本文属于机器翻译版本。若本译文内容与英语原文存在差异，则一律以英文原文为准。

# Amazon Elastic Container Service 的操作、资源和条件键
<a name="list_amazonelasticcontainerservice"></a>

Amazon Elastic Container Service（服务前缀：`ecs`）提供以下服务特定的资源、操作和条件上下文键以在 IAM 权限策略中使用。

参考：
+ 了解如何[配置该服务](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/)。
+ 查看[适用于该服务的 API 操作列表](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/)。
+ 了解如何[使用 IAM](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security-iam-awsmanpol.html) 权限策略保护该服务及其资源。

**Topics**
+ [Amazon Elastic Container Service 定义的操作](#amazonelasticcontainerservice-actions-as-permissions)
+ [Amazon Elastic Container Service 定义的资源类型](#amazonelasticcontainerservice-resources-for-iam-policies)
+ [Amazon Elastic Container Service 的条件键](#amazonelasticcontainerservice-policy-keys)

## Amazon Elastic Container Service 定义的操作
<a name="amazonelasticcontainerservice-actions-as-permissions"></a>

您可以在 IAM 策略语句的 `Action` 元素中指定以下操作。可以使用策略授予在 Amazon中执行操作的权限。您在策略中使用一项操作时，通常使用相同的名称允许或拒绝对 API 操作或 CLI 命令的访问。但在某些情况下，单一动作可控制对多项操作的访问。还有某些操作需要多种不同的动作。

操作表的**访问级别**列描述如何对操作进行分类（列出、读取、权限管理或标记）。此分类可以帮助您了解当您在策略中使用操作时，相应操作授予的访问级别。有关访问级别的更多信息，请参阅[策略摘要中的访问级别](https://docs.amazonaws.cn/IAM/latest/UserGuide/access_policies_understand-policy-summary-access-level-summaries.html)。

操作表的**资源类型**列指示每项操作是否支持资源级权限。如果该列没有任何值，您必须在策略语句的 `Resource` 元素中指定策略应用的所有资源（“\*”）。通过在 IAM policy 中使用条件来筛选访问权限，以控制是否可以在资源或请求中使用特定标签键。如果操作具有一个或多个必需资源，则调用方必须具有使用这些资源来使用该操作的权限。必需资源在表中以星号 (\*) 表示。如果您在 IAM policy 中使用 `Resource` 元素限制资源访问权限，则必须为每种必需的资源类型添加 ARN 或模式。某些操作支持多种资源类型。如果资源类型是可选的（未指示为必需），则可以选择使用一种可选资源类型。

操作表的**条件键**列包括可以在策略语句的 `Condition` 元素中指定的键。有关与服务资源关联的条件键的更多信息，请参阅资源类型表的**条件键**列。

操作表的**依赖操作**列显示成功调用操作可能需要的其他权限。除了操作本身的权限以外，可能还需要这些权限。若某个操作指定依赖操作，则这些依赖关系可能适用于为该操作定义的其他资源，而不仅仅是表中列出的第一个资源。

**注意**  
资源条件键在[资源类型](#amazonelasticcontainerservice-resources-for-iam-policies)表中列出。您可以在操作表的**资源类型（\* 为必需）**列中找到应用于某项操作的资源类型的链接。资源类型表中的资源类型包括**条件密钥**列，这是应用于操作表中操作的资源条件键。

有关下表中各列的详细信息，请参阅[操作表](reference_policies_actions-resources-contextkeys.html#actions_table)。


