使用自定义 IAM 策略管理对 Amazon Connect 控制台的访问权限所需的权限 - Amazon Connect
AmazonConnect_ FullAccess 政策AmazonConnectReadOnlyAccess 政策主页详细信息页面“概述”页面“电话”页面“数据存储”页面“数据流式处理”页面“流”页面Contact Lens连接器页面语音传输集成“应用程序集成”页面“客户资料”页面“任务”页面电子邮件页面“案例”页面客户身份验证页面出站广告活动页面“Amazon Q in Connect”页面“Voice ID”页面“预测、容量规划和调度”页面联合身份验证

本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。

使用自定义 IAM 策略管理对 Amazon Connect 控制台的访问权限所需的权限

如果您使用自定义 IAM 策略来管理对 Amazon Connect 控制台的访问权限,则您的用户需要本文中列出的部分或全部权限,具体取决于他们需要执行的任务。

注意

connect:*在自定义 IAM 策略中使用可向您的用户授予本文中列出的所有 Amazon Connect 权限。

注意

Amazon Connect 控制台上的某些页面(例如任务客户资料)要求您为内联策略添加权限。

AWS 托管策略: AmazonConnect_ FullAccess 策略

要允许完全 read/write 访问 Amazon Connect,您必须为用户、群组或角色附加两项策略。附加 AmazonConnect_FullAccess 策略和包含以下内容的自定义策略:

JSON
{ 
    "Version": "2012-10-17", 
    "Statement": [ 
        { 
            "Sid": "AttachAnyPolicyToAmazonConnectRole", 
            "Effect": "Allow", 
            "Action": "iam:PutRolePolicy", 
            "Resource": "arn:aws:iam::*:role/aws-service-role/connect.amazonaws.com/AWSServiceRoleForAmazonConnect*" 
        } 
    ] 
}

要允许用户创建实例,请确保他们具有 AmazonConnect_FullAccess 策略授予的权限。

当您使用 AmazonConnect_FullAccess 策略时,请注意以下几点:

  • 要使用您选择的名称创建 Amazon S3 存储桶,或者在 Amazon Connect 管理网站上创建或更新实例时使用现有存储桶,则需要额外的权限。如果您为通话录音、聊天记录、电子邮件、附件、通话记录和其他数据选择默认存储位置,则系统会预置这些对象"amazon-connect-"

  • aws/connectKMS 密钥可用作默认加密选项。要使用自定义加密密钥,请为用户分配其他 KMS 权限。

  • 为用户分配额外权限,以便将 Amazon Polly、直播媒体流、数据流和 Lex 机器人等其他 AWS 资源附加到他们的 Amazon Connect 实例。

AWS 托管策略: AmazonConnectReadOnlyAccess策略

要允许只读访问,您只需附加 AmazonConnectReadOnlyAccess 策略。

Amazon Connect 控制台主页

下图显示了一个 Amazon Connect 控制台主页示例,其中一个箭头指向实例别名。选择实例别名可导航到详细的实例页面。

Amazon Connect 虚拟联系中心实例页面,实例别名。

使用下表中列出的权限来管理对此页面的访问。

操作/用例 所需权限

列出实例

connect:ListInstances

ds:DescribeDirectories

描述实例:查看实例/当前设置的详细信息

connect:DescribeInstance

connect:ListLambdaFunctions

connect:ListLexBots

connect:ListInstanceStorageConfigs

connect:ListApprovedOrigins

connect:ListSecurityKeys

connect:DescribeInstanceAttributes

connect:DescribeInstanceStorageConfig

ds:DescribeDirectories

创建实例

connect:AssociateCustomerProfilesDomain

connect:CreateInstance

connect:DescribeInstance

connect:ListInstances

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceAttribute

ds:CheckAlias

ds:CreateAlias

ds:AuthorizeApplication

ds:UnauthorizeApplication

ds:CreateIdentityPoolDirectory

ds:DescribeDirectories

iam:CreateServiceLinkedRole

iam:PutRolePolicy

kms:CreateGrant

kms:DescribeKey

kms:ListAliases

kms:RetireGrant

logs:CreateLogGroup

s3:CreateBucket

s3:GetBucketLocation

s3:ListAllMyBuckets

servicequotas:GetServiceQuota

profile:CreateDomain

profile:GetDomain

profile:GetProfileObjectType

profile:ListAccountIntegrations

profile:ListDomains

profile:ListProfileObjectTypeTemplates

profile:PutIntegration

删除实例

connect:DescribeInstance

connect:DeleteInstance

connect:ListInstances

ds:DescribeDirectories

ds:DeleteDirectory

ds:UnauthorizeApplication

详细的实例页面

下图显示了您用于访问每个详细实例页面的导航菜单。

Amazon Connect 实例页面上的导航菜单。

要访问详细的实例页面,您需要访问 Amazon Connect 控制台主页的权限(描述/列出)。或者,使用该AmazonConnectReadOnlyAccess政策。

