activities
latest
false
- Überblick
- Active Directory
- Versionshinweise
- Über das Active Directory-Aktivitätspaket
- Projektkompatibilität
- Active Directory Scope
- Get Object Distinguished Name
- Objekteigenschaften abrufen
- Objekte nach Filter abrufen
- Objekte nach LDAP-Filter abrufen
- Ist Objekt Mitglied der Gruppe
- Move Object
- Rename Object
- Objekteigenschaften aktualisieren
- Add Computer to Group
- Computer Exists
- Create Computer
- Delete Computer
- Get Computer Status
- Get Computers in Group
- Join Computer to Domain
- Remove Computer from Group
- Set Computer Status
- Unjoin Computer from Domain
- Add Group to Group
- Create Group
- Gruppe löschen
- Group Exists
- Remove Group from Group
- Add User to Group
- Change User Password
- Benutzer erstellen
- Benutzer löschen
- Force Password Change
- Ablaufdatum des Kennworts abrufen
- Ablaufdatum für Benutzer abrufen
- Benutzergruppen abrufen
- Benutzerstatus abrufen
- Get Users in Group
- Remove User From Group
- Ablaufdatum für Benutzer festlegen
- Benutzerstatus festlegen
- Benutzer vorhanden
- Benutzeranmeldeinformationen validieren
- Organisationseinheit erstellen
- Organisationseinheit löschen
- Active Directory-APIs
- Active Directory-Anleitungen
- Amazon Web Services
- Versionshinweise
- Über das Amazon Web Services-Aktivitätspaket
- Projektkompatibilität
- Berechtigungsliste
- Amazon Web Services Scope
- Configure Robot
- Create Instance
- Create Instance from Launch Template
- Get Instance by ID
- Get Instance List
- Reboot Instance
- Start Instance
- Stop Instance
- Terminate Instance
- Volume an Instance anhängen
- Instance-Snapshots erstellen
- Volume erstellen
- Volume-Snapshot erstellen
- Snapshot löschen
- Volume löschen
- Volume von Instance trennen
- Instance-Volumes abrufen
- Snapshot abrufen
- Volume abrufen
- Volume-Liste abrufen
- Add User to Group
- Create Group
- Gruppe löschen
- For Each Group
- Get Group
- Remove User From Group
- Update Group
- Add/Remove Inline Policy
- Attach/Detach Managed Policy
- Create Managed Policy
- Delete Managed Policy
- For Each Managed Policy
- Get IAM Identities Attached to a Managed Policy
- Get IAM Identity Inline Policies
- Get IAM Identity Managed Policies
- Get Managed Policy
- Update Managed Policy
- Add Role to Instance Profile
- Create Role
- Delete Role
- For Each Role
- Get Role
- Remove Role from Instance Profile
- Update Role
- Change User Password
- Benutzer erstellen
- Benutzer löschen
- For Each User
- For Each User Group
- For Each User in Group
- Get User
- Update User
- Configure Logging for Bucket
- Configure Public Access to Bucket
- Create Bucket
- Delete Bucket
- Delete Bucket Policy
- Empty Bucket
- Get Bucket
- Get Bucket List
- Get Bucket Policy
- Set Bucket Policy
- Update Bucket Properties
- Copy Object
- Delete Multiple Objects
- Delete Single Object
- Download Object to File
- For Each Object in Bucket
- Get Object
- Get Object ACL
- Set Object ACL
- Upload Object from File
- Upload Objects from Folder
- Run Power Shell Command
- Amazon Web Services-APIs
- Anleitungen zu Amazon Web Services
- Amazon WorkSpaces
- Azure
- Versionshinweise
- Über das Azure-Aktivitätspaket
- Projektkompatibilität
- Append to Blob
- Attach VM Data Disk
- Azure Scope
- Configure Robot
- Copy Blob
- Create Blob Container
- Create IP Configuration
- Create Network Interface
- Create NSG
- Create Resource Group
- Create Security Rule
- Create Storage Account
- Create Tables
- Create VM
- Delete Blob
- Delete Blob Container
- Delete IP Configuration
- Delete Network Interface
- Delete NSG
