1 回答
- 最新
- 投票最多
- 评论最多
1
Allowing full access allows operation.
But IAM best practice is least privilege permissions.
Therefore, we recommend creating an IAM policy that allows developers to do only what they need to do.
https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege
It is possible to create an EBS volume with EC2 full access, but if you only want to create it, you can create it by allowing "ec2:CreateVolume".
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html
相关内容
- AWS 官方已更新 10 个月前
- AWS 官方已更新 3 年前
You will need to create a custom IAM policy using the instructions in this document. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create-console.html#access_policies_create-json-editor