AWS Serverless Application Repository API 权限:操作和资源参考 - AWS Serverless Application Repository
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

AWS Serverless Application Repository API 权限:操作和资源参考

在设置访问控制以及编写可附加到 IAM 身份的权限策略(基于身份的策略)时,您可以将下表作为参考。该表包含每个 AWS Serverless Application Repository API 操作、您可授予执行操作的权限的对应操作以及您可授予权限的 AWS 资源。您可以在策略的 Action 字段中指定这些操作,并在策略的 Resource 字段中指定资源值。

要指定操作,请在 API 操作名称之前使用 serverlessrepo: 前缀(例如,serverlessrepo:ListApplications)。

操作 URI 方法 AWS 资源 (ARN)

操作:ListApplications

必需权限:serverlessrepo:ListApplications

/applications

GET *

操作:CreateApplication

必需权限:serverlessrepo:CreateApplication

/applications

POST *

操作:GetApplication

必需权限:serverlessrepo:GetApplication

/applications/application-id

GET

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:DeleteApplication

必需权限:serverlessrepo:DeleteApplication

/applications/application-id

DELETE

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:UpdateApplication

必需权限:serverlessrepo:UpdateApplication

/applications/application-id

PATCH

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:CreateCloudFormationChangeSet

必需权限:serverlessrepo:CreateCloudFormationChangeSet

/applications/application-id/changesets

POST

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:GetApplicationPolicy

必需权限:serverlessrepo:GetApplicationPolicy

/applications/application-id/policy

GET

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:PutApplicationPolicy

必需权限:serverlessrepo:PutApplicationPolicy

/applications/application-id/policy

PUT

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:ListApplicationVersions

必需权限:serverlessrepo:ListApplicationVersions

/applications/application-id/versions

GET

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:CreateApplicationVersion

必需权限:serverlessrepo:CreateApplicationVersion

/applications/application-id/versions/semantic-version

PUT

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:ListApplicationDependencies

必需权限:serverlessrepo:ListApplicationDependencies

/applications/application-id/dependencies

GET

arn:aws:serverlessrepo:region:account-id:applications/application-name

操作:SearchApplications

必需权限:serverlessrepo:SearchApplications

不适用 不适用 *