com.test.mybucket*"
            ],
            "Effect": "Allow",
            "Sid": "Stmt1320976936189"
        },
        {
            "Action": [
                "elasticmapreduce:*"
            ],
            "Resource": [
                "*"
            ],
            "Effect": "Allow",
            "Sid": "Stmt1322766641851"
        },
        {
            "Action": [
                "ec2:AuthorizeSecurityGroupIngress",
                "ec2:CancelSpotInstanceRequests",
                "ec2:CreateSecurityGroup",
                "ec2:CreateTags",
                "ec2:DescribeAvailabilityZones",
                "ec2:DescribeInstances",
                "ec2:DescribeSecurityGroups",
                "ec2:DescribeSpotInstanceRequests",
                "ec2:ModifyImageAttribute",
                "ec2:ModifyInstanceAttribute",
                "ec2:RequestSpotInstances",
                "ec2:RunInstances",
                "ec2:TerminateInstances"
            ],
            "Resource": [
                "*"
            ],
            "Effect": "Allow",
            "Sid": "Stmt1323200725902"
        }
    ]
}

另见http://docs.amazonwebservices.com/ElasticMapReduce/latest/DeveloperGuide/index.html?environmentconfig_iam.html#ec2-iam-policies

相关问题
最新问题