本文為英文版的機器翻譯版本，如內容有任何歧義或不一致之處，概以英文版為準。 # 使用自訂 IAM 政策管理 Amazon Connect 主控台存取權的必要許可如果您使用自訂 [IAM](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html) 政策來管理 Amazon Connect 主控台的存取權，則您的使用者需要本文中列出的部分或全部許可，具體取決於他們需要執行的任務。 **注意** 使用自訂 IAM 政策中的 `connect:*` 會授予您的使用者本文中列出的所有 Amazon Connect 權限。 **注意** Amazon Connect 主控台上的某些頁面 (例如[任務](#tasks-page)和 [Customer Profiles](#customer-profiles-page)) 要求您在內嵌政策中新增許可。 **Topics** + [AmazonConnect\_FullAccess 政策](#amazonconnectfullaccesspolicy) + [AmazonConnectReadOnlyAccess 政策](#amazonconnectreadonlyaccesspolicy) + [首頁](#console-home-page-permissions) + [詳細資訊頁面](#detail-pages) + [概觀頁面](#overview-page) + [電話頁面](#telephony-page) + [資料儲存頁面](#data-storage-page) + [資料串流頁面](#data-streaming-page) + [流程頁面](#contact-flows-page) + [Contact Lens 連接器頁面](#contactlensconnectors-page) + [語音轉接整合頁面](#voice-transfer-integrations-page) + [應用程式整合頁面](#application-integration-page) + [客戶設定檔頁面](#customer-profiles-page) + [任務頁面](#tasks-page) + [電子郵件頁面](#email-page) + [案例頁面](#cases-page) + [客戶身分驗證頁面](#customer-authentication-page) + [對外行銷活動頁面](#outbound-campaigns-page) + [Connect AI 代理程式頁面](#wisdom-page) + [Voice ID 頁面](#voiceid-page) + [預測、容量規劃和排程頁面](#forecasting-page) + [聯合](#federations) ## AWS 受管政策：AmazonConnect\_FullAccess 政策若要允許 Amazon Connect 的完整讀取/寫入存取權，您必須將兩個政策附加到使用者、群組或角色。附加 `AmazonConnect_FullAccess` 政策和具有以下內容的自訂政策： ------ #### [ JSON ] **** ``` { "Version":"2012-10-17", "Statement": [ { "Sid": "AttachAnyPolicyToAmazonConnectRole", "Effect": "Allow", "Action": "iam:PutRolePolicy", "Resource": "arn:aws:iam::*:role/aws-service-role/connect.amazonaws.com/AWSServiceRoleForAmazonConnect*" } ] } ``` ------ 若要允許使用者來建立執行個體，確保它們具備 `AmazonConnect_FullAccess` 政策所授與的許可。使用 `AmazonConnect_FullAccess` 政策時，請注意下列事項： + 若要使用您選擇的名稱建立 Amazon S3 儲存貯體，或在從 Connect Customer 管理員網站建立或更新執行個體時使用現有的儲存貯體，則需要其他權限。如果您為通話錄音、聊天文字記錄、電子郵件訊息、附件、通話文字記錄和其他資料選擇預設儲存位置，系統會在這些物件前加上 `"amazon-connect-"`。 + `aws/connect` KMS 金鑰可作為預設加密選項使用。若要使用自訂加密金鑰，請指派其他 KMS 權限給使用者。 + 為使用者指派其他權限，以將 Amazon Polly、即時媒體串流、資料串流和 Lex 機器人等其他 AWS 資源連接至其 Amazon Connect 執行個體。 ## AWS 受管政策：AmazonConnectReadOnlyAccess 政策若要允許唯讀存取權，您只需要附加 `AmazonConnectReadOnlyAccess` 政策。 ## Amazon Connect 主控台首頁下圖顯示 Amazon Connect 主控台首頁範例，其中有一個指向執行個體別名的箭頭。選擇執行個體別名，以導覽至執行個體詳細資訊頁面。 ![Amazon Connect 虛擬聯絡中心執行個體頁面，即執行個體別名。](http://docs.aws.amazon.com/zh_tw/connect/latest/adminguide/images/instance.png) 使用下表所列的權限來管理此頁面的存取權限。 | 動作/使用案例 | 需要的許可 | | --- | --- | | 列出執行個體 | `connect:ListInstances`
`ds:DescribeDirectories` | | 描述執行個體：檢視執行個體/目前設定的詳細資料 | `connect:DescribeInstance`
`connect:ListLambdaFunctions`
`connect:ListLexBots`
`connect:ListInstanceStorageConfigs`
`connect:ListApprovedOrigins`
`connect:ListSecurityKeys`
`connect:DescribeInstanceAttributes`
`connect:DescribeInstanceStorageConfig`
`ds:DescribeDirectories` | | 建立執行個體 | `connect:AssociateCustomerProfilesDomain`
`connect:CreateInstance`
`connect:DescribeInstance`
`connect:ListInstances`
`connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceAttribute`
`ds:CheckAlias`
`ds:CreateAlias`
`ds:AuthorizeApplication`
`ds:UnauthorizeApplication`