下表列出了每个详细实例页面的精细权限。

注意

要执行Edit操作,用户还需要ListDescribe权限。

“概述”页面

操作/用例 所需权限
创建服务相关角色

connect:DescribeInstance

connect:ListInstances

connect:DescribeInstanceAttribute

connect:UpdateInstanceAttribute

connect:ListIntegrationAssociations

profile:ListAccountIntegrations

ds:DescribeDirectories

iam:CreateServiceLinkedRole

iam:PutRolePolicy

“电话”页面

操作/用例 所需权限
查看电话选项

connect:DescribeInstance

启用/禁用电话选项

connect:UpdateInstanceAttribute

查看出站活动

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:GetInstanceOnboardingJobStatus

connect:DescribeInstance

connect:DescribeInstanceAttribute

kms:DescribeKey

启用/禁用出站活动

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:GetInstanceOnboardingJobStatus

connect-campaigns:StartInstanceOnboardingJob

connect-campaigns:DeleteInstanceOnboardingJob

connect-campaigns:DeleteConnectInstanceConfig

connect:DescribeInstance

connect:DescribeInstanceAttribute

connect:UpdateInstanceAttribute

iam:CreateServiceLinkedRole

iam:DeleteServiceLinkedRole

iam:AttachRolePolicy

iam:PutRolePolicy

iam:DeleteRolePolicy

events:PutRule

events:PutTargets

events:DeleteRule

events:RemoveTargets

events:DescribeRule

events:ListTargetsByRule

ds:DescribeDirectories

kms:DescribeKey

kms:ListKeys

kms:CreateGrant

kms:RetireGrant

“数据存储”页面

“通话录音”部分

操作/用例 所需权限

查看通话录音

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

编辑通话录音

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:GetBucketAcl

s3:CreateBucket

kms:CreateGrant

kms:DescribeKey

kms:ListAliases

kms:RetireGrant

iam:PutRolePolicy

“屏幕录制”部分

操作/用例 所需权限

查看屏幕录制

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

编辑屏幕录制

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:GetBucketAcl

s3:CreateBucket

iam:PutRolePolicy

kms:CreateGrant

kms:DescribeKey

kms:ListAliases

kms:RetireGrant

“聊天转录”部分

操作/用例 所需权限

查看聊天转录

connect:DescribeInstance

connect:DescribeInstanceStorageConfig

connect:ListInstanceStorageConfigs

编辑聊天转录

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:GetBucketAcl

s3:CreateBucket

kms:CreateGrant

kms:DescribeKey

kms:ListAliases

kms:RetireGrant

iam:PutRolePolicy

“附件”部分

操作/用例 所需权限

查看附件

connect:DescribeInstance

connect:DescribeInstanceStorageConfig

connect:ListInstanceStorageConfigs

编辑附件

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:CreateBucket

s3:GetBucketAcl

kms:CreateGrant

kms:DescribeKey

kms:ListAliases

kms:RetireGrant

iam:PutRolePolicy

“实时媒体流式传输”部分

操作/用例 所需权限

查看实时媒体流式传输

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

编辑实时媒体流式传输

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

kms:CreateGrant

kms:DescribeKey

kms:RetireGrant

iam:PutRolePolicy

“导出的报告”部分

操作/用例 所需权限

查看导出的报告

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

编辑导出的报告

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect: DisassociateInstanceStorageConfig