- Delete Resource Group
- Delete Rows
- Geheimen Schlüssel löschen
- Delete Security Rule
- Delete Storage Account
- Delete Table
- VM löschen
- Detach VM Data Disk
- Download Blob to File
- For Each Blob Container
- For Each Blob in Container
- For Each Network Interface
- For Each NSG
- For Each Row in Table
- For Each Security Alert
- Get Blob
- Get Blob Container
- Get Blob Containers List
- Get Blob List
- Get Disk
- Get Disk List
- Get RDP Files
- Get Resource Group
- Get Resource Group List
- Get Row
- Get Rows By Filter
- Get Secrets
- Get Storage Account
- Get Storage Account Key
- Get Storage Account List
- Get Network Interface
- Get NSG
- Get NSG Network Interface List
- Get Security Alert
- Get Security Rule
- Get Security Rule List
- Tabelle erhalten (Get Table)
- Get Table List
- Get VM
- Get VM Custom Image
- Get VM Custom Image List
- Get VM Disk List
- Get VM Image by Publisher
- Get VM List
- Get VM NSG List
- Get VM Network Interface List
- Insert Rows
- Regenerate Storage Account Key
- Restart VM
- Run Script in VM
- Set Blob Tier
- Set Security Alert State
- Shutdown VM
- VM starten
- VM anhalten
- Upload Blob from File
- Azure-APIs
- Azure-Anleitungen
- Azure Active Directory
- Versionshinweise
- Über die Azure Active Directory-Aktivitäten
- Projektkompatibilität
- List all groups in group
- List all records
- Listet Lebenszyklusrichtlinie auf
- List Users
- List Groups
- GetGroupMembersDelta
- Benutzerrollen abrufen
- Listen Sie alle Gruppen eines Benutzers auf
- Benutzer in Rolle auflisten
- Benutzer in Gruppe auflisten
- Listenbesitzer einer Gruppe auf
- Listen Sie Verzeichnisrollen auf
- Listen Sie direkte Berichte auf
- Benutzer zur Gruppe hinzugefügt
- Benutzer aus der Gruppe entfernt
- Add Group to Lifecycle Policy
- Add Member to Group
- Add Member to Role
- Add Owner to Group
- Assign License
- Azure AD Application Scope
- Azure AD Delegated Scope
- Create Assigned Group
- Create Lifecycle Policy
- Benutzer erstellen
- Gruppe löschen
- Delete Lifecycle Policy
- Benutzer löschen
- For Each Direct Report
- For Each Group
- For Each Group in Group
- For Each Lifecycle Policy
- For Each Parent Group
- For Each Role
- For Each User
- For Each User Group
- For Each User in Group
- For Each User in Group Owners
- For Each User in Role
- For Each User Role
- Get Group by Id
- Get Group by Name
- Get Manager
- Get User
- Group Exists
- Is Group in Lifecycle Policy
- Is Member in Role
- Is Member of Group
- Is Owner of Group
- Remove Group from Lifecycle Policy
- Lizenz entfernen
- Remove Member from Group
- Remove Member from Role
- Remove Owner from Group
- Passwort zurücksetzen (Reset Password)
- Set Manager
- Update Group
- Update Lifecycle Policy
- Update User
- Benutzer vorhanden
- Azure Active Directory-APIs
- Anleitungen für das Azure Active Directory
- Azure Windows Virtual Desktop
- Versionshinweise
- Über das Azure Windows Virtual Desktop-Aktivitätspaket
- Projektkompatibilität
- Windows Virtual Desktop Scope
- Create Host Pool
- Add Virtual Machine to Host Pool
- Update Host Pool
- Get Host Pool
- Delete Host Pool
- For Each Host Pool
- Get Session Host
- For Each Session Host
- Update Session Host
- Delete Session Host
- For Each User Session
- Disconnect User Session
- Delete User Session
- Send Message to User Session
- Get Application Group
- For Each Application Group
- Assign Users and Groups to Application Group
- Remove Users and Groups from Application Group
- Create Workspace
- Update Workspace
- Get Workspace
- For Each Workspace
- Delete Workspace
- Azure Windows Virtual Desktop-APIs
