给定以下角色,为什么我的测试 IAM 用户看不到任何 EC2 实例?当我使用测试用户登录并转到 EC2 时,我只看到“您无权执行此操作”。
如您所见,我通过 GUI 编辑器构建了它。我缺少什么?
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:StartInstances",
"ec2:StopInstances",
"ec2:DescribeHostReservations",
"ec2:DescribeAddresses",
"ec2:DescribeInstances",
"ec2:DescribeTags",
"ec2:DescribeDhcpOptions",
"ec2:DescribeInstanceEventNotificationAttributes",
"ec2:DescribeInstanceCreditSpecifications",
"ec2:DescribeHosts",
"ec2:DescribeVolumeStatus",
"ec2:DescribeInstanceTypeOfferings",
"ec2:DescribeVolumes",
"ec2:DescribeInstanceTypes",
"ec2:DescribeKeyPairs",
"ec2:DescribeInstanceStatus"
],
"Resource": [
"arn:aws:license-manager:*:<redacted>:license-configuration:*",
"arn:aws:ec2:*:<redacted>:instance/*"
],
"Condition": {
"StringEquals": {
"aws:ResourceTag/Product": "Website"
}
}
}
]
}