I've created an IAM user and intend to assign only CloudWatch access to this user. The user should be able to view and create new alarms for our ec2 instances. What is the minimum set of permissions needed for this user? Do I have to assign CloudWatchFullAccess policy?
我创建了一个IAM用户,并打算只为此用户分配CloudWatch访问权限。用户应该能够查看和创建ec2实例的新警报。此用户所需的最小权限集是多少?我是否必须分配CloudWatchFullAccess策略?
1 个解决方案
#1
0
I think something like this should do the job:
我认为这样的事情应该做的工作:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DescribeAlarmsForMetric"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
Here, you can read more about permissions.
在这里,您可以阅读有关权限的更多信息
#1
0
I think something like this should do the job:
我认为这样的事情应该做的工作:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"cloudwatch:PutMetricAlarm",
"cloudwatch:DescribeAlarms",
"cloudwatch:DescribeAlarmsForMetric"
],
"Effect": "Allow",
"Resource": "*"
}
]
}
Here, you can read more about permissions.
在这里,您可以阅读有关权限的更多信息