- Citrix
- Versionshinweise
- Über das Citrix-Aktivitätspaket
- Projektkompatibilität
- Citrix Scope
- Get Server List
- Get Storage Repositories
- Add Tag to VM
- Add VM to Folder
- Remove Tag From VM
- Remove VM from Folder
- Delete All VM Snapshots
- Delete VM Snapshot
- Get VM Snapshot List
- Revert VM to Snapshot
- Take VM Snapshot
- Create VM From Template
- VM löschen
- Vorlagenliste abrufen
- Get VM by UUID
- Get VM List
- Power Off VM
- Power On VM
- Rename VM
- Restart VM
- Resume VM
- Suspend VM
- Citrix-APIs
- Anleitungen zu Citrix-Aktivitäten
- Desktop-Trigger
- Exchange Server
- Google Cloud
- Versionshinweise
- Über das Google Cloud-Aktivitätspaket
- Projektkompatibilität
- Google Cloud Scope
- Create Bucket
- Update Bucket Properties
- Get Bucket
- For Each Bucket
- Delete Bucket
- Get Object
- Delete Object
- Copy Object
- Upload Object from File
- Download Object to File
- For Each Object in Bucket
- Create Instance
- Create Instance from Template
- Get Instance
- For Each Instance
- Start Instance
- Stop Instance
- Reset Instance
- Delete Instance
- Configure Robot
- Run Script on Instance
- Get Project
- For Each Project
- Create Role
- Delete Role
- For Each Grantable Role
- For Each Role
- Get Role
- Undelete Role
- Update Role
- Get IAM Policy
- Set IAM Policy
- Get Secret Data
- Google Cloud-APIs
- Google Cloud-Anleitungen
- Hyper V
- NetIQ eDirectory
- Versionshinweise
- Über das NetIQ eDirectory-Aktivitätspaket
- Projektkompatibilität
- NetIQ eDirectory-Scope
- Objekt zu Gruppe hinzufügen
- Delete Object
- Get Object Distinguished Name
- Objekteigenschaften abrufen
- Objekte nach Filter abrufen
- Objekte nach LDAP-Filter abrufen
- Ist Objekt Mitglied der Gruppe
- Move Object
- Objekt aus Gruppe entfernen
- Rename Object
- Objekteigenschaften aktualisieren
- Add Computer to Group
- Computer Exists
- Delete Computer
- Create Computer
- Get Computer Status
- Remove Computer from Group
- Set Computer Status
- Add Group to Group
- Create Group
- Gruppe löschen
- Get Computers in Group
- Get Users in Group
- Group Exists
- Remove Group from Group
- Organisationseinheit erstellen
- Organisationseinheit löschen
- Add User to Group
- Change User Password
- Benutzer erstellen
- Benutzer löschen
- Force Password Change
- Ablaufdatum des Kennworts abrufen
- Ablaufdatum für Benutzer abrufen
- Benutzergruppen abrufen
- Benutzerstatus abrufen
- Remove User From Group
- Ablaufdatum für Benutzer festlegen
- Benutzerstatus festlegen
- Benutzer vorhanden
- Benutzeranmeldeinformationen validieren
- NetIQ eDirectory-APIs
- System Center
- VMware
- Versionshinweise
- Über das VMware-Aktivitätspaket
- Projektkompatibilität
- VMware Scope
- Get Datastore
- Get Datastore List
- Get Host
- Get Host List
- Delete All VM Snapshots
- Delete VM Snapshot
- Get VM Snapshot List
- Revert VM to Snapshot
- Take VM Snapshot
- Configure Robot
- Create VM From Template
- Convert Template to VM
- Convert VM to Template
- Customize VM
- VM löschen
- Get VM
- Get VM List
- Power Off VM
- Suspend VM
- Run Program in VM
- Restart VM
- Rename VM
- Power On VM
- Move VM to Folder
- Migrate VM
- Vorlagenliste abrufen
- Export OVF Template
- Deploy OVF Template
- Assign Tag to VM
- Remove Tag From VM
- Assign Tag to Folder
- Remove Tag from Folder
- Create Folder
- Get Folder
- Rename Folder
- Move Folder
- Delete Folder
- Mount Tools Installer
- Unmount Tools Installer
- Upgrade Tools
- Anleitungen zu VMWare-Aktivitäten
Wichtig :
Bitte beachten Sie, dass dieser Inhalt teilweise mithilfe von maschineller Übersetzung lokalisiert wurde.