****  


- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateCapacityProvider.html) **
  - **描述:** 授予创建新容量提供程序的权限。容量提供程序与 Amazon ECS 集群关联，在容量提供程序策略中用于协助集群的自动扩展
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-capacity-provider](#amazonelasticcontainerservice-capacity-provider)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_instance-metadata-tags-propagation](#amazonelasticcontainerservice-ecs_instance-metadata-tags-propagation) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateCluster.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateCluster.html) **
  - **描述:** 授予创建新 Amazon ECS 集群的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_fargate-ephemeral-storage-kms-key](#amazonelasticcontainerservice-ecs_fargate-ephemeral-storage-kms-key)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateDaemon.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateDaemon.html) **
  - **描述:** 授予在指定集群中创建新守护程序的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_daemon-task-definition](#amazonelasticcontainerservice-ecs_daemon-task-definition) <br /> [#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags](#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags) <br /> [#amazonelasticcontainerservice-ecs_enable-execute-command](#amazonelasticcontainerservice-ecs_enable-execute-command) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateExpressGatewayService.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateExpressGatewayService.html) **
  - **描述:** 授予使用集群和任务定义创建新 Amazon ECS Express Gateway 服务的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:**  ecs:RegisterTaskDefinition <br /> iam:PassRole 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags](#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags) <br /> [#amazonelasticcontainerservice-ecs_subnet](#amazonelasticcontainerservice-ecs_subnet) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-definition](#amazonelasticcontainerservice-ecs_task-definition) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateService.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateService.html) **
  - **描述:** 授予通过创建服务从指定任务定义运行和维护所需数量的任务的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_auto-assign-public-ip](#amazonelasticcontainerservice-ecs_auto-assign-public-ip) <br /> [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_enable-ebs-volumes](#amazonelasticcontainerservice-ecs_enable-ebs-volumes) <br /> [#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags](#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags) <br /> [#amazonelasticcontainerservice-ecs_enable-execute-command](#amazonelasticcontainerservice-ecs_enable-execute-command) <br /> [#amazonelasticcontainerservice-ecs_enable-service-connect](#amazonelasticcontainerservice-ecs_enable-service-connect) <br /> [#amazonelasticcontainerservice-ecs_enable-vpc-lattice](#amazonelasticcontainerservice-ecs_enable-vpc-lattice) <br /> [#amazonelasticcontainerservice-ecs_namespace](#amazonelasticcontainerservice-ecs_namespace) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags) <br /> [#amazonelasticcontainerservice-ecs_subnet](#amazonelasticcontainerservice-ecs_subnet) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-definition](#amazonelasticcontainerservice-ecs_task-definition) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateTaskSet.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_CreateTaskSet.html) **
  - **描述:** 授予创建新 Amazon ECS 任务集的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-set](#amazonelasticcontainerservice-task-set)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service) <br /> [#amazonelasticcontainerservice-ecs_task-definition](#amazonelasticcontainerservice-ecs_task-definition)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteAccountSetting.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteAccountSetting.html) **
  - **描述:** 授权限以予修改账户的指定 IAM 用户、IAM 角色或根用户的资源的 ARN 和资源 ID 格式。您可以指定是否为创建的新资源禁用新的 ARN 和资源 ID 格式。
  - **访问级别:** Write
  - **资源类型（\* 为必需）:** 
  - **条件键:**  [#amazonelasticcontainerservice-ecs_account-setting](#amazonelasticcontainerservice-ecs_account-setting) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteAttributes.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteAttributes.html) **
  - **描述:** 授予从 Amazon ECS 资源中删除一个或多个自定义属性的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteCapacityProvider.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteCapacityProvider.html) **
  - **描述:** 授予删除指定容量提供程序的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-capacity-provider](#amazonelasticcontainerservice-capacity-provider)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteCluster.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteCluster.html) **
  - **描述:** 授予权限以删除指定的集群
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteDaemon.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteDaemon.html) **
  - **描述:** 授予删除集群内指定守护程序的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteDaemonTaskDefinition.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteDaemonTaskDefinition.html) **
  - **描述:** 授予删除指定守护程序任务定义的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon-task-definition](#amazonelasticcontainerservice-daemon-task-definition) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteExpressGatewayService.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteExpressGatewayService.html) **