s3:ListAllMyBuckets

s3:GetBucketLocation

s3:CreateBucket

kms:DescribeKey

kms:ListAliases

kms:RetireGrant

kms:CreateGrant

iam:PutRolePolicy

“数据流式处理”页面

“联系记录”部分

操作/用例 所需权限

查看数据流式处理 – 联系记录

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

编辑联系记录

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

firehose:ListDeliveryStreams

firehose:DescribeDeliveryStream

kinesis:ListStreams

kinesis:DescribeStream

iam:PutRolePolicy

“座席事件”部分

操作/用例 所需权限

查看数据流式处理 – 座席事件

connect:DescribeInstance

connect:ListInstanceStorageConfigs

connect:DescribeInstanceStorageConfig

编辑座席事件

connect:AssociateInstanceStorageConfig

connect:UpdateInstanceStorageConfig

connect:DisassociateInstanceStorageConfig

kinesis:ListStreams

kinesis: DescribeStream

iam:PutRolePolicy

“流”页面

“流安全密钥”部分

操作/用例 所需权限

查看流安全密钥

connect:DescribeInstance

connect:ListSecurityKeys

添加/删除流安全密钥

connect:AssociateSecurityKey

connect:DisassociateSecurityKey

“Lex 自动程序”部分

操作/用例 所需权限

查看 Lex 自动程序

connect:ListLexBots

connect:ListBots

添加/删除 Lex 自动程序

lex:GetBots

lex:GetBot

lex:CreateResourcePolicy

lex:DeleteResourcePolicy

lex:UpdateResourcePolicy

lex:DescribeBotAlias

lex:ListBotAliases

lex:ListBots

connect:AssociateBot

connect:DisassociateBot

connect:ListBots

connect:AssociateLexBot

connect:DisassociateLexBot

connect:ListLexBots

iam:PutRolePolicy

“Lambda 函数”部分

操作/用例 所需权限

查看 Lambda 函数

connect:ListLambdaFunctions

添加/删除 Lambda 函数

connect:ListLambdaFunctions

connect:AssociateLambdaFunction

connect:DisassociateLambdaFunction

iam:PutRolePolicy

lambda:ListFunctions

lambda:AddPermission

lambda:RemovePermission

“流日志”部分

操作/用例 所需权限

查看流日志配置

connect:DescribeInstance

connect:DescribeInstanceAttribute

启用/禁用流日志

logs:CreateLogGroup

“Amazon Polly”部分

操作/用例 所需权限

查看 Amazon Polly 选项

connect:DescribeInstance

connect:DescribeInstanceAttribute

更新 Amazon Polly 选项

connect:UpdateInstanceAttribute

Contact Lens连接器页面

操作/用例 所需权限

查看Contact Lens连接器

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:GetVoiceConnectorExternalSystemsConfiguration

Add/Update/RemoveContact Lens连接器

chime:CreateVoiceConnector

chime:DeleteVoiceConnector

chime:DeleteVoiceConnectorTermination

chime:DeleteVoiceConnectorTerminationCredentials

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:PutVoiceConnectorLoggingConfiguration

chime:PutVoiceConnectorTermination

chime:PutVoiceConnectorTerminationCredentials

chime:UpdateVoiceConnector

chime:CreateConnectAnalyticsConnector

chime:PutVoiceConnectorExternalSystemsConfiguration

chime:GetVoiceConnectorExternalSystemsConfiguration

chime:DeleteVoiceConnectorExternalSystemsConfiguration

chime:AssociateVoiceConnectorConnect

chime:DisassociateVoiceConnectorConnect

chime:TagResources

chime:UntagResources

chime:ListTagsForResource

语音传输集成

操作/用例 所需权限

查看外部语音传输连接器

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:GetVoiceConnectorExternalSystemsConfiguration