Es kann 1–2 Wochen dauern, bis die Lokalisierung neu veröffentlichter Inhalte verfügbar ist.
IT-Automatisierungsaktivitäten
Die folgende Tabelle enthält eine Liste aller Amazon Web Services-Aktivitäten, deren verfügbaren Operationen und zugehörigen Berechtigungen.
EC2-Aktivitäten
| Aktivität | Betrieb | Berechtigungen |
|---|---|---|
| AWSConfigureRobot | GetDocumentAsync CreateDocumentAsync CreateAssistantAsync SendCommandAsync DeleteDocumentAsync | ssm:GetDocument ssm:CreateDocument ssm:CreateAssistant ssm:SendCommand ssm:DeleteDocument ssm:ListAssistant |
| AWSCreateInstance | RunInstancesAsync CreateTagsAsync DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:RunInstances ec2:CreateTags ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
| AWSCreateInstanceFromTemplate | RunInstancesAsync CreateTagsAsync DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:RunInstances ec2:CreateTags ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
| AWSGetInstance | DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
| AWSGetInstanceList | DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
| AWSRebootInstance | RestartInstancesAsync DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:RestartInstances ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
| AWSRunPowerShellCommand | GetDocumentAsync CreateDocumentAsync CreateAssistantAsync SendCommandAsync DeleteDocumentAsync DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | 0 |
| AWSStartInstance | StartInstancesAsync DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:StartInstances ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
| AWSStopInstance | StopInstancesAsync DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:StopInstances ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
| AWSTerminateInstance | TerminateInstancesAsync DescriptionInstancesAsync DescriptionInstanceAttributeAsync DescriptionImagesAsync | ec2:TerminateInstances ec2:DescriptionInstances ec2:DescriptionInstanceAttribute ec2:DescriptionImages |
S3-Buckets-Aktivitäten
| Aktivität | Betrieb | Berechtigungen |
|---|---|---|
| AWSConfigureLoggingBucket | GetACLAsync PullACLAsync PullBucketLoggingAsync | s3:GetBucketACL s3:PutBucketACL s3:PutBucketLogging |
| AWSConfigurePublicAccessBucket | PutPublicAccessBlockAsync | s3:PutBucketPublicAccessBlock |
| AWSCreateBucket | innerhalb von S3BucketExistV2Async | s3:GetBucketAcl s3:CreateBucket s3:PutBucketObjectLockConfiguration s3:PutBucketVersioning s3:PutEncryptionConfiguration s3:PutEncryptionConfiguration s3:PutBucketTagging s3:PutBucketPublicAccessBlock s3:ListBucket s3:GetBucketLocation s3:GetBucketTagging s3:GetBucketVersioning s3:GetBucketAcl s3:GetBucketLogging s3:GetBucketObjectLockConfiguration s3:GetBucketPublicAccessBlock s3: GetEncryptionConfiguration s3:DeleteBucket s3:DeleteObject |