`ds:CreateIdentityPoolDirectory`
`ds:DescribeDirectories`
`iam:CreateServiceLinkedRole`
`iam:PutRolePolicy`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:ListAliases`
`kms:RetireGrant`
`logs:CreateLogGroup`
`s3:CreateBucket`
`s3:GetBucketLocation`
`s3:ListAllMyBuckets`
`servicequotas:GetServiceQuota`
`profile:CreateDomain`
`profile:GetDomain`
`profile:GetProfileObjectType`
`profile:ListAccountIntegrations`
`profile:ListDomains`
`profile:ListProfileObjectTypeTemplates`
`profile:PutIntegration` | | 刪除執行個體 | `connect:DescribeInstance`
`connect:DeleteInstance`
`connect:ListInstances`
`ds:DescribeDirectories`
`ds:DeleteDirectory`
`ds:UnauthorizeApplication` | ## 執行個體詳細資訊頁面下圖顯示您用來存取每個詳細執行個體頁面的導覽功能表。 ![Amazon Connect 執行個體頁面上的導覽功能表。](http://docs.aws.amazon.com/zh_tw/connect/latest/adminguide/images/iam-custom-permissions-admin-console-telephony-page.png) 若要存取詳細的執行個體頁面，您需要 Amazon Connect 主控台首頁 (描述/清單) 的許可。或者，使用 `AmazonConnectReadOnlyAccess` 政策。下表列出每個詳細執行個體頁面的精細權限。 **注意** 若要執行 `Edit` 動作，使用者還需要 `List` 和 `Describe` 權限。 ## 概觀頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 建立服務連結角色 | `connect:DescribeInstance`
`connect:ListInstances`
`connect:DescribeInstanceAttribute`
`connect:UpdateInstanceAttribute`
`connect:ListIntegrationAssociations`
`profile:ListAccountIntegrations`
`ds:DescribeDirectories`
`iam:CreateServiceLinkedRole`
`iam:PutRolePolicy` | ## 電話頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視電話選項 | `connect:DescribeInstance` | | 啟用/停用電話選項 | `connect:UpdateInstanceAttribute` | | 檢視傳出活動 | `connect-campaigns:GetConnectInstanceConfig`
`connect-campaigns:GetInstanceOnboardingJobStatus`
`connect:DescribeInstance`
`connect:DescribeInstanceAttribute`
`kms:DescribeKey` | | 啟用/停用外傳出活動 | `connect-campaigns:GetConnectInstanceConfig`
`connect-campaigns:GetInstanceOnboardingJobStatus`
`connect-campaigns:StartInstanceOnboardingJob`
`connect-campaigns:DeleteInstanceOnboardingJob`
`connect-campaigns:DeleteConnectInstanceConfig`
`connect:DescribeInstance`
`connect:DescribeInstanceAttribute`
`connect:UpdateInstanceAttribute`
`iam:CreateServiceLinkedRole`
`iam:DeleteServiceLinkedRole`
`iam:AttachRolePolicy`
`iam:PutRolePolicy`
`iam:DeleteRolePolicy`
`events:PutRule`
`events:PutTargets`
`events:DeleteRule`
`events:RemoveTargets`
`events:DescribeRule`
`events:ListTargetsByRule`
`ds:DescribeDirectories`
`kms:DescribeKey`
`kms:ListKeys`
`kms:CreateGrant`
`kms:RetireGrant` | ## 資料儲存頁面 ### 通話錄音區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視通話錄音 | `connect:DescribeInstance`
`connect:ListInstanceStorageConfigs`
`connect:DescribeInstanceStorageConfig` | | 編輯通話錄音 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect:DisassociateInstanceStorageConfig`
`s3:ListAllMyBuckets`
`s3:GetBucketLocation`
`s3:GetBucketAcl`
`s3:CreateBucket`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:ListAliases`
`kms:RetireGrant`
`iam:PutRolePolicy` | ### 畫面錄製區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視畫面錄製 | `connect:DescribeInstance`
`connect:ListInstanceStorageConfigs`
