AliyunServiceRoleForCloudNDR 是专用于服务关联角色的授权策略,会在创建服务关联角色 AliyunServiceRoleForCloudNDR 时自动授权,以允许服务关联角色代您访问其他云服务。本策略由对应的阿里云服务按需更新,请勿将本策略授权给服务关联角色之外的 RAM 身份使用。
策略详情
类型:系统策略
创建时间:2024-05-27 16:58:02
更新时间:2024-05-27 16:58:02
当前版本:v6
策略内容
{"Version":"1","Statement":[{"Action":["ecs:DescribeInstances","ecs:DescribeNetworkInterfaces"],"Resource":"*","Effect":"Allow"},{"Action":["slb:DescribeLoadBalancers"],"Resource":"*","Effect":"Allow"},{"Action":["nlb:ListLoadBalancers"],"Resource":"*","Effect":"Allow"},{"Action":["alb:GetLoadBalancerAttribute","alb:ListLoadBalancers"],"Resource":"*","Effect":"Allow"},{"Action":["vpc:DescribeEipAddresses","vpc:DescribeNatGateways","vpc:DescribeIpv6Addresses"],"Resource":"*","Effect":"Allow"},{"Action":["log:DescribeService","log:EnableService"],"Resource":"*","Effect":"Allow"},{"Action":["log:ListProject","log:ListLogStores"],"Resource":"acs:log:*:*:project/*","Effect":"Allow"},{"Action":["log:PostLogStoreLogs","log:GetProject","log:GetLogStore","log:CreateLogStore","log:CreateProject","log:GetIndex","log:CreateIndex","log:UpdateIndex","log:CreateDashboard","log:ClearLogStoreStorage","log:UpdateLogStore","log:UpdateDashboard","log:DeleteProject","log:CreateSavedSearch","log:UpdateSavedSearch","log:DeleteLogStore"],"Resource":"acs:log:*:*:project/ndr*","Effect":"Allow"},{"Action":"yundun-aegis:DescribeAccesskeyLeakList","Resource":"*","Effect":"Allow"},{"Action":"ram:DeleteServiceLinkedRole","Resource":"*","Effect":"Allow","Condition":{"StringEquals":{"ram:ServiceName":"ndr.aliyuncs.com"}}}]}