Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.

# Contoh ringkasan kebijakan
<a name="access_policies_policy-summary-examples"></a>

Contoh berikut mencakup kebijakan JSON dengan [ringkasan kebijakan](access_policies_understand-policy-summary.md) terkait, [ringkasan layanan](access_policies_understand-service-summary.md), dan [ringkasan tindakan](access_policies_understand-action-summary.md) untuk membantu Anda memahami izin yang diberikan melalui kebijakan.

## Kebijakan 1: DenyCustomerBucket
<a name="example1"></a>

Kebijakan ini menunjukkan izin dan penolakan untuk layanan yang sama.

------
#### [ JSON ]

****  

```
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Sid": "FullAccess",
            "Effect": "Allow",
            "Action": ["s3:*"],
            "Resource": ["*"]
        },
        {
            "Sid": "DenyCustomerBucket",
            "Action": ["s3:*"],
            "Effect": "Deny",
            "Resource": ["arn:aws:s3:::customer", "arn:aws:s3:::customer/*" ]
        }
    ]
}
```

------

***DenyCustomerBucket**Ringkasan Kebijakan:*

![\[Gambar dialog ringkasan kebijakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-example1-dialog.png)


*DenyCustomerBucket Ringkasan Layanan **S3 (penolakan eksplisit)**:*

![\[Gambar dialog ringkasan layanan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-action-example1-dialog.png)


***GetObject (Baca)** Ringkasan Tindakan:*

![\[Gambar dialog ringkasan tindakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-resource-example1-dialog.png)


## Kebijakan 2: DynamoDbRowCognito ID
<a name="policy_example2"></a>

Kebijakan ini menyediakan akses tingkat baris ke Amazon DynamoDB berdasarkan ID Amazon Cognito pengguna.

------
#### [ JSON ]

****  

```
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "dynamodb:DeleteItem",
                "dynamodb:GetItem",
                "dynamodb:PutItem",
                "dynamodb:UpdateItem"
            ],
            "Resource": [
                "arn:aws:dynamodb:us-west-1:123456789012:table/myDynamoTable"
            ],
            "Condition": {
                "ForAllValues:StringEquals": {
                    "dynamodb:LeadingKeys": [
                        "${cognito-identity.amazonaws.com:sub}"
                    ]
                }
            }
        }
    ]
}
```

------

*DynamoDbRowCognitoRingkasan Kebijakan **ID**:*

![\[image dialog ringkasan kebijakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-example2-dialog.png)


***DynamoDbRowCognitoID DynamoDB (Izinkan) Ringkasan Layanan**:*

![\[Gambar dialog ringkasan layanan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-action-example2-dialog.png)


***GetItem (Daftar)** Ringkasan Tindakan:*

![\[Gambar dialog ringkasan tindakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-resource-example2-dialog.png)


## Kebijakan 3: MultipleResourceCondition
<a name="policy_example3"></a>

Kebijakan ini mencakup beberapa sumber daya dan ketentuan.

------
#### [ JSON ]

****  

```
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": ["arn:aws:s3:::Apple_bucket/*"],
            "Condition": {"StringEquals": {"s3:x-amz-acl": ["public-read"]}}
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": ["arn:aws:s3:::Orange_bucket/*"],
            "Condition": {"StringEquals": {
                "s3:x-amz-acl": ["custom"],
                "s3:x-amz-grant-full-control": ["1234"]
            }}
        }
    ]
}
```

------

***MultipleResourceCondition**Ringkasan Kebijakan:*

![\[image dialog ringkasan kebijakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-example3-dialog.png)


*MultipleResourceCondition Ringkasan Layanan **S3 (Izinkan)**:*

![\[Gambar dialog ringkasan layanan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-action-example3-dialog.png)


***PutObject (Tulis)** Ringkasan Tindakan:*

![\[Gambar dialog ringkasan tindakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-resource-example3-dialog.png)


## Kebijakan 4: EC2 \$1pemecahan masalah
<a name="policy_example4"></a>

Kebijakan berikut memungkinkan pengguna untuk mendapatkan tangkapan layar instans Amazon EC2 yang dapat membantu mengatasi masalah EC2. Kebijakan ini juga mengizinkan melihat informasi tentang item di bucket pengembang Amazon S3. 

------
#### [ JSON ]

****  

```
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ec2:GetConsoleScreenshot"
            ],
            "Resource": [
                "*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::developer"
            ]
        }
    ]
}
```

------

***EC2\$1Memecahkan Masalah Ringkasan Kebijakan**:*

![\[image dialog ringkasan kebijakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-example4-dialog.png)


***EC2\$1Memecahkan Masalah Ringkasan Layanan S3 (Izinkan)**:*

![\[Gambar dialog ringkasan layanan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-action-example4-dialog.png)


***ListBucket (Daftar)** Ringkasan Tindakan:*

![\[Gambar dialog ringkasan tindakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-resource-example4-dialog.png)


## Kebijakan 5: CodeBuild \$1 CodeCommit \$1 CodeDeploy
<a name="example6"></a>

Kebijakan ini menyediakan akses ke sumber daya tertentu CodeBuild CodeCommit, dan CodeDeploy sumber daya. Karena sumber daya ini khusus untuk setiap layanan, mereka hanya muncul dengan layanan yang cocok. Jika Anda menyertakan sumber daya yang tidak cocok dengan layanan apa pun dalam elemen `Action` tersebut, sumber daya akan muncul di semua ringkasan tindakan.

------
#### [ JSON ]

****  

```
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [
        {
            "Sid": "Stmt1487980617000",
            "Effect": "Allow",
            "Action": [
                "codebuild:*",
                "codecommit:*",
                "codedeploy:*"
            ],
            "Resource": [
                "arn:aws:codebuild:us-east-2:123456789012:project/my-demo-project",
                "arn:aws:codecommit:us-east-2:123456789012:MyDemoRepo",
                "arn:aws:codedeploy:us-east-2:123456789012:application:WordPress_App",
                "arn:aws:codedeploy:us-east-2:123456789012:instance/AssetTag*"
            ]
        }
    ]
}
```

------

***CodeBuild\$1 CodeCommit \$1** Ringkasan CodeDeploy Kebijakan:*

![\[image dialog ringkasan kebijakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-example6-dialog.png)


***CodeBuild\$1 CodeCommit \$1 CodeDeploy CodeBuild (Izinkan)** Ringkasan Layanan:*

![\[Gambar dialog ringkasan layanan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-action-example6-dialog.png)


***CodeBuild\$1 CodeCommit \$1 CodeDeploy StartBuild (Tulis)** Ringkasan Tindakan:*

![\[Gambar dialog ringkasan tindakan\]](http://docs.aws.amazon.com/id_id/IAM/latest/UserGuide/images/policies-summary-resource-example6-dialog.png)