我尝试从控制台在VPC公共子网中创建AWS Transfer家族。失败,错误如下调用AssociateAddress出错:您没有权限执行此操作。对消息进行解码,发现缺少它缺少ec2的权限:AssociateAddress
将以下策略添加到角色中。在创建服务器时仍然存在错误。你能帮帮我吗
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:AssociateAddress",
"Resource": "arn:aws:ec2:us-east-1:111111:elastic-ip/*",
"Effect": "Allow"
}
]
}
AssociateAddress不仅适用于elastic-ip。你应该试试:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "ec2:AssociateAddress",
"Resource": [
"arn:aws:ec2:us-east-1:111111:elastic-ip/*",
"arn:aws:ec2:us-east-1:111111:instance/*",
"arn:aws:ec2:us-east-1:111111:network-interface/*",
],
"Effect": "Allow"
}
]
}