| AWSDeleteBucket | GetBucketVersioningAsyncVersion ListsAsync ListObjectsV2Async DeleteObjectsAsync DeleteBucketAsync | s3:GetBucketVersioning s3:ListBucketVersions s3:ListBucket s3:DeleteObjectVersion s3:DeleteBucket s3:ListAllMyBuckets |
| AWSDeleteBucketPolicy | DeleteBucketPolicyAsync | s3:DeleteBucketPolicy |
| AWSEmptyBucket | GetBucketVersioningAsyncVersion ListsAsync ListObjectsV2Async DeleteObjectsAsync | s3:GetBucketVersioning s3:ListBucketVersions s3:ListBucket s3:DeleteObjectVersion |
| AWSGetBucket | jedoch | s3:GetBucketACL (optional) s3:ListBucket s3:GetBucketLocation s3:GetBucketTagging s3:GetBucketACL s3:GetBucketVersioning s3:GetBucketLogging s3:GetBucketObjectBlockConfiguration s3:GetBucketPublicAccessBlock s3:GetEncryptionConfiguration |
| AWSGetBucketList | ListBucketsAsync GetBucketLocationAsync GetBucketTaggingAsync DoS3BucketExistV2Async | s3:ListBucket s3:GetBucketLocation s3:GetBucketTagging s3:GetBucketACL |
| AWSGetBucketPolicy | GetBucketPolicyAsync | s3:GetBucketPolicy |
| AWSSetBucketPolicy | PutBucketPolicyAsync | s3:PutBucketPolicy |
| AWSUpdateBucket | Hat S3BucketExistV2Async PullBucketVersioningAsync DeleteBucketEncryptionAsync Synchronisierung | s3:GetBucketACL s3:PutBucketVersioning s3:PutEncryptionConfiguration s3:PutEncryptionConfiguration s3:PutBucketTagging s3:PutBucketPublicAccessBlock |
S3-Objektaktivitäten
| Aktivität | Betrieb | Berechtigungen |
|---|---|---|
| AWSCopyObject | GetBucketLocationAsyncCopyObjectAsync | s3:GetBucketLocation s3:GetObject s3:PutObject |
| AWSDeleteMultipleObjects | DeleteObjectsAsync | s3:DeleteObjectVersion s3:GetObject |
| AWSDeleteSingleObject | DeleteObjectsAsync | s3:DeleteObjectVersion s3:GetObject |
| AWSDownloadSingleObject | GetObjectAsync | s3:GetObject |
| AWSForEachObject | ListObjectsV2Async GetObjectMetadataAsync GetBucketLocationAsync GetObjectTaggingAsync ListVersionsAsync | s3:ListBucket s3:GetObject s3:ListBucketVersions s3:GetBucketLocation s3:GetObjectTagging s3:ListBucketVersions |
| AWSGetObject | GetObjectMetadataAsync GetBucketLocationAsync GetObjectTaggingAsync ListVersionsAsync | s3:ListBucketVersions s3:GetBucketLocation s3:GetObjectTagging s3:GetObjectVersionTagging1 s3:ListBucketVersions s3:GetObject |
| AWSGetObjectACL | GetACLAsync | s3:GetObjectACL s3:GetObject |
| AWSSetObjectACL | GetACLAsyncPputACLAsync | s3:GetObjectACL s3:PutObjectACL s3:GetObject |
| AWSUploadMultipleObjects | UploadDirectoryAsync | s3:PutObject s3:ListBucketMultipartUploads s3:ListMultipartUploadParts s3:AbortMultipartUpload s3:GetObject |
| AWSUploadSingleObject | UploadAsync GetObjectMetadataAsync GetBucketLocationAsync GetObjectTaggingAsync ListVersionsAsync GetACLAsync PullACLAsync | s3:GetObject s3:PutObject s3:PutObjectTagging s3:PutObjectVersionTagging s3:ListBucketVersions s3:GetBucketLocation s3:GetEncryptionConfiguration s3:GetObjectVersionTagging s3:GetObjectAcl Dies |