  - **描述:** 授予删除指定 Express Gateway 服务的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteService.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteService.html) **
  - **描述:** 授予删除集群内的指定服务的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteTaskDefinitions.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteTaskDefinitions.html) **
  - **描述:** 授予按系列和修订删除指定任务定义的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-definition](#amazonelasticcontainerservice-task-definition)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteTaskSet.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) **
  - **描述:** 授予权限以删除指定的任务集
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-set](#amazonelasticcontainerservice-task-set)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeregisterContainerInstance.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeregisterContainerInstance.html) **
  - **描述:** 授予从指定的集群取消注册 Amazon ECS 容器实例的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeregisterTaskDefinition.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DeregisterTaskDefinition.html) **
  - **描述:** 授予按系列和修订取消注册指定任务定义的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeCapacityProviders.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeCapacityProviders.html) **
  - **描述:** 授予描述一个或多个 Amazon ECS 容量提供商的权限
  - **访问级别:** Read
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-capacity-provider](#amazonelasticcontainerservice-capacity-provider)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeClusters.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeClusters.html) **
  - **描述:** 授予权限以描述一个或多个集群
  - **访问级别:** Read
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) **
  - **描述:** 授予描述 Amazon ECS 容器实例的权限
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemon.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemon.html) **
  - **描述:** 授予描述集群中运行的指定守护程序的权限
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemonDeployments.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemonDeployments.html) **
  - **描述:** 授予描述您的一个或多个守护程序部署的权限
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon-deployment](#amazonelasticcontainerservice-daemon-deployment)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_daemon](#amazonelasticcontainerservice-ecs_daemon)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemonRevisions.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemonRevisions.html) **
  - **描述:** 授予描述您的一个或多个守护程序修订版的权限
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon-revision](#amazonelasticcontainerservice-daemon-revision)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_daemon](#amazonelasticcontainerservice-ecs_daemon)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemonTaskDefinition.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeDaemonTaskDefinition.html) **
  - **描述:** 授予描述守护程序任务定义的权限
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon-task-definition](#amazonelasticcontainerservice-daemon-task-definition) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeExpressGatewayService.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeExpressGatewayService.html) **
  - **描述:** 授予描述指定的 Express Gateway 服务的权限
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeServiceDeployments.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeServiceDeployments.html) **
  - **描述:** 授予权限以描述一个或多个服务部署
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service-deployment](#amazonelasticcontainerservice-service-deployment)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeServiceRevisions.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeServiceRevisions.html) **
  - **描述:** 授予权限以描述一个或多个服务修订
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service-revision](#amazonelasticcontainerservice-service-revision)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeServices.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeServices.html) **
  - **描述:** 授予描述集群中运行的指定服务的权限
  - **访问级别:** Read
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeTaskDefinition.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeTaskDefinition.html) **
  - **描述:** 授予描述任务定义的权限。您可以指定系列和修订以查找有关特定任务定义的信息，也可以只指定系列以查找该系列中最新的有效修订
  - **访问级别:** Read
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeTaskSets.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeTaskSets.html) **
  - **描述:** 授予描述 Amazon ECS 任务集的权限
  - **访问级别:** Read
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-set](#amazonelasticcontainerservice-task-set)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeTasks.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DescribeTasks.html) **
  - **描述:** 授予权限以描述指定任务。
  - **访问级别:** Read
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DiscoverPollEndpoint.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_DiscoverPollEndpoint.html) **
  - **描述:** 授予获得 Amazon ECS 代理的终端节点以轮询更新的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ExecuteCommand.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ExecuteCommand.html) **
