AliyunYundunBastionHostOperateOnlyAccess is a service system policy that is managed by Alibaba Cloud. You can attach the AliyunYundunBastionHostOperateOnlyAccess policy to a Resource Access Management (RAM) identity, such as a RAM user, RAM user group, and RAM role. The AliyunYundunBastionHostOperateOnlyAccess policy: Provides operator access to Bastion Host Service via Management Console.
Policy details
Type: service system policy
Creation time: 09:31:31 on September 27, 2018
Update time: 10:48:26 on August 22, 2025
Current version: v6
Policy content
{
"Version": "1",
"Statement": [
{
"Action": [
"yundun-bastionhost:GetInstance*",
"yundun-bastionhost:DescribeInstance*",
"yundun-bastionhost:QueryInstance*",
"yundun-bastionhost:ListInstance*",
"yundun-bastionhost:*Operation*",
"yundun-bastionhost:DescribeOpenService"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "pam:GetInstanceDetail",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "ram:CheckServiceLinkedRoleExistence",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "bastionhost.aliyuncs.com"
}
}
}
]
}