- 概述
- Active Directory
- Amazon Web Services
- 发行说明
- 关于“Amazon Web Services”活动包
- 项目兼容性
- 权限列表
- 亚马逊网页服务作用域
- 配置机器人
- 创建实例
- 从启动模板中创建实例
- 按 ID 获取实例
- 获取实例列表
- 重新启动实例
- 启动实例
- 停止实例
- 终止实例
- 将卷附加到实例
- 创建实例快照
- 创建卷
- 创建卷快照
- 删除快照
- 删除卷
- 从实例中分离卷
- 获取实例卷
- 获取快照
- 获取卷
- 获取卷列表
- 向组中添加用户
- 创建组
- 删除组
- 遍历组
- 获取组
- 从组中删除用户
- 更新组
- 添加/删除内联策略
- 附加/分离托管策略
- 创建托管策略
- 删除托管策略
- 遍历托管策略
- 获取附加到托管策略的 IAM 身份
- 获取 IAM 身份内联策略
- 获取 IAM 身份托管策略
- 获取托管策略
- 更新托管策略
- 将角色添加到实例配置文件
- 创建角色
- 删除角色
- 遍历角色
- 获取角色
- 从实例配置文件中删除角色
- 更新角色
- 更改用户密码
- 创建用户
- 删除用户
- 遍历用户
- 遍历用户组
- 遍历组中的用户
- 获取用户
- 更新用户
- 配置存储桶的日志记录
- 配置存储桶的公共访问权限
- 创建存储桶
- 删除存储桶
- 删除存储桶策略
- 空存储桶
- 获取存储桶
- 获取存储桶列表
- 获取存储桶策略
- 设置存储桶策略
- 更新存储桶属性
- 复制对象
- 删除多个对象
- 删除单个对象
- 将对象下载到文件
- 针对存储桶中的各个对象
- 获取对象
- 获取对象 ACL
- 设置对象 ACL
- 从文件中上传对象
- 从文件夹中上传对象
- 运行 PowerShell 命令
- Amazon Web Services APIs
- Amazon Web Services 操作指南
- Amazon WorkSpaces
- Azure
- 发行说明
- 关于 Azure 活动包
- 项目兼容性
- 附加到 Blob
- 附加虚拟机数据磁盘
- Azure 范围
- 配置机器人
- 复制 Blob
- 创建 Blob 容器
- 创建 IP 配置
- 创建网络接口
- 创建网络安全组
- 创建资源组
- 创建安全规则
- 创建存储帐户
- 创建表格
- 创建虚拟机
- 删除 Blob
- 删除 Blob 容器
- 删除 IP 配置
- 删除网络接口
- 删除网络安全组
- 删除资源组
- 删除行
- 删除存储帐户
- 删除安全规则
- 删除表格
- 删除虚拟机
- 分离虚拟机数据磁盘
- 将 Blob 下载到文件
- 对于每个 Blob 容器
- 对于容器中的每个 Blob
- 用于每个网络接口
- 用于每个网络安全组
- 对于表格中的每一行
- 用于每个安全警示
- 获取 Blob
- 获取 Blob 容器
- 获取 Blob 容器列表
- 获取 Blob 列表
- 获取磁盘
- 获取磁盘列表
- 获取 RDP 文件
- 获取资源组
- 获取资源组列表
- 获取行
- 按筛选器获取行
- 获取密码
- 获取存储帐户
- 获取存储帐户密钥
- 获取存储帐户列表
- 获取网络接口
- 获取网络安全组
- 获取网络安全组网络接口列表
- 获取安全警示
- 获取安全规则
- 获取安全规则列表
- 获取表格
- 获取表格列表
- 获取虚拟机
- 获取自定义虚拟机映像
- 获取自定义虚拟机映像列表
- 获取虚拟机磁盘列表
- 按发布者获取虚拟机映像
- 获取虚拟机列表
- 获取虚拟机网络安全组列表
- 获取虚拟机网络接口列表
- 插入行
- 重新生成存储帐户密钥
- 重新启动虚拟机
- 在虚拟机中运行脚本
- 设置 Blob 层
- 设置安全警示状态
- 关闭虚拟机
- 启动虚拟机
- 停止虚拟机
- 从文件上传 Blob
- Azure APIs
- Azure 操作指南
- Azure Active Directory
- Azure Windows Virtual Desktop
- Citrix
- 桌面触发器
- Exchange Server
- Google Cloud
- Hyper V
- NetIQ eDirectory
- 系统中心
- VMware
权限列表
下表列出了所有 Amazon Web Services 活动、其可用操作和相关权限。
|
活动 |
运营 |
权限 |
|---|---|---|
|
GetDocumentAsync CreateDocumentAsync CreateAssociationAsync SendCommandAsync DeleteDocumentAsync |
ssm:GetDocument ssm:CreateDocument ssm:CreateAssociation ssm:SendCommand ssm:DeleteDocument ssm:ListAssociations | |
|
RunInstancesAsync CreateTagsAsync DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:RunInstances ec2:CreateTags ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages | |
|
RunInstancesAsync CreateTagsAsync DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:RunInstances ec2:CreateTags ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages | |
|
DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages | |
|
DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages | |
|
