2 個答案
- 最新
- 最多得票
- 最多評論
1
Amazon Inspector uses the service-linked role named AWSServiceRoleForAmazonInspector2. This service-linked role trusts the inspector2.amazonaws.com service to assume the role.
The permissions policy for the role, which is named AmazonInspector2ServiceRolePolicy, allows Amazon Inspector to perform several tasks, such us using select Elastic Load Balancing actions to preform network scans of EC2 instances that are part of Elastic Load Balancing target groups.
The role configured must include the following permissions policy.
"Sid": "TirosPolicy", "Effect": "Allow", "Action": [ "elasticloadbalancing:DescribeListeners", "elasticloadbalancing:DescribeLoadBalancerAttributes", "elasticloadbalancing:DescribeLoadBalancers", "elasticloadbalancing:DescribeRules", "elasticloadbalancing:DescribeTags", "elasticloadbalancing:DescribeTargetGroups", "elasticloadbalancing:DescribeTargetGroupAttributes", "elasticloadbalancing:DescribeTargetHealth",
[REFERENCES]
已回答 9 個月前
0
Thanks for your help. Linked IAM Policy "AmazonInspector2ServiceRolePolicy" magically updated yesterday to Version 11 and has this permission. We will monitor CloudTrail logs for any further errors.
已回答 9 個月前
相關內容
- 已提問 7 個月前
- AWS 官方已更新 1 年前
- AWS 官方已更新 2 年前