Add/Update/Remove外部语音传输连接器

chime:CreateVoiceConnector

chime:DeleteVoiceConnector

chime:DeleteVoiceConnectorTermination

chime:DeleteVoiceConnectorTerminationCredentials

chime:GetVoiceConnector

chime:GetVoiceConnectorLoggingConfiguration

chime:GetVoiceConnectorTermination

chime:GetVoiceConnectorTerminationHealth

chime:ListVoiceConnectors

chime:ListVoiceConnectorTerminationCredentials

chime:PutVoiceConnectorLoggingConfiguration

chime:PutVoiceConnectorTermination

chime:PutVoiceConnectorTerminationCredentials

chime:UpdateVoiceConnector

chime:CreateConnectAnalyticsConnector

chime:PutVoiceConnectorExternalSystemsConfiguration

chime:GetVoiceConnectorExternalSystemsConfiguration

chime:DeleteVoiceConnectorExternalSystemsConfiguration

chime:AssociateVoiceConnectorConnect

chime:DisassociateVoiceConnectorConnect

chime:TagResources

chime:UntagResources

chime:ListTagsForResource

“应用程序集成”页面

操作/用例 所需权限

查看批准的源

connect:DescribeInstance

connect:ListApprovedOrigins

编辑批准的源

connect: AssociateApprovedOrigin

connect:ListApprovedOrigins

connect:DisassociateApprovedOrigin

“客户资料”页面

操作/用例 所需权限

查看客户资料

app-integrations:ListEventIntegrations

appflow:DescribeConnectorEntity

appflow:DescribeConnectorProfiles

appflow:DescribeFlow

appflow:ListFlows

appflow:ListConnectorEntities

appflow:ListConnectorProfiles

cloudwatch:GetMetricData

connect:DescribeInstance

connect:ListInstances

ds:DescribeDirectories

iam:ListRoles

kinesis:DescribeStreamSummary

kms:Decrypt

kms:DescribeKey

kms:GenerateDataKey

kms:ListKeys

profile:GetCalculatedAttributeDefinition

profile:GetDomain

profile:GetEventStream

profile:GetIdentityResolutionJob

profile:GetIntegration

profile:GetProfileObjectType

profile:GetProfileObjectTypeTemplate

profile:GetWorkflow

profile:ListAccountIntegrations

profile:ListCalculatedAttributeDefinitions

profile:ListDomains

profile:ListDomainLayouts

profile:ListEventStreams

profile:ListIdentityResolutionJobs

profile:ListIntegrations

profile:ListProfileObjectTypes

profile:ListProfileObjectTypeTemplates

profile:ListSegmentDefinitions

sqs:ListQueues

编辑客户资料

app-integrations:CreateEventIntegration

app-integrations:ListEventIntegrations

appflow:CreateFlow

appflow:CreateConnectorProfile

appflow:DescribeFlow

appflow:DeleteFlow

appflow:DescribeConnectorEntity

appflow:DescribeConnectorProfiles

appflow:ListFlows

appflow:ListConnectorEntities

appflow:ListConnectorProfiles

appflow:StartFlow

cloudwatch:GetMetricData

connect:DescribeInstance

connect:ListInstances

ds:DescribeDirectories

events:CreateEventBus

events:DescribeEventBus

events:DescribeEventSource

events:ListEventSources

iam:CreateRole

iam:CreatePolicy

iam:AttachRolePolicy

iam:ListRoles

iam:PutRolePolicy

kinesis:DescribeStreamSummary

kinesis:ListStreams

kms:CreateGrant

kms:Decrypt

kms:DescribeKey

kms:GenerateDataKey

kms:ListAliases

kms:ListKeys

kms:ListGrants

profile:CreateCalculatedAttributeDefinition

profile:CreateDomain

profile:CreateDomainLayout

profile:CreateEventStream

profile:CreateIntegrationWorkflow

profile:CreateSegmentDefinition

profile:DeleteEventStream

profile:DeleteIntegration

profile:DeleteDomain

profile:DeleteProfileObjectType

profile:DetectProfileObjectType

profile:GetCalculatedAttributeDefinition

profile:GetDomain

profile:GetEventStream

profile:GetIdentityResolutionJob

profile:GetIntegration

profile:GetProfileObjectType

profile:GetProfileObjectTypeTemplate

profile:GetWorkflow

profile:ListAccountIntegrations

profile:ListCalculatedAttributeDefinitions

