本文為英文版的機器翻譯版本，如內容有任何歧義或不一致之處，概以英文版為準。

# 選項 2：建立具有最低必要許可的自訂政策
<a name="support-interaction-perm-custom-policy"></a>

您可以明確允許列出特定動作，而不是使用萬用字元。以下是支援互動、案例建立和案例管理的必要許可：

```
                
{
  "Version": "2012-10-17",		 	 	 
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "support:AddAttachmentsToSet",
        "support:AddCommunicationToCase",
        "support:CreateCase",
        "support:DescribeAttachment",
        "support:DescribeCaseAttributes",
        "support:DescribeCases",
        "support:DescribeCommunication",
        "support:DescribeCommunications",
        "support:DescribeCreateCaseOptions",
        "support:DescribeIssueTypes",
        "support:DescribeServices",
        "support:DescribeSeverityLevels",
        "support:DescribeSupportedLanguages",
        "support:DescribeSupportLevel",
        "support:GetInteraction",
        "support:InitiateCallForCase",
        "support:ListInteractionEntries",
        "support:ListInteractions",
        "support:InitiateChatForCase",
        "support:PutCaseAttributes",
        "support:ResolveCase",
        "support:ResolveInteraction",
        "support:SearchForCases",
        "support:StartInteraction",
        "support:UpdateInteraction",
        "support-console:GetAccountState",
        "support-console:GetAccountGovCloudEnabled",
        "support-console:GetCaseDraft",
        "support-console:CreateCaseDraft",
        "support-console:DeleteCaseDraft",
        "support-console:GetBanner",
        "support-console:DescribeDynamicHelp",
        "support-console:CreateContact",
      ],
      "Resource": "*"
    }
  ]
}
```

**注意**  
使用自訂政策需要持續維護，因為 會 AWS 支援 發行新功能。如需支援中心主控台 API 操作的詳細資訊，請參閱 [新增支援中心主控台 API 操作的 IAM 政策](support-console-access-control.md)。如需每個 支援 API 操作的詳細資訊，請參閱 [管理對 AWS 支援 中心的存取](accessing-support.md)。