AliyunIDaaSEiamReadOnlyAccess is a service system policy that is managed by Alibaba Cloud. You can attach the AliyunIDaaSEiamReadOnlyAccess policy to a Resource Access Management (RAM) identity, such as a RAM user, RAM user group, and RAM role. The AliyunIDaaSEiamReadOnlyAccess policy: Read-only access to the Employee Identity and Access Management (EIAM2.0).
Policy details
Type: service system policy
Creation time: 11:42:09 on February 25, 2022
Update time: 01:47:13 on May 25, 2023
Current version: v3
Policy content
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:DescribeNetworkInterfaces",
"ecs:DescribeSecurityGroups",
"vpc:DescribeVpcs",
"vpc:DescribeVSwitches",
"vpc:DescribeNatGateways",
"vpc:DescribeSnatTableEntries"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Effect": "Allow",
"Action": [
"eiam:Get*",
"eiam:List*",
"eiam:ExecApplicationMetadataUrlResolution",
"eiam:Check*",
"eiam:Preview*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "ram:CheckServiceLinkedRoleExistence",
"Resource": "*",
"Condition": {
"StringEquals": {
"ram:ServiceName": "eiam.aliyuncs.com"
}
}
}
]
}