RebootInstancesAsync DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:RebootInstances ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages | |
|
GetDocumentAsync CreateDocumentAsync CreateAssociationAsync SendCommandAsync DeleteDocumentAsync DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ssm:GetDocument ssm:CreateDocument ssm:CreateAssociation ssm:SendCommand ssm:DeleteDocument ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages ssm:ListAssociations | |
|
StartInstancesAsync DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:StartInstances ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages | |
|
StopInstancesAsync DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:StopInstances ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages | |
|
TerminateInstancesAsync DescribeInstancesAsync DescribeInstanceAttributeAsync DescribeImagesAsync |
ec2:TerminateInstances ec2:DescribeInstances ec2:DescribeInstanceAttribute ec2:DescribeImages |
|
活动 |
运营 |
权限 |
|---|---|---|
|
GetACLAsync PutACLAsync PutBucketLoggingAsync |
s3:GetBucketAcl s3:PutBucketAcl s3:PutBucketLogging | |
|
PutPublicAccessBlockAsync |
s3:PutBucketPublicAccessBlock | |
|
DoesS3BucketExistV2Async PutBucketAsync PutBucketVersioningAsync DeleteBucketEncryptionAsync PutBucketEncryptionAsync PutBucketTaggingAsync PutPublicAccessBlockAsync ListBucketsAsync GetBucketLocationAsync GetBucketTaggingAsync GetBucketVersioningAsync GetACLAsync GetBucketLoggingAsync GetObjectLockConfigurationAsync GetPublicAccessBlockAsync GetBucketEncryptionAsync DeleteS3BucketWithObjectsAsync |
s3:GetBucketAcl s3:CreateBucket s3:PutBucketObjectLockConfiguration s3:PutBucketVersioning s3:PutEncryptionConfiguration s3:PutEncryptionConfiguration s3:PutBucketTagging s3:PutBucketPublicAccessBlock s3:ListBucket s3:GetBucketLocation s3:GetBucketTagging s3:GetBucketVersioning s3:GetBucketAcl s3:GetBucketLogging s3:GetBucketObjectLockConfiguration s3:GetBucketPublicAccessBlock s3:GetEncryptionConfiguration s3:DeleteBucket s3:DeleteObject | |
|
GetBucketVersioningAsync ListVersionsAsync ListObjectsV2Async DeleteObjectsAsync DeleteBucketAsync |
s3:GetBucketVersioning s3:ListBucketVersions s3:ListBucket s3:DeleteObjectVersion s3:DeleteBucket s3:ListAllMyBuckets | |
|
DeleteBucketPolicyAsync |
s3:DeleteBucketPolicy | |
|
GetBucketVersioningAsync ListVersionsAsync ListObjectsV2Async DeleteObjectsAsync |
s3:GetBucketVersioning s3:ListBucketVersions s3:ListBucket s3:DeleteObjectVersion | |
|
DoesS3BucketExistV2Async ListBucketsAsync GetBucketLocationAsync GetBucketTaggingAsync GetACLAsync GetBucketVersioningAsync GetBucketLoggingAsync GetObjectLockConfigurationAsync GetPublicAccessBlockAsync GetBucketEncryptionAsync |