`connect:DescribeInstanceStorageConfig` | | 編輯畫面錄製 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect:DisassociateInstanceStorageConfig`
`s3:ListAllMyBuckets`
`s3:GetBucketLocation`
`s3:GetBucketAcl`
`s3:CreateBucket`
`iam:PutRolePolicy`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:ListAliases`
`kms:RetireGrant` | ### 聊天文字記錄區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視聊天文字記錄 | `connect:DescribeInstance`
`connect:DescribeInstanceStorageConfig`
`connect:ListInstanceStorageConfigs` | | 編輯聊天文字記錄 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect:DisassociateInstanceStorageConfig`
`s3:ListAllMyBuckets`
`s3:GetBucketLocation`
`s3:GetBucketAcl`
`s3:CreateBucket`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:ListAliases`
`kms:RetireGrant`
`iam:PutRolePolicy` | ### 附件區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視附件 | `connect:DescribeInstance`
`connect:DescribeInstanceStorageConfig`
`connect:ListInstanceStorageConfigs` | | 編輯附件 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect:DisassociateInstanceStorageConfig`
`s3:ListAllMyBuckets`
`s3:GetBucketLocation`
`s3:CreateBucket`
`s3:GetBucketAcl`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:ListAliases`
`kms:RetireGrant`
`iam:PutRolePolicy` | ### 即時媒體串流區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視即時媒體串流 | `connect:DescribeInstance`
`connect:ListInstanceStorageConfigs`
`connect:DescribeInstanceStorageConfig` | | 編輯即時媒體串流 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect:DisassociateInstanceStorageConfig`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:RetireGrant`
`iam:PutRolePolicy` | ### 匯出的報告區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視匯出的報告 | `connect:DescribeInstance`
`connect:ListInstanceStorageConfigs`
`connect:DescribeInstanceStorageConfig` | | 編輯匯出的報告 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect: DisassociateInstanceStorageConfig`
`s3:ListAllMyBuckets`
`s3:GetBucketLocation`
`s3:CreateBucket`
`kms:DescribeKey`
`kms:ListAliases`
`kms:RetireGrant`
`kms:CreateGrant`
`iam:PutRolePolicy` | ## 資料串流頁面 ### 聯絡記錄區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視資料串流 – 聯絡記錄 | `connect:DescribeInstance`
`connect:ListInstanceStorageConfigs`
`connect:DescribeInstanceStorageConfig` | | 編輯聯絡記錄 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect:DisassociateInstanceStorageConfig`
`firehose:ListDeliveryStreams`
`firehose:DescribeDeliveryStream`
`kinesis:ListStreams`
`kinesis:DescribeStream`
`iam:PutRolePolicy` | ### 客服人員事件區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視資料串流 – 客服人員事件 | `connect:DescribeInstance`
`connect:ListInstanceStorageConfigs`
`connect:DescribeInstanceStorageConfig` | | 編輯客服人員事件 | `connect:AssociateInstanceStorageConfig`
`connect:UpdateInstanceStorageConfig`
`connect:DisassociateInstanceStorageConfig`
`kinesis:ListStreams`
`kinesis: DescribeStream`
`iam:PutRolePolicy` | ## 流程頁面 ### 流量安全性金鑰區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視流量安全性金鑰 | `connect:DescribeInstance`
`connect:ListSecurityKeys` | | 新增/移除流程安全性金鑰 | `connect:AssociateSecurityKey`
