本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
NeptuneGraphReadOnlyAccess
使用 Amazon 托管策略授权
以下NeptuneGraphReadOnlyAccess
此策略包括以下权限:
对于 Amazon EC2 — 检索有关VPCs子网、安全组和可用区域的信息。
Fo Amazon KMS r-检索有关KMS密钥和别名的信息。
对于 CloudWatch-检索有关 CloudWatch 指标的信息。
对于 CloudWatch 日志-检索有关 CloudWatch 日志流和事件的信息。
注意
该策略已于 2023 年 11 月 29 日发布。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowReadOnlyPermissionsForNeptuneGraph", "Effect": "Allow", "Action": [ "neptune-graph:Get*", "neptune-graph:List*", "neptune-graph:Read*" ], "Resource": "*" }, { "Sid": "AllowReadOnlyPermissionsForEC2", "Effect": "Allow", "Action": [ "ec2:DescribeVpcEndpoints", "ec2:DescribeVpcAttribute", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "ec2:DescribeAvailabilityZones" ], "Resource": "*" }, { "Sid": "AllowReadOnlyPermissionsForKMS", "Effect": "Allow", "Action": [ "kms:ListKeys", "kms:ListAliases" ], "Resource": "*" }, { "Sid": "AllowReadOnlyPermissionsForCloudwatch", "Effect": "Allow", "Action": [ "cloudwatch:GetMetricData", "cloudwatch:ListMetrics", "cloudwatch:GetMetricStatistics" ], "Resource": "*" }, { "Sid": "AllowReadOnlyPermissionsForLogs", "Effect": "Allow", "Action": [ "logs:DescribeLogStreams", "logs:GetLogEvents" ], "Resource": [ "arn:aws:logs:*:*:log-group:/aws/neptune/*:log-stream:*" ] } ] }