我尝试从控制台在 VPC 公有子网中创建 AWS Transfer 系列。它失败并出现以下错误“调用 AssociateAddress 时出错:您无权执行此操作”。解码消息,发现缺少 ec2:AssociateAddress 的权限
为角色添加了以下策略。创建服务器时错误仍然存在。你能帮忙吗
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:AssociateAddress",
"Resource": "arn:aws:ec2:us-east-1:111111:elastic-ip/*",
"Effect": "Allow"
}
]
}
AssociateAddress不仅适用于elastic-ip。你应该尝试:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:AssociateAddress",
"Resource": [
"arn:aws:ec2:us-east-1:111111:elastic-ip/*",
"arn:aws:ec2:us-east-1:111111:instance/*",
"arn:aws:ec2:us-east-1:111111:network-interface/*",
],
"Effect": "Allow"
}
]
}