s3:GetBucketAcl (可选)s3:ListBucket s3:GetBucketLocation s3:GetBucketTagging s3:GetBucketAcl s3:GetBucketVersioning s3:GetBucketLogging s3:GetBucketObjectLockConfiguration s3:GetBucketPublicAccessBlock s3:GetEncryptionConfiguration | |
|
ListBucketsAsync GetBucketLocationAsync GetBucketTaggingAsync DoesS3BucketExistV2Async |
s3:ListBucket s3:GetBucketLocation s3:GetBucketTagging s3:GetBucketAcl | |
|
GetBucketPolicyAsync |
s3:GetBucketPolicy | |
|
PutBucketPolicyAsync |
s3:PutBucketPolicy | |
|
DoesS3BucketExistV2Async PutBucketVersioningAsync DeleteBucketEncryptionAsync PutBucketEncryptionAsync PutBucketTaggingAsync PutPublicAccessBlockAsync |
s3:GetBucketAcl s3:PutBucketVersioning s3:PutEncryptionConfiguration s3:PutEncryptionConfiguration s3:PutBucketTagging s3:PutBucketPublicAccessBlock |
|
活动 |
运营 |
权限 |
|---|---|---|
|
GetBucketLocationAsync CopyObjectAsync |
s3:GetBucketLocation s3:GetObject s3:PutObject | |
|
DeleteObjectsAsync |
s3:DeleteObjectVersion s3:GetObject | |
|
DeleteObjectsAsync |
s3:DeleteObjectVersion s3:GetObject | |
|
GetObjectAsync |
s3:GetObject | |
|
ListObjectsV2Async GetObjectMetadataAsync GetBucketLocationAsync GetObjectTaggingAsync ListVersionsAsync |
s3:ListBucket s3:GetObject s3:ListBucketVersions s3:GetBucketLocation s3:GetObjectTagging s3:ListBucketVersions | |
|
GetObjectMetadataAsync GetBucketLocationAsync GetObjectTaggingAsync ListVersionsAsync |
s3:ListBucketVersions s3:GetBucketLocation s3:GetObjectTagging s3:ListBucketVersions s3:GetObject | |
|
GetACLAsync |
s3:GetObjectAcl s3:GetObject | |
|
GetACLAsync PutACLAsync |
s3:GetObjectAcl s3:PutObjectAcl s3:GetObject | |
|
UploadDirectoryAsync |
s3:PutObject s3:ListBucketMultipartUploads s3:ListMultipartUploadParts s3:AbortMultipartUpload s3:GetObject | |
|
UploadAsync GetObjectMetadataAsync GetBucketLocationAsync GetObjectTaggingAsync ListVersionsAsync GetACLAsync PutACLAsync |
s3:GetObject s3:PutObject s3:PutObjectTagging s3:PutObjectVersionTagging s3:ListBucketVersions s3:GetBucketLocation s3:GetObjectTagging s3:GetObjectVersionTagging s3:GetObjectAcl s3:PutObjectAcl s3:ListBucketMultipartUploads s3:ListMultipartUploadParts s3:AbortMultipartUpload |
|
活动 |
运营 |
权限 |
|---|---|---|
|
AddUserToGroupAsync |
iam:AddUserToGroup | |
|
CreateGroupAsync |
iam:CreateGroup | |
|
DeleteGroupAsync GetGroupAsync RemoveUserFromGroupAsync ListGroupPoliciesAsync DeleteGroupPolicyAsync ListAttachedGroupPoliciesAsync DetachGroupPolicyAsync |
iam:DeleteGroup iam:GetGroup iam:RemoveUserFromGroup iam:ListGroupPolicies iam:DeleteGroupPolicy iam:ListAttachedGroupPolicies iam:DetachGroupPolicy | |
