管理标签策略的先决条件和权限
本页介绍了在 Amazon Organizations 中管理标签策略的先决条件和所需的权限。
管理标签策略的先决条件
使用标签策略需要满足以下条件:
要评估标签策略的合规性,请使用 Amazon Resource Groups。有关评估合规性的要求的信息,请参阅《Amazon Resource Groups 用户指南》中的先决条件和权限。
管理标签策略的权限
以下示例 IAM 策略提供了用于管理标签策略的权限。
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ManageTagPolicies", "Effect": "Allow", "Action": [ "organizations:ListPoliciesForTarget", "organizations:ListTargetsForPolicy", "organizations:DescribeEffectivePolicy", "organizations:DescribePolicy", "organizations:ListRoots", "organizations:DisableAWSServiceAccess", "organizations:DetachPolicy", "organizations:DeletePolicy", "organizations:DescribeAccount", "organizations:DisablePolicyType", "organizations:ListAWSServiceAccessForOrganization", "organizations:ListPolicies", "organizations:ListAccountsForParent", "organizations:ListAccounts", "organizations:EnableAWSServiceAccess", "organizations:ListCreateAccountStatus", "organizations:DescribeOrganization", "organizations:UpdatePolicy", "organizations:EnablePolicyType", "organizations:DescribeOrganizationalUnit", "organizations:AttachPolicy", "organizations:ListParents", "organizations:ListOrganizationalUnitsForParent", "organizations:CreatePolicy", "organizations:DescribeCreateAccountStatus" ], "Resource": "*" } ] }
有关 IAM 策略与权限的更多信息,请参阅 IAM 用户指南。