2 Respuestas
- Más nuevo
- Más votos
- Más comentarios
1
Amazon Inspector uses the service-linked role named AWSServiceRoleForAmazonInspector2. This service-linked role trusts the inspector2.amazonaws.com service to assume the role.
The permissions policy for the role, which is named AmazonInspector2ServiceRolePolicy, allows Amazon Inspector to perform several tasks, such us using select Elastic Load Balancing actions to preform network scans of EC2 instances that are part of Elastic Load Balancing target groups.
The role configured must include the following permissions policy.
"Sid": "TirosPolicy", "Effect": "Allow", "Action": [ "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetHealth",
[REFERENCES]
respondido hace 9 meses
0
Thanks for your help. Linked IAM Policy "AmazonInspector2ServiceRolePolicy" magically updated yesterday to Version 11 and has this permission. We will monitor CloudTrail logs for any further errors.
respondido hace 9 meses
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 4 meses
- OFICIAL DE AWSActualizada hace 2 años