  - **描述:** 授予在 Amazon ECS 容器上远程运行命令的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_container-name](#amazonelasticcontainerservice-ecs_container-name) <br /> [#amazonelasticcontainerservice-ecs_task](#amazonelasticcontainerservice-ecs_task)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_GetTaskProtection.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_GetTaskProtection.html) **
  - **描述:** 授予检索 Amazon ECS 服务中任务的保护状态的权限
  - **访问级别:** 读取
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListAccountSettings.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListAccountSettings.html) **
  - **描述:** 授予权限以列出指定委托人的 Amazon ECS 资源的账户设置
  - **访问级别:** Read
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListAttributes.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListAttributes.html) **
  - **描述:** 授予权限以列出指定目标类型和集群中的 Amazon ECS 资源的属性
  - **访问级别:** List
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListClusters.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListClusters.html) **
  - **描述:** 授予获取现有集群列表的权限
  - **访问级别:** List
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListContainerInstances.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListContainerInstances.html) **
  - **描述:** 授予获取指定集群中容器实例列表的权限
  - **访问级别:** 列表
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListDaemonDeployments.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListDaemonDeployments.html) **
  - **描述:** 授予获取指定守护程序的守护程序部署列表的权限
  - **访问级别:** 列表
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListDaemonTaskDefinitions.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListDaemonTaskDefinitions.html) **
  - **描述:** 授予获取已注册到您的账户的守护程序任务定义列表的权限
  - **访问级别:** 列表
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListDaemons.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListDaemons.html) **
  - **描述:** 授予获取指定集群中运行的守护程序列表的权限
  - **访问级别:** 列表
  - **资源类型（\* 为必需）:** 
  - **条件键:**  [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListServiceDeployments.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListServiceDeployments.html) **
  - **描述:** 授予权限以获取指定服务的服务部署的列表
  - **访问级别:** 列表
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListServices.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListServices.html) **
  - **描述:** 授予获取在指定集群中运行的服务列表的权限
  - **访问级别:** 列表
  - **资源类型（\* 为必需）:** 
  - **条件键:**  [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListServicesByNamespace.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListServicesByNamespace.html) **
  - **描述:** 授予获取在指定 Amazon Web Services 云 地图命名空间中运行的服务列表的权限
  - **访问级别:** 列表
  - **资源类型（\* 为必需）:** 
  - **条件键:**  [#amazonelasticcontainerservice-ecs_namespace](#amazonelasticcontainerservice-ecs_namespace) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTagsForResource.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTagsForResource.html) **
  - **描述:** 授予获取指定资源的标签列表的权限
  - **访问级别:** Read
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-capacity-provider](#amazonelasticcontainerservice-capacity-provider)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-definition](#amazonelasticcontainerservice-task-definition)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-set](#amazonelasticcontainerservice-task-set)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTaskDefinitionFamilies.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTaskDefinitionFamilies.html) **
  - **描述:** 授予权限以获取注册到您的账户的任务定义系列的列表（其中可能包括不再具有任何有效任务定义的任务定义系列）。
  - **访问级别:** List
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTaskDefinitions.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTaskDefinitions.html) **
  - **描述:** 授予获取注册到您的账户的任务定义列表的权限。
  - **访问级别:** List
  - **资源类型（\* 为必需）:** 
  - **条件键:** 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTasks.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_ListTasks.html) **
  - **描述:** 授予获取指定集群的任务列表的权限
  - **访问级别:** List
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/instance_IAM_role.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/instance_IAM_role.html) [仅权限]**
  - **描述:** 向代理授予连接 Amazon ECS 服务以报告状态和获取命令的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutAccountSetting.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutAccountSetting.html) **
  - **描述:** 授权限以予修改账户的指定 IAM 用户、IAM 角色或根用户的资源的 ARN 和资源 ID 格式。您可以指定是否为创建的新资源启用新的 ARN 和资源 ID 格式。需要启用该设置才能使用新的 Amazon ECS 功能，如资源标记
  - **访问级别:** Write
  - **资源类型（\* 为必需）:** 
  - **条件键:**  [#amazonelasticcontainerservice-ecs_account-setting](#amazonelasticcontainerservice-ecs_account-setting) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html) **
  - **描述:** 授予权限以修改账户中的所有 IAM 用户（未设置单独的账户设置）的资源类型的 ARN 和资源 ID 格式。需要启用该设置才能使用新的 Amazon ECS 功能，如资源标记
  - **访问级别:** Write
  - **资源类型（\* 为必需）:** 
  - **条件键:**  [#amazonelasticcontainerservice-ecs_account-setting](#amazonelasticcontainerservice-ecs_account-setting) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutAttributes.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutAttributes.html) **
  - **描述:** 授予在 Amazon ECS 资源上创建或更新属性的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutClusterCapacityProviders.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_PutClusterCapacityProviders.html) **
  - **描述:** 授予修改集群的可用容量提供程序和默认的容量提供程序策略的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/logging-using-cloudtrail.html#cloudtrail-data-events](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/logging-using-cloudtrail.html#cloudtrail-data-events) [仅权限]**