`connect:DisassociateSecurityKey` | ### Lex 機器人區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視 Lex 機器人 | `connect:ListLexBots`
`connect:ListBots` | | 新增/移除 Lex 機器人 | `lex:GetBots`
`lex:GetBot`
`lex:CreateResourcePolicy`
`lex:DeleteResourcePolicy`
`lex:UpdateResourcePolicy`
`lex:DescribeBotAlias`
`lex:ListBotAliases`
`lex:ListBots`
`connect:AssociateBot`
`connect:DisassociateBot`
`connect:ListBots`
`connect:AssociateLexBot`
`connect:DisassociateLexBot`
`connect:ListLexBots`
`iam:PutRolePolicy` | ### Lambda 函數區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視 Lambda 函數 | `connect:ListLambdaFunctions` | | 新增/移除 Lambda 函數 | `connect:ListLambdaFunctions`
`connect:AssociateLambdaFunction`
`connect:DisassociateLambdaFunction`
`iam:PutRolePolicy`
`lambda:ListFunctions`
`lambda:AddPermission`
`lambda:RemovePermission` | ### 流程日誌區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視流程日誌組態 | `connect:DescribeInstance`
`connect:DescribeInstanceAttribute` | | 啟用/停用流程日誌 | `logs:CreateLogGroup` | ### Amazon Polly 區段 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視 Amazon Polly 選項 | `connect:DescribeInstance`
`connect:DescribeInstanceAttribute` | | 更新 Amazon Polly 選項 | `connect:UpdateInstanceAttribute` | ## Contact Lens 連接器頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視 Contact Lens 連接器 | `connect:ListIntegrationAssociations`
`chime:GetVoiceConnector`
`chime:GetVoiceConnectorLoggingConfiguration`
`chime:GetVoiceConnectorTermination`
`chime:GetVoiceConnectorTerminationHealth`
`chime:ListVoiceConnectors`
`chime:ListVoiceConnectorTerminationCredentials`
`chime:GetVoiceConnectorExternalSystemsConfiguration` | | 新增/更新/移除 Contact Lens 連接器 | `chime:CreateVoiceConnector`
`chime:DeleteVoiceConnector`
`chime:DeleteVoiceConnectorTermination`
`chime:DeleteVoiceConnectorTerminationCredentials`
`chime:GetVoiceConnector`
`chime:GetVoiceConnectorLoggingConfiguration`
`chime:GetVoiceConnectorTermination`
`chime:GetVoiceConnectorTerminationHealth`
`chime:ListVoiceConnectors`
`chime:ListVoiceConnectorTerminationCredentials`
`chime:PutVoiceConnectorLoggingConfiguration`
`chime:PutVoiceConnectorTermination`
`chime:PutVoiceConnectorTerminationCredentials`
`chime:UpdateVoiceConnector`
`chime:CreateConnectAnalyticsConnector`
`chime:PutVoiceConnectorExternalSystemsConfiguration`
`chime:GetVoiceConnectorExternalSystemsConfiguration`
`chime:DeleteVoiceConnectorExternalSystemsConfiguration`
`chime:AssociateVoiceConnectorConnect`
`chime:DisassociateVoiceConnectorConnect`
`chime:TagResources`
`chime:UntagResources`
`chime:ListTagsForResource` | ## 語音轉接整合頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視外部語音轉接連接器 | `connect:ListIntegrationAssociations`
`chime:GetVoiceConnector`
`chime:GetVoiceConnectorLoggingConfiguration`
`chime:GetVoiceConnectorTermination`
`chime:GetVoiceConnectorTerminationHealth`
`chime:ListVoiceConnectors`
`chime:ListVoiceConnectorTerminationCredentials`
`chime:GetVoiceConnectorExternalSystemsConfiguration`
`servicequotas:GetServiceQuota` | | 新增/更新/移除外部語音轉接連接器 | `connect:CreateIntegrationAssociation`