|
ListGroupsAsync |
iam:ListGroups | |
|
GetGroupAsync |
iam:GetGroup | |
|
RemoveUserFromGroupAsync |
iam:RemoveUserFromGroup | |
|
UpdateGroupAsync GetGroupAsync |
iam:UpdateGroup iam:GetGroup |
|
活动 |
运营 |
权限 |
|---|---|---|
|
PutGroupPolicyAsync DeleteGroupPolicyAsync PutRolePolicyAsync DeleteRolePolicyAsync PutUserPolicyAsync DeleteUserPolicyAsync |
iam:PutGroupPolicy iam:DeleteGroupPolicy iam:PutRolePolicy iam:DeleteRolePolicy iam:PutUserPolicy iam:DeleteUserPolicy | |
|
AttachGroupPolicyAsync DetachGroupPolicyAsync AttachRolePolicyAsync DetachRolePolicyAsync AttachUserPolicyAsync DetachUserPolicyAsync |
iam:AttachGroupPolicy iam:DetachGroupPolicy iam:AttachRolePolicy iam:DetachRolePolicy iam:AttachUserPolicy iam:DetachUserPolicy | |
|
CreatePolicyAsync GetPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync |
iam:CreatePolicy iam:GetPolicy iam:ListPolicyVersions iam:GetPolicyVersion | |
|
ListEntitiesForPolicyAsync DetachGroupPolicyAsync DetachRolePolicyAsync DetachUserPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync DeletePolicyVersionAsync DeletePolicyAsync |
iam:ListEntitiesForPolicy iam:DetachGroupPolicy iam:DetachRolePolicy iam:DetachUserPolicy iam:ListPolicyVersions iam:GetPolicyVersion iam:DeletePolicyVersion iam:DeletePolicy | |
|
ListPoliciesAsync ListPolicyTagsAsync ListPolicyVersionsAsync GetPolicyVersionAsync |
iam:ListPolicies iam:ListPolicyTags iam: ListPolicyVersions iam;GetPolicyVersion | |
|
ListGroupPoliciesAsync GetGroupPolicyAsync ListRolePoliciesAsync GetRolePolicyAsync ListUserPoliciesAsync GetUserPolicyAsync |
iam:ListGroupPolicies iam:GetGroupPolicy iam:ListRolePolicies iam:GetRolePolicy iam:ListUserPolicies iam:GetUSerPolicy | |
|
ListAttachedGroupPoliciesAsync ListAttachedRolePoliciesAsync ListAttachedUserPoliciesAsync |
iam:ListAttachedGroupPolicies iam:ListAttachedRolePolicies iam:ListAttachedUserPolicies | |
|
ListEntitiesForPolicyAsync |
iam:ListEntitiesForPolicy | |
|
GetPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync |
iam:GetPolicy iam:ListPolicyVersions iam:GetPolicyVersion | |
|
UntagPolicyAsync TagPolicyAsync CreatePolicyVersionAsync SetDefaultPolicyVersionAsync DeletePolicyVersionAsync GetPolicyAsync ListPolicyVersionsAsync GetPolicyVersionAsync |
iam:UntagPolicy iam:TagPolicy iam:CreatePolicyVersion iam:SetDefaultPolicyVersion iam:DeletePolicyVersion iam:GetPolicy iam:ListPolicyVersions iam:GetPolicyVersion |
|
活动 |
运营 |
权限 |
|---|---|---|
|
AddRoleToInstanceProfileAsync GetInstanceProfileAsync RemoveRoleFromInstanceProfileAsync |
iam:AddRoleToInstanceProfile iam:GetInstanceProfile iam:RemoveRoleFromInstanceProfile | |
|
RemoveRoleFromInstanceProfileAsync |