profile:ListDomains

profile:ListDomainLayouts

profile:ListEventStreams

profile:ListIdentityResolutionJobs

profile:ListIntegrations

profile:ListProfileObjectTypes

profile:ListProfileObjectTypeTemplates

profile:ListSegmentDefinitions

profile:PutIntegration

profile:PutProfileObjectType

profile:TagResource

profile:UntagResource

profile:UpdateDomain

s3:GetBucketLocation

s3:GetBucketPolicy

s3:GetObject

s3:HeadBucket

s3:ListAllMyBuckets

s3:ListBucket

s3:ListObjectsV2

s3:PutBucketPolicy

s3:SelectObjectContent

sqs:ListQueues

“任务”页面

操作/用例 所需权限

查看任务集成

app-integrations:GetEventIntegration

connect:ListIntegrationAssociations

编辑任务集成

app-integrations:CreateEventIntegration

app-integrations:GetEventIntegration

app-integrations:ListEventIntegrations

app-integrations:DeleteEventIntegrationAssociation

app-integrations:CreateEventIntegrationAssociation

appflow:CreateFlow

appflow:CreateConnectorProfile

appflow:DescribeFlow

appflow:DeleteFlow

appflow:DeleteConnectorProfile

appflow:DescribeConnectorEntity

appflow:ListFlows

appflow:ListConnectorEntities

appflow:StartFlow

connect:ListIntegrationAssociations

connect:DeleteIntegrationAssociation

connect:ListUseCases

connect:DeleteUseCase

events:ActivateEventSource

events:CreateEventBus

events:DescribeEventBus

events:DescribeEventSource

events:ListEventSources

events:ListTargetsByRule

events:PutRule

events:PutTargets

events:DeleteRule

events:RemoveTargets

kms:CreateGrant

kms:DescribeKey

kms:ListAliases

kms:ListKeys

kms:ListGrants

电子邮件页面

操作/用例 所需权限

查看电子邮件域名和地址

ses:GetIdentityVerificationAttributes

ses:DescribeReceiptRule

ses:DescribeActiveReceiptRuleSet

ses:GetEmailIdentity

ses:DescribeReceiptRuleSet

ses:GetConfigurationSetEventDestinations

ses:GetConfigurationSet

编辑电子邮件域名和地址

ses:CreateReceiptRule

ses:UpdateReceiptRule

ses:SetActiveReceiptRuleSet

ses:CreateReceiptRuleSet

ses:CreateEmailIdentity

ses:TagResource

ses:UntagResource

ses:DeleteReceiptRule

ses:DeleteReceiptRuleSet

ses:CloneReceiptRuleSet

ses:CreateConfigurationSet

ses:CreateConfigurationSetEventDestination

ses:PutEmailIdentityConfigurationSetAttributes

ses:CreateEmailIdentityPolicy

ses:UpdateEmailIdentityPolicy

ses:DeleteEmailIdentityPolicy

iam:CreateServiceLinkedRole

iam:PassRole

iam:CreateRole

iam:CreatePolicy

“案例”页面

操作/用例 所需权限

查看案例域详细信息

connect:ListInstances

ds:DescribeDirectories

connect:ListIntegrationAssociations

cases:GetDomain

加入 Cases

connect:ListInstances

connect:ListIntegrationAssociations

cases:GetDomain

cases:CreateDomain

connect:CreateIntegrationAssociation

connect:DescribeInstance

iam:PutRolePolicy

客户身份验证页面

操作/用例 所需权限

查看客户身份验证

connect:ListIntegrationAssociations

cognito-idp:ListUserPools

cognito-idp:DescribeUserPool

入门客户身份验证

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

connect:ListIntegrationAssociations

cognito-idp:ListUserPools

cognito-idp:DescribeUserPool

cognito-idp:ListUserPoolClients

cognito-idp:TagResource

cognito-idp:CreateUserPool

出站广告活动页面

动作/用例 所需权限
查看出站活动

connect:ListIntegrationAssociations

connect:ListPhoneNumbersV2

connect:SearchEmailAddresses

connect:DescribeInstance

connect:DescribeInstanceAttribute

kms:DescribeKey

kms:ListKeys

profile:ListAccountIntegrations

profile:ListIntegrations

profile:ListDomains

profile:GetDomain

wisdom:ListKnowledgeBases

wisdom:GetKnowledgeBase

connect-campaigns:GetInstanceOnboardingJobStatus

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:ListConnectInstanceIntegrations
创建出站式广告系列