`connect:DeleteIntegrationAssociation`
`connect:ListIntegrationAssociations`
`chime:CreateConnectCallTransferConnector`
`chime:CreateVoiceConnector`
`chime:DeleteVoiceConnector`
`chime:DeleteVoiceConnectorTermination`
`chime:DeleteVoiceConnectorTerminationCredentials`
`chime:GetVoiceConnector`
`chime:GetVoiceConnectorLoggingConfiguration`
`chime:GetVoiceConnectorOrigination`
`chime:GetVoiceConnectorTermination`
`chime:GetVoiceConnectorTerminationHealth`
`chime:ListVoiceConnectors`
`chime:ListVoiceConnectorTerminationCredentials`
`chime:PutVoiceConnectorLoggingConfiguration`
`chime:PutVoiceConnectorOrigination`
`chime:PutVoiceConnectorTermination`
`chime:PutVoiceConnectorTerminationCredentials`
`chime:UpdateVoiceConnector`
`chime:CreateConnectAnalyticsConnector`
`chime:PutVoiceConnectorExternalSystemsConfiguration`
`chime:GetVoiceConnectorExternalSystemsConfiguration`
`chime:DeleteVoiceConnectorExternalSystemsConfiguration`
`chime:AssociateVoiceConnectorConnect`
`chime:DisassociateVoiceConnectorConnect`
`chime:TagResources`
`chime:UntagResources`
`chime:ListTagsForResource`
`servicequotas:GetServiceQuota` | ## 應用程式整合頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視核准的來源 | `connect:DescribeInstance`
`connect:ListApprovedOrigins` | | 編輯核准的來源 | `connect: AssociateApprovedOrigin`
`connect:ListApprovedOrigins`
`connect:DisassociateApprovedOrigin` | ## 客戶設定檔頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 查看客戶設定檔 | `app-integrations:ListEventIntegrations`
`appflow:DescribeConnectorEntity`
`appflow:DescribeConnectorProfiles`
`appflow:DescribeFlow`
`appflow:ListFlows`
`appflow:ListConnectorEntities`
`appflow:ListConnectorProfiles`
`cloudwatch:GetMetricData`
`connect:DescribeInstance`
`connect:ListInstances`
`ds:DescribeDirectories`
`iam:ListRoles`
`kinesis:DescribeStreamSummary`
`kms:Decrypt`
`kms:DescribeKey`
`kms:GenerateDataKey`
`kms:ListKeys`
`profile:GetCalculatedAttributeDefinition`
`profile:GetDomain`
`profile:GetEventStream`
`profile:GetIdentityResolutionJob`
`profile:GetIntegration`
`profile:GetProfileObjectType`
`profile:GetProfileObjectTypeTemplate`
`profile:GetWorkflow`
`profile:ListAccountIntegrations`
`profile:ListCalculatedAttributeDefinitions`
`profile:ListDomains`
`profile:ListDomainLayouts`
`profile:ListEventStreams`
`profile:ListIdentityResolutionJobs`
`profile:ListIntegrations`
`profile:ListProfileObjectTypes`
`profile:ListProfileObjectTypeTemplates`
`profile:ListRecommenders`
`profile:ListSegmentDefinitions`
`sqs:ListQueues` | | 編輯客戶設定檔 | `app-integrations:CreateEventIntegration`
`app-integrations:ListEventIntegrations`
`appflow:CreateFlow`
`appflow:CreateConnectorProfile`
`appflow:DescribeFlow`
`appflow:DeleteFlow`
`appflow:DescribeConnectorEntity`
`appflow:DescribeConnectorProfiles`
`appflow:ListFlows`
`appflow:ListConnectorEntities`
`appflow:ListConnectorProfiles`
`appflow:StartFlow`
`cloudwatch:GetMetricData`
`connect:DescribeInstance`
`connect:ListInstances`
`ds:DescribeDirectories`
`events:CreateEventBus`
`events:DescribeEventBus`
`events:DescribeEventSource`
`events:ListEventSources`
