AliyunOpentrekManagerRolePolicy 是專用于服務角色的授權策略,通常會在創建對應的服務角色時同步完成授權,以允許服務角色代您訪問其他云服務。本策略由對應的阿里云服務按需更新,請勿將本策略授權給服務角色之外的 RAM 身份使用。
策略詳情
類型:系統策略
創建時間:2024-08-12 20:20:17
更新時間:2024-08-12 20:20:17
當前版本:v1
策略內容
{
"Version": "1",
"Statement": [
{
"Action": [
"cr:GetAuthorizationToken",
"cr:ListRepository",
"cr:ListRepositoryTag",
"cr:ListInstance",
"cr:ListInstanceEndpoint",
"cr:CreateRepository",
"cr:PushRepository",
"cr:PullRepository",
"cr:GetRepository",
"cr:GetNamespace",
"cr:ListNamespace",
"cr:CreateNamespace",
"cr:SearchRepo"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"cr-ee:GetAuthorizationToken",
"cr-ee:ListRepository",
"cr-ee:ListRepositoryTag",
"cr-ee:ListInstance",
"cr-ee:ListInstanceEndpoint",
"cr-ee:CreateRepository",
"cr-ee:PushRepository",
"cr-ee:PullRepository",
"cr-ee:GetRepository",
"cr-ee:GetNamespace",
"cr-ee:ListNamespace",
"cr-ee:CreateNamespace",
"cr-ee:SearchRepo"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"cs:DescribeSubaccountK8sClusterUserConfig",
"cs:DescribeClusterUserKubeconfig",
"cs:GetClusters",
"cs:DescribeClusterNodes"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"oss:ListBuckets",
"oss:GetObjectMetadata",
"oss:GetObject",
"oss:ListObjects",
"oss:PutObject",
"oss:CopyObject",
"oss:CompleteMultipartUpload",
"oss:AbortMultipartUpload",
"oss:InitiateMultipartUpload",
"oss:UploadPartCopy",
"oss:UploadPart",
"oss:GetBucketInfo"
],
"Resource": "acs:oss:*:*:*",
"Effect": "Allow"
}
]
}
相關文檔
文檔內容是否對您有幫助?