

AWS Marketplace API 參考已重組。如需支援的 API 操作的詳細資訊，請參閱 [AWS Marketplace API 參考](https://docs.aws.amazon.com/marketplace/latest/APIReference/Welcome.html)。

本文為英文版的機器翻譯版本，如內容有任何歧義或不一致之處，概以英文版為準。

# AWS Marketplace 報告 API 的存取控制
<a name="reporting-api-access-control"></a>

您可以使用 AWS Marketplace 報告 API 來取得**採購洞察**儀表板。API 支援 [https://docs.aws.amazon.com/marketplace/latest/APIReference/API_marketplace-reporting_GetBuyerDashboard.html](https://docs.aws.amazon.com/marketplace/latest/APIReference/API_marketplace-reporting_GetBuyerDashboard.html)動作。

若要使用 API，您必須先建立`AWSServiceRoleForProcurementInsightsPolicy`服務連結角色。角色會執行下列動作：
+  AWS Marketplace 可讓 存取和描述買方組織中所有帳戶的資料。
+ 取得**採購洞察**儀表板
+ 可讓您註冊和取消註冊委派管理員

買方使用 AWS Marketplace 主控台啟用對**採購洞察**儀表板的信任存取時，會建立角色。如需該程序的詳細資訊，請參閱《 *AWS Marketplace 買方指南*》中的[啟用儀表板](https://docs.aws.amazon.com/marketplace/latest/buyerguide/enabling-procurement-insights.html#integrate-dashboard)。

**重要**  
使用 API 或 CLI 時，您必須先建立服務連結角色，才能啟用對儀表板的信任存取。
除了服務連結角色之外，您還必須為組織啟用所有功能，而且必須屬於 管理員帳戶。如需詳細資訊，請參閱 *AWS Organizations 使用者指南*中的下列主題：  
 [使用 Organizations 啟用 AWS 組織的所有功能](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_org_support-all-features.html)
[教學課程：建立和設定組織](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_tutorials_basic.html)
[使用 管理管理帳戶 AWS Organizations](https://docs.aws.amazon.com/organizations/latest/userguide/orgs-manage_accounts_management.html)

`AWSServiceRoleForProcurementInsightsPolicy` 必須有下列 IAM 許可，才能呼叫 [https://docs.aws.amazon.com/marketplace/latest/APIReference/API_marketplace-reporting_GetBuyerDashboard.html](https://docs.aws.amazon.com/marketplace/latest/APIReference/API_marketplace-reporting_GetBuyerDashboard.html)動作，以及註冊和取消註冊委派管理員：

------
#### [ JSON ]

****  

```
{
    "Version":"2012-10-17",		 	 	 
    "Statement": [{
            "Sid": "CreateServiceLinkedRoleForProcurementInsights",
            "Effect": "Allow",
            "Action": "iam:CreateServiceLinkedRole",
            "Resource": "arn:aws:iam::*:role/aws-service-role/procurement-insights.marketplace.amazonaws.com/AWSServiceRoleForProcurementInsights*",
            "Condition": {
                "StringLike": {
                    "iam:AWSServiceName": "procurement-insights.marketplace.amazonaws.com"
                }
            }
        },
        {
            "Sid": "EnableAWSServiceAccessForProcurementInsights",
            "Effect": "Allow",
            "Action": [
                "organizations:EnableAWSServiceAccess"
            ],
            "Resource": "*",
            "Condition": {
                "StringLike": {
                    "organizations:ServicePrincipal": "procurement-insights.marketplace.amazonaws.com"
                }
            }
        },
        {
            "Sid": "ManageDelegatedAdministrators",
            "Effect": "Allow",
            "Action": [
                "organizations:ListDelegatedAdministrators",
                "organizations:DeregisterDelegatedAdministrator",
                "organizations:RegisterDelegatedAdministrator"
            ],
            "Resource": "*",
            "Condition": {
                "StringLike": {
                    "organizations:ServicePrincipal": "procurement-insights.marketplace.amazonaws.com"
                }
            }
        },
        {
            "Sid": "GetBuyerDashboardStatement",
            "Effect": "Allow",
            "Action": "aws-marketplace:GetBuyerDashboard",
            "Resource": "*"
        },
        {
            "Sid": "ViewOrganizationDetails",
            "Effect": "Allow",
            "Action": [
                "organizations:DescribeOrganization",
                "organizations:ListAWSServiceAccessForOrganization"
            ],
            "Resource": "*"
        }
    ]
}
```

------

如需建立政策的詳細資訊，請參閱《*IAM 使用者指南*[》中的 AWS Identity and Access Management 中的政策和許可](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html)。

如需政策使用之 AWS Organizations 動作的詳細資訊，請參閱 [AWS Organizations API 參考](https://docs.aws.amazon.com/organizations/latest/APIReference/API_Operations.html)。