  - **描述:** 授予权限以从容器实例收集系统日志
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RegisterContainerInstance.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RegisterContainerInstance.html) **
  - **描述:** 授予将 EC2 实例注册到指定集群的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RegisterDaemonTaskDefinition.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RegisterDaemonTaskDefinition.html) **
  - **描述:** 授予从提供的系列和 ContainerDefinitions 中注册新的守护程序任务定义的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon-task-definition](#amazonelasticcontainerservice-daemon-task-definition)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_privileged](#amazonelasticcontainerservice-ecs_privileged) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RegisterTaskDefinition.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RegisterTaskDefinition.html) **
  - **描述:** 授予从提供的系列和 containerDefinitions 注册新的任务定义的权限。
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-definition](#amazonelasticcontainerservice-task-definition)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_compute-compatibility](#amazonelasticcontainerservice-ecs_compute-compatibility) <br /> [#amazonelasticcontainerservice-ecs_privileged](#amazonelasticcontainerservice-ecs_privileged) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RunTask.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_RunTask.html) **
  - **描述:** 授予使用随机放置和默认的 Amazon ECS 计划程序启动任务的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-definition](#amazonelasticcontainerservice-task-definition)  / **条件键:**  / **相关操作:**  iam:PassRole 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_enable-ebs-volumes](#amazonelasticcontainerservice-ecs_enable-ebs-volumes) <br /> [#amazonelasticcontainerservice-ecs_enable-execute-command](#amazonelasticcontainerservice-ecs_enable-execute-command)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_StartTask.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_StartTask.html) **
  - **描述:** 授予从指定的一个或多个容器实例上的指定任务定义启动新任务的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-definition](#amazonelasticcontainerservice-task-definition)  / **条件键:**  / **相关操作:**  iam:PassRole 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_container-instances](#amazonelasticcontainerservice-ecs_container-instances) <br /> [#amazonelasticcontainerservice-ecs_enable-ebs-volumes](#amazonelasticcontainerservice-ecs_enable-ebs-volumes) <br /> [#amazonelasticcontainerservice-ecs_enable-execute-command](#amazonelasticcontainerservice-ecs_enable-execute-command)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/cloudwatch-metrics.html#enable_cloudwatch](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/cloudwatch-metrics.html#enable_cloudwatch) [仅权限]**
  - **描述:** 授予权限以启动遥测会话
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_StopServiceDeployment.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_StopServiceDeployment.html) **
  - **描述:** 授予权限以停止正在进行的服务部署
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service-deployment](#amazonelasticcontainerservice-service-deployment)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_StopTask.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_StopTask.html) **
  - **描述:** 授予权限以停止正在运行的任务
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_SubmitAttachmentStateChanges.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_SubmitAttachmentStateChanges.html) **
  - **描述:** 授予发送附件更改状态的确认的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_SubmitContainerStateChange.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_SubmitContainerStateChange.html) **
  - **描述:** 授予发送容器更改状态的确认的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_SubmitTaskStateChange.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_SubmitTaskStateChange.html) **
  - **描述:** 授予发送任务更改状态的确认的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_TagResource.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_TagResource.html) **
  - **描述:** 授予标记指定资源的权限
  - **访问级别:** Tagging
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-capacity-provider](#amazonelasticcontainerservice-capacity-provider)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon-task-definition](#amazonelasticcontainerservice-daemon-task-definition)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-definition](#amazonelasticcontainerservice-task-definition)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-set](#amazonelasticcontainerservice-task-set)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_RequestTag___TagKey_](#amazonelasticcontainerservice-aws_RequestTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys) <br /> [#amazonelasticcontainerservice-ecs_CreateAction](#amazonelasticcontainerservice-ecs_CreateAction)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UntagResource.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UntagResource.html) **
  - **描述:** 授予取消标记指定资源的权限
  - **访问级别:** Tagging
