AliyunServiceRolePolicyForVPNCertificate 是專用于服務關聯角色的授權策略，會在創建服務關聯角色 AliyunServiceRoleForVPNCertificate 時自動授權，以允許服務關聯角色代您訪問其他云服務。本策略由對應的阿里云服務按需更新，請勿將本策略授權給服務關聯角色之外的 RAM 身份使用。

策略詳情

• 類型：系統策略

• 創建時間：2020-11-12 06:28:09

• 更新時間：2022-10-08 06:37:48

• 當前版本：v4

策略內容

{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "kms:DescribeCertificate",
        "kms:GetCertificate",
        "kms:CertificatePublicKeyEncrypt",
        "kms:CertificatePrivateKeyDecrypt",
        "kms:CertificatePublicKeyVerify",
        "kms:CertificatePrivateKeySign",
        "yundun-cert:DescribeSSLCertificateList",
        "yundun-cert:DescribeSSLCertificateMatchDomainList",
        "yundun-cert:DescribeSSLCertificatePublicKeyDetail",
        "yundun-cert:DescribeSSLCertificatePrivateKey",
        "yundun-cert:Sign",
        "yundun-cert:Verify",
        "yundun-cert:Encrypt",
        "yundun-cert:Decrypt"
      ],
      "Resource": "*"
    },
    {
      "Action": "ram:DeleteServiceLinkedRole",
      "Resource": "*",
      "Effect": "Allow",
      "Condition": {
        "StringEquals": {
          "ram:ServiceName": "certificate.vpn.aliyuncs.com"
        }
      }
    }
  ],
  "Version": "1"
}

相關文檔

• 權限策略基本元素

• 服務關聯角色