`iam:CreateRole`
`iam:CreatePolicy`
`iam:AttachRolePolicy`
`iam:ListRoles`
`iam:PutRolePolicy`
`kinesis:DescribeStreamSummary`
`kinesis:ListStreams`
`kms:CreateGrant`
`kms:Decrypt`
`kms:DescribeKey`
`kms:GenerateDataKey`
`kms:ListAliases`
`kms:ListKeys`
`kms:ListGrants`
`profile:CreateCalculatedAttributeDefinition`
`profile:CreateDomain`
`profile:CreateDomainLayout`
`profile:CreateEventStream`
`profile:CreateIntegrationWorkflow`
`profile:CreateSegmentDefinition`
`profile:DeleteEventStream`
`profile:DeleteIntegration`
`profile:DeleteDomain`
`profile:DeleteProfileObjectType`
`profile:DetectProfileObjectType`
`profile:GetCalculatedAttributeDefinition`
`profile:GetDomain`
`profile:GetEventStream`
`profile:GetIdentityResolutionJob`
`profile:GetIntegration`
`profile:GetProfileObjectType`
`profile:GetProfileObjectTypeTemplate`
`profile:GetWorkflow`
`profile:ListAccountIntegrations`
`profile:ListCalculatedAttributeDefinitions`
`profile:ListDomains`
`profile:ListDomainLayouts`
`profile:ListEventStreams`
`profile:ListIdentityResolutionJobs`
`profile:ListIntegrations`
`profile:ListProfileObjectTypes`
`profile:ListProfileObjectTypeTemplates`
`profile:ListSegmentDefinitions`
`profile:PutIntegration`
`profile:PutProfileObjectType`
`profile:TagResource`
`profile:UntagResource`
`profile:UpdateDomain`
`s3:GetBucketLocation`
`s3:GetBucketPolicy`
`s3:GetObject`
`s3:HeadBucket`
`s3:ListAllMyBuckets`
`s3:ListBucket`
`s3:ListObjectsV2`
`s3:PutBucketPolicy`
`s3:SelectObjectContent`
`sqs:ListQueues` | ## 任務頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 查看任務整合 | `app-integrations:GetEventIntegration`
`connect:ListIntegrationAssociations` | | 編輯任務整合 | `app-integrations:CreateEventIntegration`
`app-integrations:GetEventIntegration`
`app-integrations:ListEventIntegrations`
`app-integrations:DeleteEventIntegrationAssociation`
`app-integrations:CreateEventIntegrationAssociation`
`appflow:CreateFlow`
`appflow:CreateConnectorProfile`
`appflow:DescribeFlow`
`appflow:DeleteFlow`
`appflow:DeleteConnectorProfile`
`appflow:DescribeConnectorEntity`
`appflow:ListFlows`
`appflow:ListConnectorEntities`
`appflow:StartFlow`
`connect:ListIntegrationAssociations`
`connect:DeleteIntegrationAssociation`
`connect:ListUseCases`
`connect:DeleteUseCase`
`events:ActivateEventSource`
`events:CreateEventBus`
`events:DescribeEventBus`
`events:DescribeEventSource`
`events:ListEventSources`
`events:ListTargetsByRule`
`events:PutRule`
`events:PutTargets`
`events:DeleteRule`
`events:RemoveTargets`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:ListAliases`
`kms:ListKeys`
`kms:ListGrants` | ## 電子郵件頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視電子郵件網域和地址 | `ses:GetIdentityVerificationAttributes`
`ses:DescribeReceiptRule`
`ses:DescribeActiveReceiptRuleSet`
`ses:GetEmailIdentity`
`ses:DescribeReceiptRuleSet`
`ses:GetConfigurationSetEventDestinations`
`ses:GetConfigurationSet` | | 編輯電子郵件網域和地址 | `ses:CreateReceiptRule`
`ses:UpdateReceiptRule`
`ses:SetActiveReceiptRuleSet`
`ses:CreateReceiptRuleSet`
`ses:CreateEmailIdentity`
`ses:TagResource`
`ses:UntagResource`
