2014-09-24 230 views
1

試圖設置用戶只能訪問一種類型的實例,只能停止和啓動實例。但是當我爲它設置一個策略時,我只是得到一個錯誤說未經授權:AWS IAM EC2訪問實例ID

An error occurred fetching instance data: You are not authorized to perform this operation. 

帳戶ID是從安全頁面檢索的。

爲了測試的緣故,我已經讓所有操作(EC2:*),並嘗試了這些政策的

{ 
    "Version": "2012-10-17", 
    "Statement": [ 
    { 
     "Action": "ec2:*", 
     "Effect": "Allow", 
     "Resource": "arn:aws:ec2:us-east-1:XXXXXXXXXX:instance/i-XXXXXXX"  
    } 
    ] 
} 

與標籤開發

{ 
    "Version": "2012-10-17", 
    "Statement": [ 
    { 
     "Sid": "Stmt1411556016000", 
     "Effect": "Allow", 
     "Action": [ 
     "ec2:StartInstances", 
     "ec2:StopInstances" 
     ], 
     "Resource" : "*" 
     "Condition": { 
     "ArnEquals": { 
      "ec2:ResourceTag/Environment": "dev" 
     } 
     } 
    } 
    ] 
} 

回答

0

這可能是this question重複,而是回答,您可能還需要授予DescribeInstances權限。

+0

我之前曾問過這個問題,但無論哪種方式它都回答了我的問題。 – Labithiotis 2015-04-28 12:06:52