创建自定义运行实例策略时出错

时间:2014-03-05 04:52:09

标签: amazon-ec2 amazon-iam

我是AWS的IAM新手。我创建了一个政策

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "TheseActionsDontSupportResourceLevelPermissions",
      "Effect": "Allow",
      "Action": "ec2:DescribeImages",
      "Resource": "*"
    },
    {
      "Sid": "TheseActionsSupportResourceLevelPermissions",
      "Effect": "Allow",
      "Action": "ec2:RunInstances",
      "Resource": [
         "arn:aws:ec2:us-east-1:109027:instance/*",
         "arn:aws:ec2:us-east-1:10927:image/*",
         "arn:aws:ec2:us-east-1:109027:security-group/Test_hin",
         "arn:aws:ec2:us-east-1:109027:subnet/subnet-b",
         "arn:aws:ec2:us-east-1:109527:key-pair/*",
         "arn:aws:ec2:us-east-1:10903527:network-interface/vpc-e4",
         "arn:aws:ec2:us-east-1:107:volume/*"
       ]
     }
   ]
}

每当我尝试使用控制台启动实例时,它都会给我一个错误,即我无权执行此操作。

enter image description here

由于

1 个答案:

答案 0 :(得分:0)

尝试使用key pairnetwork interface资源(看起来您正尝试启动VPC)。另外,请允许音量资源。

{
    "Version": "2012-10-17",
    "Statement": [
    {
       "Effect": "Allow",
       "Action": "ec2:RunInstances",
       "Resource": [
         "arn:aws:ec2:us-east-1:acct:instance/*",
         "arn:aws:ec2:us-east-1:acct:image/*",
         "arn:aws:ec2:us-east-1:acct:security-group/*",
         "arn:aws:ec2:us-east-1:acct:subnet/*",
         "arn:aws:ec2:us-east-1:acct:key-pair/*",
         "arn:aws:ec2:us-east-1:acct:network-interface/*",
         "arn:aws:ec2:us-east-1:acct:volume/*"
       ]
     }
   ]
}
相关问题
最新问题