Amazon 私有 CA API操作和权限 - Amazon Private Certificate Authority
Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅 中国的 Amazon Web Services 服务入门 (PDF)

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

Amazon 私有 CA API操作和权限

在设置计划附加到身份的访问控制和权限策略(基于IAM身份的策略)时,请使用下表作为参考。表中的第一列列出了每项 Amazon 私有 CA API操作。您可以在策略的 Action 元素中指定操作。剩余的列将提供额外的信息。

Amazon 私有 CA API操作 所需的权限 资源

CreateCertificateAuthority

acm-pca:CreateCertificateAuthority

acm-pca:TagCertificateAuthority(仅在创建带有标签的 CA 时才需要。)

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

CreateCertificateAuthorityAuditReport

acm-pca:CreateCertificateAuthorityAuditReport

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

CreatePermission acm-pca:CreatePermission arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

DeleteCertificateAuthority

acm-pca:DeleteCertificateAuthority

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

DeletePermission acm-pca:DeletePermission arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566
DeletePolicy acm-pca:DeletePolicy arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

DescribeCertificateAuthority

acm-pca:DescribeCertificateAuthority

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

DescribeCertificateAuthorityAuditReport

acm-pca:DescribeCertificateAuthorityAuditReport

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

GetCertificate

acm-pca:GetCertificate

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

GetCertificateAuthorityCertificate

acm-pca:GetCertificateAuthorityCertificate

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

GetCertificateAuthorityCsr

acm-pca:GetCertificateAuthorityCsr

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

GetPolicy acm-pca:GetPolicy arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

ImportCertificateAuthorityCertificate

acm-pca:ImportCertificateAuthorityCertificate

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

IssueCertificate

acm-pca:IssueCertificate

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

ListCertificateAuthorities

acm-pca:ListCertificateAuthorities

不适用

ListPermissions acm-pca:ListPermissions arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

ListTags

acm-pca:ListTags

不适用

PutPolicy acm-pca:PutPolicy arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

RevokeCertificate

acm-pca:RevokeCertificate

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

TagCertificateAuthority

acm-pca:TagCertificateAuthority

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

UntagCertificateAuthority

acm-pca:UntagCertificateAuthority

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

UpdateCertificateAuthority

acm-pca:UpdateCertificateAuthority

arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566

要提供访问权限,请为您的用户、组或角色添加权限: