

 **이 페이지는 볼트와 2012년부터 원래 REST API를 사용하는 Amazon Glacier 서비스의 기존 고객만 사용할 수 있습니다.**

아카이브 스토리지 솔루션을 찾고 있다면 Amazon S3의 Amazon Glacier 스토리지 클래스, S3 Glacier Instant Retrieval, S3 Glacier Flexible Retrieval 및 S3 Glacier Deep Archive를 사용하는 것이 좋습니다. 이러한 스토리지 옵션에 대한 자세한 내용은 [Amazon Glacier 스토리지 클래스](https://aws.amazon.com/s3/storage-classes/glacier/)를 참조하세요.

Amazon Glacier(기존 독립 실행형 볼트 기반 서비스)는 더 이상 신규 고객을 받지 않습니다. Amazon Glacier는 데이터를 볼트에 저장하고 Amazon S3 및 Amazon S3 Glacier 스토리지 클래스와 구별되는 자체 API를 갖춘 독립 실행형 서비스입니다. 기존 데이터는 Amazon Glacier에서 무기한으로 안전하게 보관되며 액세스 가능합니다. 마이그레이션은 필요하지 않습니다. 저비용 장기 아카이브 스토리지의 경우는 [S3 버킷 기반 API, 전체 가용성, 저렴한 비용 및 서비스 통합을 통해 우수한 고객 경험을 제공하는 Amazon S3 Glacier 스토리지 클래스](https://aws.amazon.com/s3/storage-classes/glacier/)를 AWS 권장합니다. S3 APIs AWS 리전 AWS 향상된 기능을 원하는 경우 [Amazon Glacier 볼트에서 Amazon S3 Glacier 스토리지 클래스로 데이터를 전송하기 위한AWS 솔루션 지침](https://aws.amazon.com/solutions/guidance/data-transfer-from-amazon-s3-glacier-vaults-to-amazon-s3/)을 사용하여 Amazon S3 Glacier 스토리지 클래스로 마이그레이션하는 것이 좋습니다.

기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다.

# API 권한 준거
<a name="glacier-api-permissions-ref"></a>

[Amazon Glacier가 IAM에서 작동하는 방식](security_iam_service-with-iam.md)을 설정하여 IAM 자격 증명(자격 증명 기반 정책) 또는 리소스(리소스 기반 정책)에 연결할 수 있는 권한 정책을 생성할 때는 아래 표를 참조할 수 있습니다. 표 목록 목록에 있습니다. Amazon Glacier AWS 

정책의 `Action` 요소에서 작업을 지정하고, 정책의 `Resource` 요소에서 리소스 값을 지정합니다. 또한 IAM 정책 언어 `Condition` 요소를 사용하여 정책이 시행되는 시점을 지정할 수 있습니다.

작업을 지정하려면 `glacier:` 접두사 다음에 API 작업 이름을 사용합니다(예: `glacier:CreateVault`). 대부분 Amazon Glacier 작업에서 `Resource`는 권한을 부여하고 싶은 볼트에 해당합니다. 볼트 ARN을 사용하여 `Resource` 값으로 볼트를 지정합니다. 조건을 표시하려면 미리 정의된 조건 키를 사용합니다. 자세한 내용은 [Amazon Glacier 내의 리소스 기반 정책](security_iam_service-with-iam.md#security_iam_service-with-iam-resource-based-policies) 단원을 참조하십시오.

다음 표에는 자격 증명 기반 정책과 리소스 기반 정책에서 사용할 수 있는 작업이 나열되어 있습니다.

**참고**  
일부 작업은 자격 증명 기반 정책에서만 사용할 수 있습니다. 이러한 작업은 첫 번째 열에서 API 작업 이름 뒤에 빨간색 별표(\*)로 표시됩니다.

스크롤 막대를 사용하여 표의 나머지 부분을 확인합니다.


