IAM policy for Amazon AWS to allow limited access to Route 53

2018-06-06 11:30:50

I want to grant permission just for only one user to create, delete and modify records on a subdomain I have created on Route 53.

I have created a new group where added a new user and I have attached a new policy as follows:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "route53:*"
            ],
            "Resource": [
                "arn:aws:route53:::hostedzone/*id_subdomain_zone*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "elasticloadbalancing:DescribeLoadBalancers"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Then when I will try to log in aws console and it didnn't work, I amn't able to see any domain-zone with my new user.

ID Zone is alright.

Any help?

Thanks

Check this gist out - https://gist.github.com/dfox/1677191 I've tried it now, after you add the option to list all hosted zones you will be able to list your hosted zones. It's a bit problematic, since the users can see all other hosted zones, but they cannot alter them.

链接地址: http://www.djcxy.com/p/20110.html

上一篇: Json.NET反序列化到接口实现

下一篇: 适用于Amazon AWS的IAM策略，允许有限访问Route 53