0
如何为AWS IAM用户授予使用GetConsoleScreenshot操作的权限?为AWS IAM用户提供查看屏幕截图的能力
我想到了,我觉得应该这样做策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ec2:GetConsoleScreenshot",
"ec2:DescribeImages",
"ec2:DescribeInstances",
"ec2:AvailabilityZone",
"ec2:EbsOptimized",
"ec2:InstanceProfile",
"ec2:InstanceType",
"ec2:PlacementGroup",
"ec2:Region",
"ec2:ResourceTag/tag-key",
"ec2:RootDeviceType",
"ec2:Tenancy"
],
"Resource": [
"*"
]
}
]
}
我用这个作为参考:Granting IAM Users Required Permissions for Amazon EC2 Resources
我想知道的是,如果这是矫枉过正给某人“ec2:GetConsoleScreenshot”,能力如何?通过赋予这一能力来暗示其他权限?
好吧,明白了!感谢您的回复。我现在对此有了更清晰的认识。非常感激! – bluethundr