1 個回答
- 最新
- 最多得票
- 最多評論
1
Allowing full access allows operation.
But IAM best practice is least privilege permissions.
Therefore, we recommend creating an IAM policy that allows developers to do only what they need to do.
https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege
It is possible to create an EBS volume with EC2 full access, but if you only want to create it, you can create it by allowing "ec2:CreateVolume".
https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html
相關內容
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 3 年前
You will need to create a custom IAM policy using the instructions in this document. https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_create-console.html#access_policies_create-json-editor