访问控制（RAM）主界面

创建策略

配置模式 -> 脚本配置，然后输入以下内容：（[$Group_ID] 更换为需要操作的安全组 ID）

{
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "ecs:DescribeSecurityGroups",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "ecs:ModifySecurityGroupRule",
                "ecs:ModifySecurityGroupEgressRule",
                "ecs:DescribeSecurityGroup*",
                 "ecs:AuthorizeSecurityGroup",
                "ecs:RevokeSecurityGroup",
                "ecs:RevokeSecurityGroupEgress"
            ],
            "Resource": [
              "acs:ecs:*:*:securitygroup/[$Group_ID]",
              "acs:ecs:*:*:securitygroup/[$Group_ID]",
              "acs:ecs:*:*:securitygroup/[$Group_ID]"
            ]
        }
    ],
    "Version": "1"
}

创建用户

添加权限