本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
Amazon 托管策略
托管策略是基于身份的独立策略,您可以将其附加到账户 Amazon 中的多个用户、群组和角色。您可以使用 Amazon 托管策略来控制账单中的访问权限。
Amazon 托管策略是由创建和管理的独立策略 Amazon。 Amazon 托管策略旨在为许多常见用例提供权限。 Amazon 与必须自己编写策略相比,托管策略使您可以更轻松地为用户、组和角色分配适当的权限。
您无法更改 Amazon 托管策略中定义的权限。 Amazon 偶尔会更新 Amazon 托管策略中定义的权限。当发生此情况时,更新会影响策略附加到的所有委托人实体(用户、组和角色)。
计费为常见用例提供了多种 Amazon 托管策略。
主题
AWSPurchaseOrdersServiceRolePolicy
此托管式策略将授予对账单与成本管理控制台和采购订单控制台的完全访问权限。此策略允许用户查看、创建、更新和删除账户的采购订单。
{ "Version":"2012-10-17", "Statement":[ { "Effect":"Allow", "Action":[ "account:GetAccountInformation", "account:GetContactInformation", "aws-portal:*Billing", "consolidatedbilling:GetAccountBillingRole", "invoicing:GetInvoicePDF", "payments:GetPaymentInstrument", "payments:ListPaymentPreferences", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "tax:ListTaxRegistrations" ], "Resource":"*" } ] }
AWSBillingReadOnlyAccess
此托管式策略授予用户查看 Amazon Billing and Cost Management 控制台的权限。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "account:GetAccountInformation", "aws-portal:ViewBilling", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "budgets:DescribeBudgetActionsForBudget", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionHistories", "budgets:ViewBudget", "ce:DescribeCostCategoryDefinition", "ce:GetCostAndUsage", "ce:GetDimensionValues", "ce:GetTags", "ce:ListCostCategoryDefinitions", "ce:ListCostAllocationTags", "ce:ListCostAllocationTagBackfillHistory", "ce:ListTagsForResource", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "cur:DescribeReportDefinitions", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "mapcredit:ListAssociatedPrograms", "mapcredit:ListQuarterCredits", "mapcredit:ListQuarterSpend", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListPaymentPreferences", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ViewPurchaseOrders", "sustainability:GetCarbonFootprintSummary", "tax:GetTaxInheritance", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations" ], "Resource": "*" } ] }
Billing
此托管策略授予用户查看和编辑 Amazon Billing and Cost Management 控制台的权限。这包括查看账户使用量、修改预算和付款方式。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "account:GetAccountInformation", "aws-portal:*Billing", "aws-portal:*PaymentMethods", "aws-portal:*Usage", "billing:GetBillingData", "billing:GetBillingDetails", "billing:GetBillingNotifications", "billing:GetBillingPreferences", "billing:GetContractInformation", "billing:GetCredits", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "billing:ListBillingViews", "billing:PutContractInformation", "billing:RedeemCredits", "billing:UpdateBillingPreferences", "billing:UpdateIAMAccessPreference", "budgets:CreateBudgetAction", "budgets:DeleteBudgetAction", "budgets:DescribeBudgetActionsForBudget", "budgets:DescribeBudgetAction", "budgets:DescribeBudgetActionsForAccount", "budgets:DescribeBudgetActionHistories", "budgets:ExecuteBudgetAction", "budgets:ModifyBudget", "budgets:UpdateBudgetAction", "budgets:ViewBudget", "ce:CreateNotificationSubscription", "ce:CreateReport", "ce:CreateCostCategoryDefinition", "ce:DeleteNotificationSubscription", "ce:DeleteCostCategoryDefinition", "ce:DescribeCostCategoryDefinition", "ce:DeleteReport", "ce:GetCostAndUsage", "ce:GetDimensionValues", "ce:GetTags", "ce:ListCostAllocationTags", "ce:ListCostAllocationTagBackfillHistory