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-capacity-provider](#amazonelasticcontainerservice-capacity-provider)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon-task-definition](#amazonelasticcontainerservice-daemon-task-definition)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-definition](#amazonelasticcontainerservice-task-definition)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-set](#amazonelasticcontainerservice-task-set)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-aws_TagKeys](#amazonelasticcontainerservice-aws_TagKeys)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateCapacityProvider.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateCapacityProvider.html) **
  - **描述:** 授予更新指定容量提供程序的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-capacity-provider](#amazonelasticcontainerservice-capacity-provider)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_instance-metadata-tags-propagation](#amazonelasticcontainerservice-ecs_instance-metadata-tags-propagation) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateCluster.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateCluster.html) **
  - **描述:** 授予修改要用于集群的配置或设置的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-ecs_fargate-ephemeral-storage-kms-key](#amazonelasticcontainerservice-ecs_fargate-ephemeral-storage-kms-key)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateClusterSettings.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateClusterSettings.html) **
  - **描述:** 授予修改设置以用于集群的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-cluster](#amazonelasticcontainerservice-cluster) 
  - **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) 
  - **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateContainerAgent.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateContainerAgent.html) **
  - **描述:** 授予更新指定容器实例上的 Amazon ECS 容器代理的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateContainerInstancesState.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateContainerInstancesState.html) **
  - **描述:** 授予用户修改 Amazon ECS 容器实例的状态的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-container-instance](#amazonelasticcontainerservice-container-instance)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateDaemon.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateDaemon.html) **
  - **描述:** 授予修改守护程序参数的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-daemon](#amazonelasticcontainerservice-daemon)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_daemon-task-definition](#amazonelasticcontainerservice-ecs_daemon-task-definition) <br /> [#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags](#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags) <br /> [#amazonelasticcontainerservice-ecs_enable-execute-command](#amazonelasticcontainerservice-ecs_enable-execute-command) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateExpressGatewayService.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateExpressGatewayService.html) **
  - **描述:** 授予修改 Express Gateway 服务参数的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags](#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags) <br /> [#amazonelasticcontainerservice-ecs_subnet](#amazonelasticcontainerservice-ecs_subnet) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateService.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateService.html) **
  - **描述:** 授予权限以修改服务的参数
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-ecs_auto-assign-public-ip](#amazonelasticcontainerservice-ecs_auto-assign-public-ip) <br /> [#amazonelasticcontainerservice-ecs_capacity-provider](#amazonelasticcontainerservice-ecs_capacity-provider) <br /> [#amazonelasticcontainerservice-ecs_enable-ebs-volumes](#amazonelasticcontainerservice-ecs_enable-ebs-volumes) <br /> [#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags](#amazonelasticcontainerservice-ecs_enable-ecs-managed-tags) <br /> [#amazonelasticcontainerservice-ecs_enable-execute-command](#amazonelasticcontainerservice-ecs_enable-execute-command) <br /> [#amazonelasticcontainerservice-ecs_enable-service-connect](#amazonelasticcontainerservice-ecs_enable-service-connect) <br /> [#amazonelasticcontainerservice-ecs_enable-vpc-lattice](#amazonelasticcontainerservice-ecs_enable-vpc-lattice) <br /> [#amazonelasticcontainerservice-ecs_namespace](#amazonelasticcontainerservice-ecs_namespace) <br /> [#amazonelasticcontainerservice-ecs_propagate-tags](#amazonelasticcontainerservice-ecs_propagate-tags) <br /> [#amazonelasticcontainerservice-ecs_subnet](#amazonelasticcontainerservice-ecs_subnet) <br /> [#amazonelasticcontainerservice-ecs_task-cpu](#amazonelasticcontainerservice-ecs_task-cpu) <br /> [#amazonelasticcontainerservice-ecs_task-definition](#amazonelasticcontainerservice-ecs_task-definition) <br /> [#amazonelasticcontainerservice-ecs_task-memory](#amazonelasticcontainerservice-ecs_task-memory)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateServicePrimaryTaskSet.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateServicePrimaryTaskSet.html) **
  - **描述:** 授予修改服务中使用的主任务集的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-service](#amazonelasticcontainerservice-service)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateTaskProtection.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateTaskProtection.html) **
  - **描述:** 授予修改任务的保护状态的权限
  - **访问级别:** 写入
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task](#amazonelasticcontainerservice-task)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  / **相关操作:** 