1 Nur erforderlich, wenn IncludeVersionsInfo auf True festgelegt ist.
IAM-Gruppenaktivitäten
| Aktivität | Betrieb | Berechtigungen |
|---|---|---|
| AWSAddUserToGroup | AddUserToGroupAsync | iam:AddUserToGroup |
| AWSCreateGroup | CreateGroupAsync | iam:CreateGroup |
| AWSDeleteGroup | DeleteGroupAsync GetGroupAsync Remove UserFromGroupAsync ListGroupPoliciesAsync DeleteGroupPolicyAsync ListAttachGroupPolicyAsync DetachGroupPolicyAsync | iam:DeleteGroup iam:GetGroup iam:RemoveUserFromGroup iam:ListGroupPolicys iam:DeleteGroupPolicy iam:ListAttachGroupPolicys iam:DetachGroupPolicy |
| AWSForEachGroup | ListGroupsAsync | iam:ListGroups |
| AWSGetGroup | GetGroupAsync | iam:GetGroup |
| AWSRemoveUserFromGroup | RemoveUserFromGroupAsync | iam:RemoveUserFromGroup |
| AWSUpdateGroup | UpdateGroupAsync GetGroupAsync | iam:UpdateGroup iam:GetGroup |
IAM-Richtlinienaktivitäten
| Aktivität | Betrieb | Berechtigungen |
|---|---|---|
| AWSAddRemoveInlinePolicy | PUtGroupPolicyAsync DeleteGroupPolicyAsync PUtRolePolicyAsync DeleteRolePolicyAsync PullUserPolicyAsync Delete UserPolicyAsync | iam:PutGroupPolicy iam:DeleteGroupPolicy iam:PutRolePolicy iam:DeleteRolePolicy iam:PutUserPolicy iam:DeleteUserPolicy |
| AWSAttachDetachManagedPolicy | AttachGroupPolicyAsync DetachGroupPolicyAsync AttachRolePolicyAsync DetachRolePolicyAsync Attach UserPolicyAsync Detach UserPolicyAsync | iam:AttachGroupPolicy iam:DetachGroupPolicy iam:AttachRolePolicy iam:DetachRolePolicy iam:AttachUserPolicy iam:DetachUserPolicy |
| AWSCreateManagedPolicy | CreatePolicyAsync GetPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync | iam:CreatePolicy iam:GetPolicy iam:ListPolicyVersions iam:GetPolicyVersion |
| AWSDeleteManagedPolicy | ListEntitiesForPolicyAsync DetachGroupPolicyAsync DetachRolePolicyAsync Detach UserPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync DeletePolicyVersionAsync DeletePolicyAsync | iam:ListEntitiesForPolicy iam:DetachGroupPolicy iam:DetachRolePolicy iam:DetachUserPolicy iam:ListPolicyVersions iam:GetPolicyVersion iam:DeletePolicyVersion iam:DeletePolicy |
| AWSForEachManagedPolicy | ListPoliciesAsync ListPolicyTagsAsync ListPolicyVersionsAsync GetPolicyVersionAsync | iam:ListPolicies iam:ListPolicyTags iam: ListPolicyVersions iam;GetPolicyVersion |
| AWSGetIAMIdentityInlinePolicies | ListGroupPoliciesAsync GetGroupPolicyAsync ListRolePoliciesAsync GetRolePolicyAsync ListUserPolicyAsync Get UserPolicyAsync | iam:ListGroupPolicys iam:GetGroupPolicy iam:ListRolePolicy iam:GetRolePolicy iam:ListUserPolicys iam:GetUSerPolicy |
| AWSGetIAMIdentityManagedPolicies | dann | iam:ListActionedGroupPolicies iam:ListAtachedRolePolicies iam:ListAttachUserPolicies |
| AWSGetIdentitiesAttachedToPolicy | ListEntitiesForPolicyAsync | iam:ListEntitiesForPolicy |
| AWSGetManagedPolicy | GetPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync | iam:GetPolicy iam:ListPolicyVersions iam:GetPolicyVersion |
| AWSUpdateManagedPolicy | UntagPolicyAsync TagPolicyAsync CreatePolicyVersionAsync SetDefaultPolicyVersionAsync DeletePolicyVersionAsync GetPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync | iam:UntagPolicy iam:TagPolicy iam:CreatePolicyVersion iam:SetDefaultPolicyVersion iam:DeletePolicyVersion iam:GetPolicy iam:ListPolicyVersions iam:GetPolicyVersion |
