1 個回答
- 最新
- 最多得票
- 最多評論
0
I believe your question is more towards, what are the permissions required for running SSM start-associations-once.
Please refer Actions, resources, and condition keys for AWS Systems Manager and search for startassociation in this page, you'll see what are the permissions and resource access are required. Basically, your CLI user must have StartAssociationsOnce for the resource arn:aws:ssm:*:<AccountId>:association/<SSM_ResourceName>. SSMResourceName can be "*" as well if you want to give access for all resources.
Hope this helps.
Comment here if you have additional questions, happy to help.
Abhishek
相關內容
- AWS 官方已更新 2 年前
Can you provide the exact CLI command? I am currently trying to run aws ssm start-associations-once
--association-id "8dfe3659-4309-493a-8755-0123456789ab" What parameters should I add to permissions? This command doesn't have a "parameters" field.
arn:aws:iam::8X4956999XX:role/aws-service-role/ssm.amazonaws.com/AWSServiceRoleForAmazonSSM?