**Amazon Glacier API 및 작업에 필요한 권한**  

| Amazon Glacier API 작업 | 필요한 권한(API 작업) | 리소스 | 조건 키 | 
| --- | --- | --- | --- | 
| [멀티파트 업로드 중단(DELETE uploadID)](api-multipart-abort-upload.md)  | glacier:AbortMultipartUpload | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [볼트 잠금 중단(DELETE lock-policy)](api-AbortVaultLock.md)  | glacier:AbortVaultLock |   |  | 
| [볼트에 태그 추가(POST tags add)](api-AddTagsToVault.md) | glacier:AddTagsToVault | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [멀티파트 업로드 완료(POST uploadID)](api-multipart-complete-upload.md) | glacier:CompleteMultipartUpload | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [볼트 잠금 완료(POST lockId)](api-CompleteVaultLock.md)  | glacier:CompleteVaultLock |   | `glacier:ResourceTag/{{TagKey}}` | 
| [볼트 만들기(PUT vault)](api-vault-put.md) \*  | glacier:CreateVault |   |  | 
| [아카이브 삭제(DELETE archive)](api-archive-delete.md) | glacier:DeleteArchive | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ArchiveAgeInDays`<br />`glacier:ResourceTag/{{TagKey}}` | 
| [볼트 삭제(DELETE vault)](api-vault-delete.md) | glacier:DeleteVault | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [볼트 액세스 정책 삭제(DELETE access-policy)](api-DeleteVaultAccessPolicy.md) | glacier:DeleteVaultAccessPolicy | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [볼트 알림 삭제(DELETE notification-configuration)](api-vault-notifications-delete.md) | glacier:DeleteVaultNotifications | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [작업 설명(GET JobID)](api-describe-job-get.md) | glacier:DescribeJob | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | 
| [볼트 설명(GET vault)](api-vault-get.md) | glacier:DescribeVault | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [데이터 가져오기 정책 가져오기(GET policy)](api-GetDataRetrievalPolicy.md) \*  | glacier:GetDataRetrievalPolicy | `arn:aws:glacier:{{region}}:{{account-id}}:policies/retrieval-limit-policy` |  | 
| [작업 출력 가져오기(GET output)](api-job-output-get.md) | glacier:GetJobOutput | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [볼트 액세스 정책 가져오기(GET access-policy)](api-GetVaultAccessPolicy.md) | glacier:GetVaultAccessPolicy | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [볼트 잠금 가져오기(GET lock-policy)](api-GetVaultLock.md)  | glacier:GetVaultLock | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [볼트 알림 가져오기(GET notification-configuration)](api-vault-notifications-get.md) | glacier:GetVaultNotifications | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [작업 시작(POST jobs)](api-initiate-job-post.md) | glacier:InitiateJob | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ArchiveAgeInDays`<br />`glacier:ResourceTag/{{TagKey}}` | 
| [멀티파트 업로드 시작(POST multipart-uploads)](api-multipart-initiate-upload.md) | glacier:InitiateMultipartUpload | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [볼트 잠금 시작(POST lock-policy)](api-InitiateVaultLock.md)  | glacier:InitiateVaultLock |   | `glacier:ResourceTag/{{TagKey}}` | 
| [작업 목록 조회(GET jobs)](api-jobs-get.md) | glacier:ListJobs | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [멀티파트 업로드 목록 조회(GET multipart-uploads)](api-multipart-list-uploads.md) | glacier:ListMultipartUploads | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [파트 목록 조회(GET uploadID)](api-multipart-list-parts.md) | glacier:ListParts | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [볼트의 태그 목록 조회(GET tags)](api-ListTagsForVault.md) | glacier:ListTagsForVault | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` |  | 
| [볼트 목록 조회(GET vaults)](api-vaults-get.md) | glacier:ListVaults |  |  | 
| [볼트에서 태그 삭제(POST tags remove)](api-RemoveTagsFromVault.md) | glacier:RemoveTagsFromVault | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [데이터 가져오기 정책 설정(PUT policy)](api-SetDataRetrievalPolicy.md) \* | glacier:SetDataRetrievalPolicy | `arn:aws:glacier:{{region}}:{{account-id}}:policies/retrieval-limit-policy` |  | 
| [볼트 액세스 정책 설정(PUT access-policy)](api-SetVaultAccessPolicy.md) | glacier:SetVaultAccessPolicy | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [볼트 알림 구성 설정(PUT notification-configuration)](api-vault-notifications-put.md) | glacier:SetVaultNotifications | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [아카이브 업로드(POST archive)](api-archive-post.md) | glacier:UploadArchive | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` | 
| [파트 업로드(PUT uploadID)](api-upload-part.md) | glacier:UploadMultipartPart | `arn:aws:glacier:{{region}}:{{account-id}}:vaults/vault-name`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/example*`<br />`arn:aws:glacier:{{region}}:{{account-id}}:vaults/*` | `glacier:ResourceTag/{{TagKey}}` |