AliyunServiceRolePolicyForADBPG
更新時(shí)間:
AliyunServiceRolePolicyForADBPG 是專用于服務(wù)關(guān)聯(lián)角色的授權(quán)策略,會(huì)在創(chuàng)建服務(wù)關(guān)聯(lián)角色 AliyunServiceRoleForADBPG 時(shí)自動(dòng)授權(quán),以允許服務(wù)關(guān)聯(lián)角色代您訪問其他云服務(wù)。本策略由對(duì)應(yīng)的阿里云服務(wù)按需更新,請(qǐng)勿將本策略授權(quán)給服務(wù)關(guān)聯(lián)角色之外的 RAM 身份使用。
策略詳情
類型:系統(tǒng)策略
創(chuàng)建時(shí)間:2020-08-10 12:08:23
更新時(shí)間:2020-08-10 12:08:23
當(dāng)前版本:v1
策略內(nèi)容
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:CreateNetworkInterface",
"ecs:DeleteNetworkInterface",
"ecs:AttachNetworkInterface",
"ecs:DetachNetworkInterface",
"ecs:DescribeNetworkInterfaces",
"ecs:CreateNetworkInterfacePermission",
"ecs:DescribeNetworkInterfacePermissions",
"ecs:CreateSecurityGroup",
"ecs:DeleteSecurityGroup",
"ecs:DescribeSecurityGroupAttribute",
"ecs:DescribeSecurityGroups",
"ecs:ModifySecurityGroupAttribute",
"ecs:AuthorizeSecurityGroup",
"ecs:AuthorizeSecurityGroupEgress",
"ecs:RevokeSecurityGroup",
"ecs:RevokeSecurityGroupEgress"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"kms:Listkeys",
"kms:Listaliases",
"kms:ListResourceTags",
"kms:DescribeKey",
"kms:UntagResource",
"kms:TagResource",
"kms:DescribeAccountKmsStatus"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"kms:Encrypt",
"kms:Decrypt",
"kms:GenerateDataKey"
],
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEqualsIgnoreCase": {
"kms:tag/acs:adbpg:instance-encryption": "true"
}
}
},
{
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "adbpg.aliyuncs.com"
}
}
},
{
"Action": [
"vpc:DescribeVSwitches",
"vpc:DescribeVpcs"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"alb:TagResources",
"alb:UnTagResources",
"alb:ListServerGroups",
"alb:ListServerGroupServers",
"alb:AddServersToServerGroup",
"alb:RemoveServersFromServerGroup",
"alb:ReplaceServersInServerGroup",
"alb:CreateLoadBalancer",
"alb:DeleteLoadBalancer",
"alb:UpdateLoadBalancerAttribute",
"alb:UpdateLoadBalancerEdition",
"alb:EnableLoadBalancerAccessLog",
"alb:DisableLoadBalancerAccessLog",
"alb:EnableDeletionProtection",
"alb:DisableDeletionProtection",
"alb:ListLoadBalancers",
"alb:GetLoadBalancerAttribute",
"alb:ListListeners",
"alb:CreateListener",
"alb:GetListenerAttribute",
"alb:UpdateListenerAttribute",
"alb:ListListenerCertificates",
"alb:AssociateAdditionalCertificatesWithListener",
"alb:DissociateAdditionalCertificatesFromListener",
"alb:DeleteListener",
"alb:CreateRule",
"alb:DeleteRule",
"alb:UpdateRuleAttribute",
"alb:CreateRules",
"alb:UpdateRulesAttribute",
"alb:DeleteRules",
"alb:ListRules",
"alb:CreateServerGroup",
"alb:DeleteServerGroup",
"alb:UpdateServerGroupAttribute",
"alb:DescribeZones"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"yundun-cert:DescribeUserCertificateList",
"yundun-cert:DescribeUserCertificateDetail"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"emr:GetCluster",
"emr:ListApplicationConfigs",
"emr:ListClusters",
"emr:ListNodes"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"rds:DescribeDBInstanceAttribute",
"rds:DescribeDBInstanceIPArrayList",
"rds:DescribeDBInstanceNetInfo",
"rds:DescribeDBInstanceSSL",
"rds:DescribeDBInstances",
"rds:DescribeDatabases",
"rds:DescribeOssDownloads",
"rds:DescribeRegions",
"rds:DescribeResourceUsage",
"rds:ModifySecurityIps"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"gpdb:DescribeDBInstanceAttribute",
"gpdb:DescribeDBInstances",
"gpdb:DescribeRegions",
"gpdb:DescribeDBInstanceIPArrayList",
"gpdb:DescribeDBClusterIPArrayList",
"gpdb:ModifySecurityIps",
"gpdb:DescribeDBInstanceNetInfo",
"gpdb:DescribeDBClusterPerformance",
"gpdb:ListStreamingDataServices",
"gpdb:CreateStreamingDataService",
"gpdb:DeleteStreamingDataService",
"gpdb:DescribeStreamingDataService"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"polardb:DescribeDBClusterIPArrayList",
"polardb:DescribeDBClusterNetInfo",
"polardb:DescribeDBClusters",
"polardb:DescribeRegions",
"polardb:DescribeDBClusterEndpoints",
"polardb:DescribeDBClusterAccessWhiteList",
"polardb:ModifyDBClusterAccessWhitelist",
"polardb:ModifySecurityIps",
"polardb:DescribeDBClusterAttribute"
],
"Resource": "*",
"Effect": "Allow"
}
]
}相關(guān)文檔
文檔內(nèi)容是否對(duì)您有幫助?