AliyunYundunBastionHostAuditOnlyAccess 是阿里云管理的产品系统策略,您可以将 AliyunYundunBastionHostAuditOnlyAccess 授权给 RAM 身份(RAM 用户、RAM 用户组和 RAM 角色),本策略定义了管理云盾堡垒机(BastionHost)的审计员权限。
策略详情
类型:系统策略
创建时间:2018-09-27 09:31:34
更新时间:2024-12-16 11:13:55
当前版本:v5
策略内容
{
"Version": "1",
"Statement": [
{
"Action": [
"yundun-bastionhost:GetInstance*",
"yundun-bastionhost:DescribeInstance*",
"yundun-bastionhost:QueryInstance*",
"yundun-bastionhost:ListInstance*",
"yundun-bastionhost:*Audit*"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "pam:GetInstanceDetail",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "ram:CheckServiceLinkedRoleExistence",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "bastionhost.aliyuncs.com"
}
}
}
]
}