You need to enable JavaScript to run this app.
导航
允许访问指定服务的指定操作
最近更新时间:2024.01.09 22:05:23首次发布时间:2023.09.05 17:54:34

场景: 限制仅能访问应用型负载均衡的监听器相关的操作。
策略示例:

{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "alb:CreateListener",
        "alb:DeleteListener",
        "alb:ModifyListener",
        "alb:DescribeListener",
        "alb:DescribeListenerAttributes",
        "alb:DescribeListenerHealth"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}

解读: 这条策略通过列举alb下全部监听器相关的Action来限定策略的操作范围,也可以配合通配符来定义监听器相关的操作,写法如下:

{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "alb:*Listener*"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}