Home PageResource Access ManagementDeveloper ReferenceSystem Policy ReferenceAliyunGovernanceFullAccess
Search for Help Content

AliyunGovernanceFullAccess

Updated at: 2024-05-06 11:30
Product
Community

AliyunGovernanceFullAccess is a service system policy that is managed by Alibaba Cloud. You can attach the AliyunGovernanceFullAccess policy to a Resource Access Management (RAM) identity, such as a RAM user, RAM user group, and RAM role. The AliyunGovernanceFullAccess policy: Provides full access to Cloud Governance Center(Governance) via Management Console.

Policy details

  • Type: service system policy

  • Creation time: 09:31:36 on July 08, 2021

  • Update time: 06:17:29 on August 08, 2023

  • Current version: v11

Policy content

{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "governance:*",
      "Resource": "*"
    },
    {
      "Action": "ram:CreateServiceLinkedRole",
      "Resource": "*",
      "Effect": "Allow",
      "Condition": {
        "StringEquals": {
          "ram:ServiceName": "governance.aliyuncs.com"
        }
      }
    },
    {
      "Effect": "Allow",
      "Action": [
        "resourcemanager:GetResourceDirectory",
        "resourcemanager:ListResources",
        "resourcemanager:ListFoldersForParent",
        "resourcemanager:InviteAccountToResourceDirectory",
        "resourcemanager:GetAccount",
        "resourcemanager:GetPayerForAccount",
        "resourcemanager:GetFolder",
        "resourcemanager:ListAccountRecordsForParent",
        "resourcemanager:ListChildrenForParent",
        "resourcemanager:ListAccounts",
        "resourcemanager:ListAccountsForParent",
        "resourcemanager:ListAncestors",
        "resourcemanager:ListDelegatedAdministrators"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "ram:GetAccountSummary",
        "ram:ListSAMLProviders"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "config:DescribeDeliveryChannels",
        "config:GetAggregateConfigRuleComplianceByPack",
        "config:ListSupportedProducts",
        "config:ListAggregateConfigRuleEvaluationResults",
        "config:ListCompliancePackTemplates",
        "config:GetManagedRule",
        "config:GetConfigRule",
        "config:ListAggregators",
        "config:DescribeConfigurationRecorder",
        "config:GetAggregateDiscoveredResource",
        "config:ListAggregateResourceEvaluationResults",
        "config:ListAggregateConfigDeliveryChannels",
        "actiontrail:DescribeTrails",
        "config:GetAggregateResourceComplianceByConfigRule"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "cloudsso:GetServiceStatus",
        "cloudsso:ListDirectories",
        "cloudsso:GetExternalSAMLIdentityProvider",
        "cloudsso:GetDirectorySAMLServiceProviderInfo",
        "cloudsso:GetMFAAuthenticationStatus",
        "cloudsso:ListUsers",
        "cloudsso:ListAccessConfigurations",
        "cloudsso:ListGroups"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "cen:ListTransitRouterAvailableResource"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "ram:ListPolicies",
      "Resource": "acs:ram:*:system:policy/*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "ecs:DescribeImages",
        "ecs:DescribeImageSharePermission",
        "ecs:DescribeRegions"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": "log:ListProject",
      "Resource": "acs:log:*:*:project/*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "quotas:GetProductQuota"
      ],
      "Resource": "*"
    }
  ],
  "Version": "1"
}

References

Previous: AliyunGPDBReadOnlyAccessNext: AliyunGlobalAccelerationFullAccess
  • On this page (1)
  • Policy details
  • Policy content
  • References
Feedback
phone Contact Us

Chat now with Alibaba Cloud Customer Service to assist you in finding the right products and services to meet your needs.

alicare alicarealicarealicare