# 계정 기반 애플리케이션 온보딩을 위한 IAM 역할 권한
<a name="appinsights-account-based-onboarding-permissions"></a>

계정에 있는 모든 리소스를 온보딩하려는 경우 애플리케이션 인사이트 기능에 전체 액세스하기 위한 [Application Insights 관리 정책](security-iam-awsmanpol-appinsights.md)을 사용하지 않음을 선택하고 Application Insights가 계정의 모든 리소스를 검색할 수 있도록 IAM 역할에 다음 권한을 연결해야 합니다.

```
"ec2:DescribeInstances" 
"ec2:DescribeNatGateways"
"ec2:DescribeVolumes"
"ec2:DescribeVPCs"
"rds:DescribeDBInstances"
"rds:DescribeDBClusters"
"sqs:ListQueues"
"elasticloadbalancing:DescribeLoadBalancers"
"autoscaling:DescribeAutoScalingGroups"
"lambda:ListFunctions"
"dynamodb:ListTables"
"s3:ListAllMyBuckets"
"sns:ListTopics"
"states:ListStateMachines"
"apigateway:GET"
"ecs:ListClusters"
"ecs:DescribeTaskDefinition" 
"ecs:ListServices"
"ecs:ListTasks"
"eks:ListClusters"
"eks:ListNodegroups"
"fsx:DescribeFileSystems"
"route53:ListHealthChecks"
"route53:ListHostedZones"
"route53:ListQueryLoggingConfigs"
"route53resolver:ListFirewallRuleGroups"
"route53resolver:ListFirewallRuleGroupAssociations"
"route53resolver:ListResolverEndpoints"
"route53resolver:ListResolverQueryLogConfigs"
"route53resolver:ListResolverQueryLogConfigAssociations"
"logs:DescribeLogGroups"
"resource-explorer:ListResources"
```