All Products
Search
Document Center

Resource Access Management:AliyunServiceRolePolicyForECSSecurityGroupSnapshot

Last Updated:Jul 15, 2024

AliyunServiceRolePolicyForECSSecurityGroupSnapshot is the authorization policy dedicated to a service-linked role. The policy is automatically attached to a service role when the service role is created. Then, the service-linked role is authorized to access other cloud services. This policy is updated by the relevant Alibaba Cloud service. Do not attach this policy to a RAM identity other than a service-linked role.

Policy details

  • Type: service system policy

  • Creation time: 09:42:16 on July 04, 2024

  • Update time: 09:42:16 on July 04, 2024

  • Current version: v1

Policy content

{
  "Version": "1",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "oss:PutObject",
        "oss:GetObject",
        "oss:DeleteObject",
        "oss:ListObjects"
      ],
      "Resource": "acs:oss:*:*:sg-snapshot*/*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "oss:PutBucket",
        "oss:DeleteBucket",
        "oss:GetBucketInfo"
      ],
      "Resource": "acs:oss:*:*:sg-snapshot*"
    },
    {
      "Action": "ram:DeleteServiceLinkedRole",
      "Resource": "*",
      "Effect": "Allow",
      "Condition": {
        "StringEquals": {
          "ram:ServiceName": "securitygroup-snapshot.ecs.aliyuncs.com"
        }
      }
    }
  ]
}

References