This article describes the AliyunServiceRoleForIoTLogExport service linked role and how to delete the role.
Description
IoT Platform provides the log dump feature. This feature allows you to export the operations log of IoT Platform to a Logstore of Log Service. To implement the feature, you must obtain access to Log Service. When you enable the feature, Alibaba Cloud creates the AliyunServiceRoleForIoTLogExport service linked role. You can assign the role to IoT Platform.
Role name:
AliyunServiceRoleForIoTLogExport
Role policy:
AliyunServiceRolePolicyForIoTLogExport
Policy document:
{
"Version": "1",
"Statement": [
{
"Action": [
log:PostLogStoreLogs
"log:CreateProject",
"log:GetLogStore",
"log:CreateLogStore",
"log:GetLogStore",
"log:ListLogStores",
"log:CreateLogStore",
log:CreateConfig
log:UpdateConfig
"log:GetConfig",
"log:CreateIndex",
"log:GetIndex",
"log:UpdateIndex",
log:CreateSavedSearch
log:UpdateSavedSearch
"log:GetSavedSearch",
log:DeleteSavedSearch
"log:GetSavedSearch",
"log:CreateDashboard",
"log:UpdateDashboard"
"log:GetDashboard",
log:DeleteDashboard
log:ListDashboard
],
"Resource": "acs:log:*:*:project/*",
"Effect": "Allow"
},
{
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "log-export.iot.aliyuncs.com"
}
}
}
]
}
Delete the role
If you no longer use the AliyunServiceRoleForIoTLogExport role, delete the role.
- Disable the log dump feature for all products step by step. For more information about how to disable the log dump feature for a product, see Dump logs.
- Delete the role. For more information, see Delete a service linked role.