`ses:DeleteReceiptRule`
`ses:DeleteReceiptRuleSet`
`ses:CloneReceiptRuleSet`
`ses:CreateConfigurationSet`
`ses:CreateConfigurationSetEventDestination`
`ses:PutEmailIdentityConfigurationSetAttributes`
`ses:CreateEmailIdentityPolicy`
`ses:UpdateEmailIdentityPolicy`
`ses:DeleteEmailIdentityPolicy`
`iam:CreateServiceLinkedRole`
`iam:PassRole`
`iam:CreateRole`
`iam:CreatePolicy` | ## 案例頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視案例網域詳細資訊 | `connect:ListInstances`
`ds:DescribeDirectories`
`connect:ListIntegrationAssociations`
`cases:GetDomain` | | 加入案例 | `connect:ListInstances`
`connect:ListIntegrationAssociations`
`cases:GetDomain`
`cases:CreateDomain`
`connect:CreateIntegrationAssociation`
`connect:DescribeInstance`
`iam:PutRolePolicy` | ## 客戶身分驗證頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視客戶身分驗證 | `connect:ListIntegrationAssociations`
`cognito-idp:ListUserPools`
`cognito-idp:DescribeUserPool` | | 加入至客戶身分驗證 | `connect:CreateIntegrationAssociation`
`connect:DeleteIntegrationAssociation`
`connect:ListIntegrationAssociations`
`cognito-idp:ListUserPools`
`cognito-idp:DescribeUserPool`
`cognito-idp:ListUserPoolClients`
`cognito-idp:TagResource`
`cognito-idp:CreateUserPool` | ## 對外行銷活動頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視傳出活動 | `connect:ListIntegrationAssociations`
`connect:ListPhoneNumbersV2`
`connect:SearchEmailAddresses`
`connect:DescribeInstance`
`connect:DescribeInstanceAttribute`
`kms:DescribeKey`
`kms:ListKeys`
`profile:ListAccountIntegrations`
`profile:ListIntegrations`
`profile:ListDomains`
`profile:GetDomain`
`wisdom:ListKnowledgeBases`
`wisdom:GetKnowledgeBase`
`connect-campaigns:GetInstanceOnboardingJobStatus`
`connect-campaigns:GetConnectInstanceConfig`
`connect-campaigns:ListConnectInstanceIntegrations` | | 建立對外行銷活動 | `connect-campaigns:StartInstanceOnboardingJob`
`connect-campaigns:DeleteInstanceOnboardingJob`
`connect-campaigns:GetConnectInstanceConfig`
`connect-campaigns:GetInstanceOnboardingJobStatus`
`connect-campaigns:DeleteConnectInstanceConfig`
`connect:DescribeInstance`
`connect:DescribeInstanceAttribute`
`connect:UpdateInstanceAttribute`
`iam:CreateServiceLinkedRole`
`iam:DeleteServiceLinkedRole`
`iam:AttachRolePolicy`
`iam:PutRolePolicy`
`iam:DeleteRolePolicy`
`events:PutRule`
`events:PutTargets`
`events:DeleteRule`
`events:RemoveTargets`
`events:DescribeRule`
`events:ListTargetsByRule`
`ds:DescribeDirectories`
`kms:DescribeKey`
`kms:ListKeys`
`kms:CreateGrant`
`kms:RetireGrant`
`profile:CreateDomain`
`profile:ListAccountIntegrations`
`profile:ListIntegrations`
`profile:PutIntegration`
`profile:PutProfileObjectType`
`connect:CreateIntegrationAssociation`
`connect:ListIntegrationAssociations`
`connect:UpdateInstanceAttribute`
`connect:AssociateCustomerProfilesDomain`
`connect-campaigns:ListConnectInstanceIntegrations`
`connect-campaigns:PutConnectInstanceIntegration`
`wisdom:CreateKnowledgeBase`
`wisdom:ListKnowledgeBases` | ## Connect AI 代理程式頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視網域和整合 | `wisdom:ListAssistantAssociations`