connect-campaigns:StartInstanceOnboardingJob

connect-campaigns:DeleteInstanceOnboardingJob

connect-campaigns:GetConnectInstanceConfig

connect-campaigns:GetInstanceOnboardingJobStatus

connect-campaigns:DeleteConnectInstanceConfig

connect:DescribeInstance

connect:DescribeInstanceAttribute

connect:UpdateInstanceAttribute

iam:CreateServiceLinkedRole

iam:DeleteServiceLinkedRole

iam:AttachRolePolicy

iam:PutRolePolicy

iam:DeleteRolePolicy

events:PutRule

events:PutTargets

events:DeleteRule

events:RemoveTargets

events:DescribeRule

events:ListTargetsByRule

ds:DescribeDirectories

kms:DescribeKey

kms:ListKeys

kms:CreateGrant

kms:RetireGrant

profile:CreateDomain

profile:ListAccountIntegrations

profile:ListIntegrations

profile:PutIntegration

profile:PutProfileObjectType

connect:CreateIntegrationAssociation

connect:ListIntegrationAssociations

connect:UpdateInstanceAttribute

connect:AssociateCustomerProfilesDomain

connect-campaigns:ListConnectInstanceIntegrations

connect-campaigns:PutConnectInstanceIntegration

wisdom:CreateKnowledgeBase

wisdom:ListKnowledgeBases

“Amazon Q in Connect”页面

操作/用例 所需权限

查看域和集成

wisdom:ListAssistantAssociations

appflow:DescribeConnectorProfiles

app-integrations:GetDataIntegration

connect:DescribeInstance

connect:DescribeInstanceAttribute

connect:ListIntegrationAssociations

kms:DescribeKey

kms:ListGrants

wisdom:GetAssistant

wisdom:GetKnowledgeBase

wisdom:ListAssistantAssociations

添加或删除域

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

connect:ListIntegrationAssociations

iam:DeleteRolePolicy

iam:PutRolePolicy

kms:CreateGrant

kms:DescribeKey

kms:ListAliases

wisdom:CreateAssistant

wisdom:DeleteAssistant

wisdom:GetAssistant

wisdom:ListAssistantAssociations

wisdom:ListAssistants

wisdom:TagResource

添加或删除集成

wisdom:ListAssistantAssociations

app-integrations:CreateDataIntegration

app-integrations:CreateDataIntegrationAssociation

app-integrations:DeleteDataIntegrationAssociation

app-integrations:GetDataIntegration

app-integrations:ListDataIntegrations

appflow:CreateConnectorProfile

appflow:CreateFlow

appflow:DeleteFlow

appflow:DescribeConnector

appflow:DescribeConnectorEntity

appflow:DescribeConnectorProfiles

appflow:DescribeConnectors

appflow:DescribeFlow

appflow:ListConnectorEntities

appflow:StartFlow

appflow:StopFlow

appflow:TagResource

appflow:UseConnectorProfile

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

connect:ListIntegrationAssociations

iam:DeleteRolePolicy

iam:PutRolePolicy

kms:CreateGrant

kms:Decrypt

kms:DescribeKey

kms:GenerateDataKey

kms:ListAliases

kms:ListGrants

secretsmanager:CreateSecret

secretsmanager:PutResourcePolicy

wisdom:CreateAssistantAssociation

wisdom:CreateKnowledgeBase

wisdom:DeleteAssistantAssociation

wisdom:DeleteKnowledgeBase

wisdom:GetAssistant

wisdom:GetKnowledgeBase

wisdom:ListAssistantAssociations

wisdom:ListKnowledgeBases

wisdom:TagResource

“Voice ID”页面

操作/用例 所需权限

查看 Voice ID 集成

voiceid:DescribeDomain

voiceid:ListDomains

voiceid:RegisterComplianceConsent

voiceid:DescribeComplianceConsent

connect:ListIntegrationAssociations

编辑 Voice ID 集成

voiceid:DescribeDomain

voiceid:ListDomains

voiceid:RegisterComplianceConsent

voiceid:DescribeComplianceConsent

voiceid:UpdateDomain

voiceid:CreateDomain

connect:ListIntegrationAssociations

connect:CreateIntegrationAssociation

connect:DeleteIntegrationAssociation

events:PutRule

events:DeleteRule

events:PutTargets

events:RemoveTargets

iam:PutRolePolicy

“预测、容量规划和调度”页面

操作/用例 所需权限

查看预测、容量规划和调度

connect:DescribeForecastingPlanningSchedulingIntegration

启用预测、容量规划和调度

connect:UpdateInstanceAttribute

connect:StartForecastingPlanningSchedulingIntegration

禁用预测、容量规划和调度

connect:UpdateInstanceAttribute

connect:StopForecastingPlanningSchedulingIntegration

联合身份验证

SAML 联合身份验证

操作/用例 所需权限

SAML 联合身份验证

connect:GetFederationToken

管理员/紧急联合身份验证

操作/用例 所需权限

管理员/紧急联合身份验证

connect:AdminGetEmergencyAccessToken