本文属于机器翻译版本。若本译文内容与英语原文存在差异，则一律以英文原文为准。

# 选项 2：创建具有最低所需权限的自定义策略
<a name="support-interaction-perm-custom-policy"></a>

您可以明确允许列出特定操作，而不必使用通配符。以下是支持互动、案例创建和案例管理所需的权限：

```
                
{
  "Version": "2012-10-17",		 	 	 
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "support:AddAttachmentsToSet",
        "support:AddCommunicationToCase",
        "support:CreateCase",
        "support:DescribeAttachment",
        "support:DescribeCaseAttributes",
        "support:DescribeCases",
        "support:DescribeCommunication",
        "support:DescribeCommunications",
        "support:DescribeCreateCaseOptions",
        "support:DescribeIssueTypes",
        "support:DescribeServices",
        "support:DescribeSeverityLevels",
        "support:DescribeSupportedLanguages",
        "support:DescribeSupportLevel",
        "support:GetInteraction",
        "support:InitiateCallForCase",
        "support:ListInteractionEntries",
        "support:ListInteractions",
        "support:InitiateChatForCase",
        "support:PutCaseAttributes",
        "support:ResolveCase",
        "support:ResolveInteraction",
        "support:SearchForCases",
        "support:StartInteraction",
        "support:UpdateInteraction",
        "support-console:GetAccountState",
        "support-console:GetAccountGovCloudEnabled",
        "support-console:GetCaseDraft",
        "support-console:CreateCaseDraft",
        "support-console:DeleteCaseDraft",
        "support-console:GetBanner",
        "support-console:DescribeDynamicHelp",
        "support-console:CreateContact",
      ],
      "Resource": "*"
    }
  ]
}
```

**注意**  
随着新功能的 AWS 支持 发布，使用自定义策略需要持续维护。有关 Support Center 控制台 API 操作的更多信息，请参阅[为支持中心控制台 API 操作添加 IAM 策略](support-console-access-control.md)。有关每个 支持 API 操作的更多信息，请参阅[管理对 Cent AWS 支持 er 的访问权限](accessing-support.md)。