- **  [https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateTaskSet.html](https://docs.amazonaws.cn/AmazonECS/latest/APIReference/API_UpdateTaskSet.html) **
  - **描述:** 授予更新指定任务集的权限
  - **访问级别:** Write
  - **资源类型（\* 为必需）:**  [#amazonelasticcontainerservice-task-set](#amazonelasticcontainerservice-task-set)  / **条件键:**  / **相关操作:** 
  - **资源类型（\* 为必需）:**  / **条件键:**  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  / **相关操作:** 



## Amazon Elastic Container Service 定义的资源类型
<a name="amazonelasticcontainerservice-resources-for-iam-policies"></a>

以下资源类型是由该服务定义的，可以在 IAM 权限策略语句的 `Resource` 元素中使用这些资源类型。[操作表](#amazonelasticcontainerservice-actions-as-permissions)中的每个操作指定了可以使用该操作指定的资源类型。您也可以在策略中包含条件键，从而定义资源类型。这些键显示在资源类型表的最后一列。有关下表中各列的详细信息，请参阅[资源类型表](reference_policies_actions-resources-contextkeys.html#resources_table)。


****  

| 资源类型 | ARN | 条件键 | 
| --- | --- | --- | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/create-capacity-provider-console-v2.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/create-capacity-provider-console-v2.html)  |  arn:${Partition}:ecs:${Region}:${Account}:capacity-provider/${CapacityProviderName}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_](#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/clusters.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/clusters.html)  |  arn:${Partition}:ecs:${Region}:${Account}:cluster/${ClusterName}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_](#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/create-capacity.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/create-capacity.html)  |  arn:${Partition}:ecs:${Region}:${Account}:container-instance/${ClusterName}/${ContainerInstanceId}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_](#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/ecs_daemons.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/ecs_daemons.html)  |  arn:${Partition}:ecs:${Region}:${Account}:daemon/${ClusterName}/${DaemonName}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/daemon-deployment.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/daemon-deployment.html)  |  arn:${Partition}:ecs:${Region}:${Account}:daemon-deployment/${ClusterName}/${DaemonName}/${DaemonDeploymentId}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_daemon](#amazonelasticcontainerservice-ecs_daemon)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/daemon-revision.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/daemon-revision.html)  |  arn:${Partition}:ecs:${Region}:${Account}:daemon-revision/${ClusterName}/${DaemonName}/${DaemonRevisionId}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_daemon](#amazonelasticcontainerservice-ecs_daemon)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/daemon-task-definitions.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/daemon-task-definitions.html)  |  arn:${Partition}:ecs:${Region}:${Account}:daemon-task-definition/${DaemonTaskDefinitionFamilyName}:${DaemonTaskDefinitionRevisionNumber}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/ecs_services.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/ecs_services.html)  |  arn:${Partition}:ecs:${Region}:${Account}:service/${ClusterName}/${ServiceName}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_](#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/service-deployment.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/service-deployment.html)  |  arn:${Partition}:ecs:${Region}:${Account}:service-deployment/${ClusterName}/${ServiceName}/${ServiceDeploymentId}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/service-revision.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/service-revision.html)  |  arn:${Partition}:ecs:${Region}:${Account}:service-revision/${ClusterName}/${ServiceName}/${ServiceRevisionId}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_cluster](#amazonelasticcontainerservice-ecs_cluster) <br /> [#amazonelasticcontainerservice-ecs_service](#amazonelasticcontainerservice-ecs_service)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/scheduling_tasks.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/scheduling_tasks.html)  |  arn:${Partition}:ecs:${Region}:${Account}:task/${ClusterName}/${TaskId}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_](#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/task_definitions.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/task_definitions.html)  |  arn:${Partition}:ecs:${Region}:${Account}:task-definition/${TaskDefinitionFamilyName}:${TaskDefinitionRevisionNumber}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_](#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_)  | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/deployment-type-external.html](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/deployment-type-external.html)  |  arn:${Partition}:ecs:${Region}:${Account}:task-set/${ClusterName}/${ServiceName}/${TaskSetId}  |  [#amazonelasticcontainerservice-aws_ResourceTag___TagKey_](#amazonelasticcontainerservice-aws_ResourceTag___TagKey_) <br /> [#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_](#amazonelasticcontainerservice-ecs_ResourceTag___TagKey_)  | 

