创建策略
配置模式 -> 脚本配置,然后输入以下内容:([$Group_ID] 更换为需要操作的安全组 ID)
{
"Statement": [
{
"Effect": "Allow",
"Action": "ecs:DescribeSecurityGroups",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ecs:ModifySecurityGroupRule",
"ecs:ModifySecurityGroupEgressRule",
"ecs:DescribeSecurityGroup*",
"ecs:AuthorizeSecurityGroup",
"ecs:RevokeSecurityGroup",
"ecs:RevokeSecurityGroupEgress"
],
"Resource": [
"acs:ecs:*:*:securitygroup/[$Group_ID]",
"acs:ecs:*:*:securitygroup/[$Group_ID]",
"acs:ecs:*:*:securitygroup/[$Group_ID]"
]
}
],
"Version": "1"
}