", "ce:ListCostCategoryDefinitions", "ce:ListTagsForResource", "ce:StartCostAllocationTagBackfill", "ce:UpdateCostAllocationTagsStatus", "ce:UpdateNotificationSubscription", "ce:TagResource", "ce:UpdatePreferences", "ce:UpdateReport", "ce:UntagResource", "ce:UpdateCostCategoryDefinition", "consolidatedbilling:GetAccountBillingRole", "consolidatedbilling:ListLinkedAccounts", "cur:DeleteReportDefinition", "cur:DescribeReportDefinitions", "cur:GetClassicReport", "cur:GetClassicReportPreferences", "cur:GetUsageReport", "cur:ModifyReportDefinition", "cur:PutClassicReportPreferences", "cur:PutReportDefinition", "cur:ValidateReportDestination", "freetier:GetFreeTierAlertPreference", "freetier:GetFreeTierUsage", "freetier:PutFreeTierAlertPreference", "invoicing:GetInvoiceEmailDeliveryPreferences", "invoicing:GetInvoicePDF", "invoicing:ListInvoiceSummaries", "invoicing:PutInvoiceEmailDeliveryPreferences", "mapcredit:ListAssociatedPrograms", "mapcredit:ListQuarterCredits", "mapcredit:ListQuarterSpend", "payments:CreatePaymentInstrument", "payments:DeletePaymentInstrument", "payments:GetPaymentInstrument", "payments:GetPaymentStatus", "payments:ListPaymentPreferences", "payments:MakePayment", "payments:UpdatePaymentPreferences", "pricing:DescribeServices", "purchase-orders:AddPurchaseOrder", "purchase-orders:DeletePurchaseOrder", "purchase-orders:GetPurchaseOrder", "purchase-orders:ListPurchaseOrderInvoices", "purchase-orders:ListPurchaseOrders", "purchase-orders:ListTagsForResource", "purchase-orders:ModifyPurchaseOrders", "purchase-orders:TagResource", "purchase-orders:UntagResource", "purchase-orders:UpdatePurchaseOrder", "purchase-orders:UpdatePurchaseOrderStatus", "purchase-orders:ViewPurchaseOrders", "support:AddAttachmentsToSet", "support:CreateCase", "sustainability:GetCarbonFootprintSummary", "tax:BatchPutTaxRegistration", "tax:DeleteTaxRegistration", "tax:GetExemptions", "tax:GetTaxInheritance", "tax:GetTaxInterview", "tax:GetTaxRegistration", "tax:GetTaxRegistrationDocument", "tax:ListTaxRegistrations", "tax:PutTaxInheritance", "tax:PutTaxInterview", "tax:PutTaxRegistration", "tax:UpdateExemptions" ], "Resource": "*" } ] }
AWSAccountActivityAccess
此托管式策略授予用户查看账户活动页面的权限。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "account:GetRegionOptStatus", "account:GetAccountInformation", "account:GetAlternateContact", "account:GetChallengeQuestions", "account:GetContactInformation", "account:ListRegions", "aws-portal:ViewBilling", "billing:GetIAMAccessPreference", "billing:GetSellerOfRecord", "payments:ListPaymentPreferences" ], "Resource": "*" } ] }
Amazon 账单托 Amazon 管政策的更新
查看自该服务开始跟踪这些变更以来 Amazon 账单 Amazon 托管政策更新的详细信息。要获得有关此页面变更的自动提醒,请订阅 “ Amazon 账单文档历史记录” 页面上的 RSS feed。
| 更改 | 描述 | 日期 |
|---|---|---|
|
账单和 AWSBillingReadOnlyAccess— 更新现有政策 |
我们为
我们为
|
2024 年 3 月 25 日 |
| 账单和 AWSBillingReadOnlyAccess— 更新现有政策 |
我们为
我们为
|
2023 年 7 月 26 日 |
|
AWSPurchaseOrdersServiceRolePolicy、账单和 AWSBillingReadOnlyAccess— 更新现有政策 |
我们为
我们为
|
2023 年 7 月 17 日 |
|
AWSPurchaseOrdersServiceRolePolicy、账单和 AWSBillingReadOnlyAccess— 更新现有政策 AWSAccountActivityAccess— 为 Amazon 账单记录了新的 Amazon 托管政策 |
在所有策略中添加了更新的操作集。 | 2023 年 3 月 6 日 |
|
AWSPurchaseOrdersServiceRolePolicy – 更新了现有策略 |
Amazon 账单删除了不必要的权限。 |
2021 年 11 月 18 日 |
|
Amazon 账单已开始跟踪变更 |
Amazon Billing 已开始跟踪其 Amazon 托管政策的变更。 |
2021 年 11 月 18 日 |