## Amazon Elastic Container Service 的条件键
<a name="amazonelasticcontainerservice-policy-keys"></a>

Amazon Elastic Container Service 定义以下可以在 IAM policy 的 `Condition` 元素中使用的条件键。您可以使用这些键进一步细化应用策略语句的条件。有关下表中各列的详细信息，请参阅[条件键表](reference_policies_actions-resources-contextkeys.html#context_keys_table)。

要查看适用于所有服务的全局条件键，请参阅 [Amazon 全局条件上下文键](https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html)。


****  

| 条件键 | 描述 | 类型 | 
| --- | --- | --- | 
|   [https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag](https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requesttag)  | 按请求中传递的标签筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag](https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-resourcetag)  | 按附加到资源的标签键值对筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys](https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-tagkeys)  | 按请求中传递的标签键筛选访问权限 | ArrayOfString | 
|   [https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-createaction](https://docs.amazonaws.cn/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-createaction)  | 按资源创建 API 操作的名称筛选访问 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies)  | 按附加到资源的标签键值对筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 账户设置名称筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按使用 awsvpc 网络模式的 Amazon ECS 任务或 Amazon ECS 服务的公有 IP 分配配置筛选访问权限 | 布尔型 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 容量提供程序的 ARN 筛选访问权限 | ArrayOfARN | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 集群的 ARN 筛选访问 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按请求中提供的必填兼容性字段筛选访问权限 | ArrayOfString | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 容器实例的 ARN 筛选访问权限 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 ECS 任务定义中定义的 Amazon ECS 容器名称筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 通过 Amazon ECS 守护程序的 ARN 筛选访问权限 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按照 Amazon ECS 守护程序任务定义的 ARN 筛选访问权限 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 ECS 任务或服务的 Amazon ECS 托管 Amazon EBS 卷功能筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 通过启用您的 Amazon ECS 任务或 Amazon ECS 服务的ECSManagedTags 配置来筛选访问权限 | 布尔型 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 任务或 Amazon ECS 服务的执行命令功能筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按服务连接配置中的启用字段值筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 服务的 VPC Lattice 功能筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按请求中提供的 Amazon KMS 密钥 ID 筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按您的 Amazon ECS 容量提供商的实例元数据标签传播设置筛选访问权限 | 布尔型 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按照 Service Connect 配置中定义 Amazon Web Services 云 的地图命名空间的 ARN 筛选访问权限 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按请求中提供的特权字段筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 任务或 Amazon ECS 服务的标签传播配置筛选访问权限 | 字符串 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 服务的 ARN 筛选访问权限 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按使用 awsvpc 网络模式的 Amazon ECS 任务或 Amazon ECS 服务的子网配置筛选访问权限 | ArrayOfString | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 任务的 ARN 筛选访问权限 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按请求中提供的任务 cpu（以整数表示，1024 = 1 vCPU）筛选访问权限 | 数值 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按 Amazon ECS 任务定义的 ARN 筛选访问权限 | 进行筛选 | 
|   [https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys](https://docs.amazonaws.cn/AmazonECS/latest/developerguide/security_iam_service-with-iam.html#security_iam_service-with-iam-id-based-policies-conditionkeys)  | 按请求中提供的任务内存（以 MiB 为单位的整数表示）筛选访问权限 | 数值 |