更新时间:2020-06-24 10:02
时序数据库服务关联角色(AliyunServiceRoleForTSDB)是在某些场景下, 为了完成时序数据库自身的某个功能, 需要获取其他云服务的访问权限. 更多关于服务关联角色的信息请参见服务关联角色。
时序数据库InfluxDB®️版需要访问ECS、MongoDB和Redis相关的资源, 通过服务关联角色能够获取访问权限。
角色名称: AliyunServiceRoleForTSDB
角色权限策略:AliyunServiceRolePolicyForTSDB
权限说明: 允许时序数据库服务访问您ECS、MongoDB和Redis中的数据。
使用该权限的作用有以下两点:
{
"Version": "1",
"Statement": [
{
"Action": [
"ecs:CreateNetworkInterface",
"ecs:DescribeNetworkInterfaces",
"ecs:DeleteNetworkINterface",
"ecs:AttachNetworkInterface",
"ecs:DetachNetworkInterface",
"ecs:CreateNetworkInterfacePermission",
"ecs:DescribeNetworkInterfacePermissions",
"ecs:DeleteNetworkInterfacePermission",
"ecs:CreateSecurityGroup",
"ecs:DescirbeSecurityGroups",
"ecs:DescribeSecurityGroupAttribute",
"ecs:DeleteSecurityGroup",
"ecs:AuthorizeSecurityGroup",
"ecs:AuthorizeSecurityGroupEgress",
"ecs:RevokeSecurityGroup",
"ecs:RevokeSecurityGroupEgress"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"dds:DescribeDBInstances",
"dds:DescribeDBInstanceAttribute"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"kvstore:DescribeRegions",
"kvstore:DescribeInstances",
"kvstore:DescribeInstanceAttribute"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "hitsdb.aliyuncs.com"
}
}
}
]
}
如果您需要删除AliyunServiceRoleForTSDB(服务关联角色),请先确保您账号下没有实例正在使用该角色, 方可进行删除.具体操作请参见删除服务关联角色。
{
"Action": "ram:CreateServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "hitsdb.aliyuncs.com"
}
}
}
在文档使用中是否遇到以下问题
更多建议
匿名提交