iam:RemoveRoleFromInstanceProfile | |
|
CreateRoleAsync GetRoleAsync |
iam:CreateRole iam:GetRole | |
|
DeleteRoleAsync ListInstanceProfilesForRoleAsync RemoveRoleFromInstanceProfileAsync ListRolePoliciesAsync DeleteRolePolicyAsync ListAttachedRolePoliciesAsync DetachRolePolicyAsync GetInstanceProfileAsync DeleteInstanceProfileAsync |
iam:DeleteRole iam:ListInstanceProfilesForRole iam:RemoveRoleFromInstanceProfile iam:ListRolePolicies iam:DeleteRolePolicy iam:ListAttachedRolePolicies iam:DetachRolePolicy iam:GetInstanceProfile iam:DeleteInstanceProfile | |
|
GetRoleAsync |
iam:GetRole | |
|
UpdateRoleAsync DeleteRolePermissionsBoundaryAsync PutRolePermissionsBoundaryAsync UntagRoleAsync TagRoleAsync GetRoleAsync |
iam:UpdateRole iam:DeleteRolePermissionsBoundary iam:PutRolePermissionsBoundary iam:UntagRole iam:TagRole iam:GetRole | |
|
ListRolesAsync ListRoleTagsAsync |
iam:ListRoles iam:ListRoleTags |
|
活动 |
运营 |
权限 |
|---|---|---|
|
UpdateLoginProfileAsync AttachUserPolicyAsync |
iam:UpdateLoginProfile iam:AttachUserPolicy | |
|
CreateUserAsync CreateLoginProfileAsync AttachUserPolicyAsync CreateAccessKeyAsync |
iam:CreateUser iam:CreateLoginProfile iam:AttachUserPolicy iam:CreateAccessKey | |
|
GetUserAsync |
iam:GetUser | |
|
DeleteUserAsync DeleteLoginProfileAsync ListAccessKeysAsync DeleteAccessKeyAsync ListSigningCertificatesAsync DeleteSigningCertificateAsync ListSSHPublicKeysAsync DeleteSSHPublicKeyAsync ListServiceSpecificCredentialsAsync DeleteServiceSpecificCredentialAsync ListVirtualMFADevicesAsync DeactivateMFADeviceAsync DeleteVirtualMFADeviceAsync ListUserPoliciesAsync DeleteUserPolicyAsync ListAttachedUserPoliciesAsync DetachUserPolicyAsync ListGroupsForUserAsync RemoveUserFromGroupAsync |
iam:DeleteUser iam:DeleteLoginProfile iam:ListAccessKeys iam:DeleteAccessKey iam:ListSigningCertificates iam:DeleteSigningCertificate iam:ListSSHPublicKeys iam:DeleteSSHPublicKey iam:ListServiceSpecificCredentials iam:DeleteServiceSpecificCredential iam:ListVirtualMFADevices iam:DeactivateMFADevice iam:DeleteVirtualMFADevice iam:ListUserPolicies iam:DeleteUserPolicy iam:ListAttachedUserPolicies iam:DetachUserPolicy iam:ListGroupsForUser iam:RemoveUserFromGroup | |
|
UpdateUserAsync DeleteUserPermissionsBoundaryAsync PutUserPermissionsBoundaryAsync UntagUserAsync TagUserAsync GetUserAsync |
iam:UpdateUser iam:DeleteUserPermissionsBoundary iam:PutUserPermissionsBoundary iam:UntagUser iam:TagUser iam:GetUser | |
|
ListUsersAsync ListUserTagsAsync |
iam:ListUsers iam:ListUserTags | |
|
ListGroupsForUserAsync |
iam:ListGroupsForUser | |
|
GetGroupAsync ListUserTagsAsync |
iam:GetGroup iam:ListUserTags |
