AliyunNATGatewayFullAccess is a service system policy that is managed by Alibaba Cloud. You can attach the AliyunNATGatewayFullAccess policy to a Resource Access Management (RAM) identity, such as a RAM user, RAM user group, and RAM role. The AliyunNATGatewayFullAccess policy: Provides full access to NAT Gateway via Management Console.
Policy details
Type: service system policy
Creation time: 10:43:43 on July 11, 2017
Update time: 02:53:28 on May 23, 2022
Current version: v7
Policy content
{
"Version": "1",
"Statement": [
{
"Action": [
"vpc:*NatGateway*",
"vpc:*Forward*",
"vpc:*Snat*",
"vpc:*FullNat*",
"vpc:DescribeVpcs",
"vpc:DescribeVSwitches",
"vpc:CreateBandwidthPackage",
"vpc:DescribeBandwidthPackages",
"vpc:ModifyBandwidthPackageSpec",
"vpc:AddBandwidthPackageIps",
"vpc:RemoveBandwidthPackageIps",
"vpc:DeleteBandwidthPackage",
"vpc:ConvertBandwidthPackage",
"vpc:*NatIp*"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "vpc:DeletionProtection",
"Resource": "acs:vpc:*:*:natgateway/*",
"Effect": "Allow"
},
{
"Action": "ram:CreateServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": [
"nat.aliyuncs.com",
"logdelivery.nat.aliyuncs.com"
]
}
}
}
]
}