All Products
Search

This Product

    Resource Access Management:AliyunServiceRolePolicyForOOSOpsCenter

    Document Center

    Resource Access Management:AliyunServiceRolePolicyForOOSOpsCenter

    Last Updated:May 21, 2025

    AliyunServiceRolePolicyForOOSOpsCenter is the authorization policy dedicated to a service-linked role. The policy is automatically attached to a service role when the service role is created. Then, the service-linked role is authorized to access other cloud services. This policy is updated by the relevant Alibaba Cloud service. Do not attach this policy to a RAM identity other than a service-linked role.

    Policy details

    • Type: service system policy

    • Creation time: 09:25:36 on June 18, 2024

    • Update time: 10:08:54 on May 21, 2025

    • Current version: v3

    Policy content

    {
  "Version": "1",
  "Statement": [
    {
      "Action": [
        "cms:PutResourceMetricRule",
        "cms:PutMetricRuleTargets",
        "cms:DescribeMetricRuleList",
        "cms:DescribeMetricRuleTargets",
        "cms:DeleteMetricRules",
        "cms:DeleteMetricRuleTargets",
        "cms:EnableMetricRules",
        "cms:DisableMetricRules",
        "cms:PutEventRule",
        "cms:PutEventRuleTargets",
        "cms:DescribeEventRuleList",
        "cms:DescribeEventRuleTargetList",
        "cms:DeleteEventRules",
        "cms:DeleteEventRuleTargets",
        "cms:EnableEventRules",
        "cms:DisableEventRules",
        "eventbridge:PutTargets",
        "eventbridge:CreateRule",
        "eventbridge:DisableRule",
        "eventbridge:EnableRule",
        "eventbridge:DeleteRule",
        "eventbridge:DeleteTargets",
        "ros:CreateStack",
        "ros:UpdateStack",
        "ros:DeleteStack",
        "ros:GetStack",
        "appflow:CreateFlow",
        "appflow:CreateUserAuthConfig",
        "appflow:DeleteFlow",
        "appflow:DeleteUserAuthConfig",
        "appflow:DisableFlow",
        "appflow:EnableFlow",
        "appflow:GetFlow",
        "appflow:GetUserAuthConfig",
        "appflow:LaunchFlow",
        "appflow:UpdateUserAuthConfig",
        "appflow:Validation"
      ],
      "Resource": "*",
      "Effect": "Allow"
    },
    {
      "Action": "ram:DeleteServiceLinkedRole",
      "Resource": "*",
      "Effect": "Allow",
      "Condition": {
        "StringEquals": {
          "ram:ServiceName": "opscenter.oos.aliyuncs.com"
        }
      }
    }
  ]
}

    References