IAM-Rollenaktivitäten
| Aktivität | Betrieb | Berechtigungen |
|---|---|---|
| AWSAddRoleToInstanceProfile | AddRoleToInstanceProfileAsync GetInstanceProfileAsync RemoveRoleFromInstanceProfileAsync | iam:AddRoleToInstanceProfile iam:GetInstanceProfile iam:RemoveRoleFromInstanceProfile |
| AWSRemoveRoleFromInstanceProfile | RemoveRoleFromInstanceProfileAsync | iam:RemoveRoleFromInstanceProfile |
| AWSCreateRole | CreateRoleAsync GetRoleAsync | iam:CreateRole iam:GetRole |
| AWSDeleteRole | DeleteRoleAsync ListInstanceProfilesForRoleAsync RemoveRoleFromInstanceProfileAsync ListRolePoliciesAsync DeleteRolePolicyAsync ListAtachRolePoliciesAsync DetachRolePolicyAsync GetInstanceProfileAsync DeleteInstanceProfileAsync | iam:DeleteRole iam:ListInstanceProfilesForRole iam:RemoveRoleFromInstanceProfile iam:ListRolePolicy iam:DeleteRolePolicy iam:ListAttachRolePolicys iam:DetachRolePolicy iam:GetInstanceProfile iam:DeleteInstanceProfile |
| AWSGetRole | GetRoleAsync | iam:GetRole |
| AWSUpdateRole | UpdateRoleAsync DeleteRolePermissionsBoundaryAsync PullRolePermissionsBoundaryAsync UntagRoleAsync TagRoleAsync GetRoleAsync | iam:UpdateRole iam:DeleteRolePermissionsBoundary iam:PutRolePermissionsBoundary iam:UntagRole iam:TagRole iam:GetRole |
| AWSForEachRole | ListRolesAsync ListRoleTagsAsync | iam:ListRoles iam:ListRoleTags |
IAM-Benutzeraktivitäten
| Aktivität | Betrieb | Berechtigungen |
|---|---|---|
| AWSChangeUserPassword | Update Login Profile Async Attach UserPolicy Async | iam:UpdateLoginProfile iam:AttachUserPolicy |
| AWSCreateUser | Create UserAsync CreateLoginProfileAsync Attach UserPolicyAsync Create AccessKeyAsync | iam:CreateUser iam:CreateLoginProfile iam:AttachUserPolicy iam:CreateAccessKey |
| AWSGetUser | GetUserAsync | iam:GetUser |
| AWSDeleteUser | DeleteUserAsync DeleteLoginProfileAsync ListAccessKeysAsync DeleteAccessKeyAsync ListSigningCertificatesAsync DeleteSigningCertificateAsync ListSSHPublicKeysAsync DeleteSSHPublicKeyAsync ListServiceSpecificCredentialsAsync DeleteServiceSpecificCredentialAsync ListVirtualMFADevicesAsync DeactivateMFADeviceAsync DeleteVirtualMFADeviceAsync ListUserPoliciesAsync DeleteUserPolicyAsync ListAttachedUserPoliciesAsync DetachUserPolicyAsync ListGroupsForUserAsync RemoveUserFromGroupAsync | iam:DeleteUser iam:DeleteLoginProfile iam:ListAccessKeys iam:DeleteAccessKey iam:ListSigningCertificates iam:DeleteSigningCertificate iam:ListSSHPublicKeys iam:DeleteSSHPublicKey iam:ListServiceSpecificCredentials iam:DeleteServiceSpecificCredential iam:ListVirtualMFADevices iam:DeactivateMFADevice iam:DeleteVirtualMFADevice iam:ListUserPolicies iam:DeleteUserPolicy iam:ListAttachedUserPolicies iam: Detach UserPolicy iam:ListGroupsForUser iam:RemoveUserFromGroup |
| AWSUpdateUser | Update UserAsync Delete UserPermissionsBoundaryAsync Push UserPermissionsBoundaryAsync UntagUserAsync TagUserAsync Get UserAsync | iam:UpdateUser iam:DeleteUserPermissionsBoundary iam:PutUserPermissionsBoundary iam:UntagUser iam:TagUser iam:GetUser |
| AWSForEachUser | ListUsersAsync List UserTagsAsync | iam:ListUsers iam:ListUserTags |
| AWSForEachUserGroup | ListGroupsForUserAsync | iam:ListGroupsForUser |
| AWSForEachUserInGroup | GetGroupAsync ListUserTagsAsync | iam:GetGroup iam:ListUserTags |