`appflow:DescribeConnectorProfiles`
`app-integrations:GetDataIntegration`
`connect:DescribeInstance`
`connect:DescribeInstanceAttribute`
`connect:ListIntegrationAssociations`
`kms:DescribeKey`
`kms:ListGrants`
`wisdom:GetAssistant`
`wisdom:GetKnowledgeBase`
`wisdom:ListAssistantAssociations` | | 新增或移除網域 | `connect:CreateIntegrationAssociation`
`connect:DeleteIntegrationAssociation`
`connect:ListIntegrationAssociations`
`iam:DeleteRolePolicy`
`iam:PutRolePolicy`
`kms:CreateGrant`
`kms:DescribeKey`
`kms:ListAliases`
`wisdom:CreateAssistant`
`wisdom:DeleteAssistant`
`wisdom:GetAssistant`
`wisdom:ListAssistantAssociations`
`wisdom:ListAssistants`
`wisdom:TagResource` | | 新增或移除整合 | `wisdom:ListAssistantAssociations`
`app-integrations:CreateDataIntegration`
`app-integrations:CreateDataIntegrationAssociation`
`app-integrations:DeleteDataIntegrationAssociation`
`app-integrations:GetDataIntegration`
`app-integrations:ListDataIntegrations`
`appflow:CreateConnectorProfile`
`appflow:CreateFlow`
`appflow:DeleteFlow`
`appflow:DescribeConnector`
`appflow:DescribeConnectorEntity`
`appflow:DescribeConnectorProfiles`
`appflow:DescribeConnectors`
`appflow:DescribeFlow`
`appflow:ListConnectorEntities`
`appflow:StartFlow`
`appflow:StopFlow`
`appflow:TagResource`
`appflow:UseConnectorProfile`
`connect:CreateIntegrationAssociation`
`connect:DeleteIntegrationAssociation`
`connect:ListIntegrationAssociations`
`iam:DeleteRolePolicy`
`iam:PutRolePolicy`
`kms:CreateGrant`
`kms:Decrypt`
`kms:DescribeKey`
`kms:GenerateDataKey`
`kms:ListAliases`
`kms:ListGrants`
`secretsmanager:CreateSecret`
`secretsmanager:PutResourcePolicy`
`wisdom:CreateAssistantAssociation`
`wisdom:CreateKnowledgeBase`
`wisdom:DeleteAssistantAssociation`
`wisdom:DeleteKnowledgeBase`
`wisdom:GetAssistant`
`wisdom:GetKnowledgeBase`
`wisdom:ListAssistantAssociations`
`wisdom:ListKnowledgeBases`
`wisdom:TagResource` | ## Voice ID 頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視 Voice ID 整合 | `voiceid:DescribeDomain`
`voiceid:ListDomains`
`voiceid:RegisterComplianceConsent`
`voiceid:DescribeComplianceConsent`
`connect:ListIntegrationAssociations` | | 編輯 Voice ID 整合 | `voiceid:DescribeDomain`
`voiceid:ListDomains`
`voiceid:RegisterComplianceConsent`
`voiceid:DescribeComplianceConsent`
`voiceid:UpdateDomain`
`voiceid:CreateDomain`
`connect:ListIntegrationAssociations`
`connect:CreateIntegrationAssociation`
`connect:DeleteIntegrationAssociation`
`events:PutRule`
`events:DeleteRule`
`events:PutTargets`
`events:RemoveTargets`
`iam:PutRolePolicy` | ## 預測、容量規劃和排程頁面 | 動作/使用案例 | 需要的許可 | | --- | --- | | 檢視預測、容量規劃和排程 | `connect:DescribeForecastingPlanningSchedulingIntegration` | | 啟用預測、容量規劃和排程 | `connect:UpdateInstanceAttribute`
`connect:StartForecastingPlanningSchedulingIntegration` | | 停用預測、容量規劃和排程 | `connect:UpdateInstanceAttribute`
`connect:StopForecastingPlanningSchedulingIntegration` | ## 聯合 ### SAML 聯合 | 動作/使用案例 | 需要的許可 | | --- | --- | | SAML 聯合 | `connect:GetFederationToken` | ### 行政/緊急聯合 | 動作/使用案例 | 需要的許可 | | --- | --- | | 行政/緊急聯合 | `connect:AdminGetEmergencyAccessToken` |