1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
-1
Hello,
To start an EC2 instance, the only Action I see that you're missing is ec2:StartInstances
.
In regards to minimum permissions for starting an instance, I would recommend allowing:
ec2:StartInstances
ec2:DescribeInstances
You may also want to grant ec2:StopInstances
if you want to allow a user to also stop the instance.
You could also limit the scope to only the user who created the instance or instances that match a specific tag. See here for additional documentation on that: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_ec2_tag-owner.html
관련 콘텐츠
- AWS 공식업데이트됨 2년 전