本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
# AWS Resilience Hub 角色和 IAM 許可參考
您可以使用 AWS Resilience Hub `AWSResilienceHubAsssessmentExecutionPolicy` AWS 受管政策和下列其中一個角色特定政策,將 IAM 許可授予使用 所需的角色。如需 AWS 受管政策的詳細資訊,請參閱 [AWSResilienceHubAsssessmentExecutionPolicy](security-iam-awsmanpol.md#security_iam_aws-assessment-policy)。
**Topics**
+ [基礎設施應用程式管理員角色的 IAM 許可](#iam-infra-continuity-manager)
+ [業務持續性管理員角色的 IAM 許可](#iam-business-continuity-manager)
+ [應用程式擁有者角色的 IAM 許可](#iam-application-owner)
+ [授予唯讀存取權的 IAM 許可](#iam-read-only-access)
## 基礎設施應用程式管理員角色的 IAM 許可
下列政策會授予 Infrastructure 應用程式管理員角色所需的必要許可。
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Sid": "InfrastructureApplicationManager",
"Effect": "Allow",
"Action": [
"resiliencehub:AddDraftAppVersionResourceMappings",
"resiliencehub:CreateAppVersionAppComponent",
"resiliencehub:CreateAppVersionResource",
"resiliencehub:CreateRecommendationTemplate",
"resiliencehub:DeleteAppAssessment",
"resiliencehub:DeleteAppInputSource",
"resiliencehub:DeleteAppVersionAppComponent",
"resiliencehub:DeleteAppVersionResource",
"resiliencehub:DeleteRecommendationTemplate",
"resiliencehub:Describe*",
"resiliencehub:List*",
"resiliencehub:PublishAppVersion",
"resiliencehub:PutDraftAppVersionTemplate",
"resiliencehub:RemoveDraftAppVersionResourceMappings",
"resiliencehub:ResolveAppVersionResources",
"resiliencehub:StartAppAssessment",
"resiliencehub:TagResource",
"resiliencehub:UntagResource",
"resiliencehub:UpdateAppVersion",
"resiliencehub:UpdateAppVersionAppComponent",
"resiliencehub:UpdateAppVersionResource"
],
"Resource": "*"
}
]
}
```
------
## 業務持續性管理員角色的 IAM 許可
下列政策會授予業務持續性管理員角色所需的必要許可。
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Sid": "BusinessContinuityManager",
"Effect": "Allow",
"Action": [
"resiliencehub:CreateResiliencyPolicy",
"resiliencehub:DeleteResiliencyPolicy",
"resiliencehub:Describe*",
"resiliencehub:List*",
"resiliencehub:ResolveAppVersionResources",
"resiliencehub:TagResource",
"resiliencehub:UntagResource",
"resiliencehub:UpdateAppVersion",
"resiliencehub:UpdateAppVersionAppComponent",
"resiliencehub:UpdateAppVersionResource",
"resiliencehub:UpdateResiliencyPolicy"
],
"Resource": "*"
}
]
}
```
------
## 應用程式擁有者角色的 IAM 許可
下列政策會授予應用程式擁有者角色所需的必要許可。
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Sid": "ApplicationOwner",
"Effect": "Allow",
"Action": [
"resiliencehub:AddDraftAppVersionResourceMappings",
"resiliencehub:BatchUpdateRecommendationStatus",
"resiliencehub:CreateApp",
"resiliencehub:CreateAppVersionAppComponent",
"resiliencehub:CreateAppVersionResource",
"resiliencehub:CreateRecommendationTemplate",
"resiliencehub:CreateResiliencyPolicy",
"resiliencehub:DeleteApp",
"resiliencehub:DeleteAppAssessment",
"resiliencehub:DeleteAppInputSource",
"resiliencehub:DeleteAppVersionAppComponent",
"resiliencehub:DeleteAppVersionResource",
"resiliencehub:DeleteRecommendationTemplate",
"resiliencehub:DeleteResiliencyPolicy",
"resiliencehub:Describe*",
"resiliencehub:ImportResourcesToDraftAppVersion",
"resiliencehub:List*",
"resiliencehub:PublishAppVersion",
"resiliencehub:PutDraftAppVersionTemplate",
"resiliencehub:RemoveDraftAppVersionResourceMappings",
"resiliencehub:ResolveAppVersionResources",
"resiliencehub:StartAppAssessment",
"resiliencehub:TagResource",
"resiliencehub:UntagResource",
"resiliencehub:UpdateApp",
"resiliencehub:UpdateAppVersion",
"resiliencehub:UpdateAppVersionAppComponent",
"resiliencehub:UpdateAppVersionResource",
"resiliencehub:UpdateResiliencyPolicy"
],
"Resource": "*"
}
]
}
```
------
## 授予唯讀存取權的 IAM 許可
下列政策會授予唯讀存取所需的必要許可。
------
#### [ JSON ]
****
```
{
"Version":"2012-10-17",
"Statement": [
{
"Sid": "ReadOnly",
"Effect": "Allow",
"Action": [
"resiliencehub:Describe*",
"resiliencehub:List*",
"resiliencehub:ResolveAppVersionResources"
],
"Resource": "*"
}
]
}
```
------