0
如何爲AWS IAM用戶授予使用GetConsoleScreenshot操作的權限?爲AWS IAM用戶提供查看屏幕截圖的能力
我想到了,我覺得應該這樣做策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:GetConsoleScreenshot",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:AvailabilityZone",
"ec2:EbsOptimized",
"ec2:InstanceProfile",
"ec2:InstanceType",
"ec2:PlacementGroup",
"ec2:Region",
"ec2:ResourceTag/tag-key",
"ec2:RootDeviceType",
"ec2:Tenancy"
],
"Resource": [
"*"
]
}
]
}
我用這個作爲參考:Granting IAM Users Required Permissions for Amazon EC2 Resources
我想知道的是,如果這是矯枉過正給某人「ec2:GetConsoleScreenshot」,能力如何?通過賦予這一能力來暗示其他權限?
好吧,明白了!感謝您的回覆。我現在對此有了更清晰的認識。非常感激! – bluethundr