Amazon Organizations 管理策略的先决条件和权限 - Amazon Organizations
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 中国的 Amazon Web Services 服务入门 (PDF)

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

Amazon Organizations 管理策略的先决条件和权限

本页介绍了 Amazon Organizations 管理策略的先决条件和所需权限。

管理策略的先决条件

要使用组织的管理策略,需要满足以下条件:

  • 您的组织必须已启用所有功能

  • 您必须登录到组织的管理账户或成为委派管理员。

  • 您的 Amazon Identity and Access Management(IAM)用户或角色必须具备以下部分中列出的权限。

管理策略的权限

以下示例 IAM 策略提供了在组织中使用管理策略的各个方面所需的权限。

{ "Version": "2012-10-17", "Statement": [ { "Sid": "ManageBackupPolicies", "Effect": "Allow", "Action": [ "organizations:AttachPolicy", "organizations:CreatePolicy", "organizations:DeletePolicy", "organizations:DescribeAccount", "organizations:DescribeCreateAccountStatus", "organizations:DescribeEffectivePolicy", "organizations:DescribeOrganization", "organizations:DescribeOrganizationalUnit", "organizations:DescribePolicy", "organizations:DetachPolicy", "organizations:DisableAWSServiceAccess", "organizations:DisablePolicyType", "organizations:EnableAWSServiceAccess", "organizations:EnablePolicyType", "organizations:ListAccounts", "organizations:ListAccountsForParent", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListCreateAccountStatus", "organizations:ListOrganizationalUnitsForParent", "organizations:ListParents", "organizations:ListPolicies", "organizations:ListPoliciesForTarget", "organizations:ListRoots", "organizations:ListTargetsForPolicy", "organizations:UpdatePolicy" ], "Resource": "*" } ] }

有关 IAM 策略与权限的更多一般信息,请参阅 IAM 用户指南