本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
AWSResourceExplorerOrganizationsAccess
描述:此政策會授予 Resource Explorer 管理許可,並將唯讀許可授予其他 AWS 服務以支援此存取。 AWS Organizations 管理員需要這些許可,才能在 主控台中設定和管理多帳戶搜尋。
AWSResourceExplorerOrganizationsAccess 是AWS 受管政策。
使用此政策
您可以AWSResourceExplorerOrganizationsAccess連接到您的使用者、群組和角色。
政策詳細資訊
-
類型: AWS 受管政策
-
建立時間:2023 年 11 月 14 日 17:01 UTC
-
編輯時間:2023 年 11 月 14 日 17:01 UTC
-
ARN:
arn:aws:iam::aws:policy/AWSResourceExplorerOrganizationsAccess
政策版本
政策版本: v1 (預設)
政策的預設版本是定義政策許可的版本。當具有 政策的使用者或角色提出存取 AWS 資源的請求時, 會 AWS 檢查政策的預設版本,以決定是否允許請求。
JSON 政策文件
{ "Version" : "2012-10-17", "Statement" : [ { "Sid" : "ReadOnlyAccess", "Effect" : "Allow", "Action" : [ "resource-explorer-2:*", "ec2:DescribeRegions", "ram:ListResources", "ram:GetResourceShares", "organizations:ListAccounts", "organizations:ListRoots", "organizations:ListOrganizationalUnitsForParent", "organizations:ListAccountsForParent", "organizations:ListDelegatedAdministrators", "organizations:ListAWSServiceAccessForOrganization", "organizations:DescribeOrganization" ], "Resource" : "*" }, { "Sid" : "ResourceExplorerGetSLRAccess", "Effect" : "Allow", "Action" : [ "iam:GetRole" ], "Resource" : "arn:aws:iam::*:role/aws-service-role/resource-explorer-2.amazonaws.com/AWSServiceRoleForResourceExplorer" }, { "Sid" : "ResourceExplorerCreateSLRAccess", "Effect" : "Allow", "Action" : [ "iam:CreateServiceLinkedRole" ], "Resource" : "*", "Condition" : { "StringEquals" : { "iam:AWSServiceName" : [ "resource-explorer-2.amazonaws.com" ] } } }, { "Sid" : "OrganizationsAdministratorAccess", "Effect" : "Allow", "Action" : [ "organizations:EnableAWSServiceAccess", "organizations:DisableAWSServiceAccess", "organizations:RegisterDelegatedAdministrator", "organizations:DeregisterDelegatedAdministrator" ], "Resource" : "*", "Condition" : { "StringEquals" : { "organizations:ServicePrincipal" : [ "resource-explorer-2.amazonaws.com" ] } } } ] }
進一步了解
