文档

服务关联角色

更新时间:
一键部署

本文介绍Cloudera企业数据云平台服务关联角色AliyunServiceRoleForCDP以及如何删除该角色。

背景信息

Cloudera企业数据云平台服务关联角色AliyunServiceRoleForCDP是Cloudera企业数据云平台在某些情况下,为了完成自身的某个功能,需要获取其他云服务的访问权限而提供的RAM角色。更多关于服务关联角色的信息请参见服务关联角色

AliyunServiceRoleForCDP应用场景

Cloudera企业数据云平台集群创建及数据源绑定功能需要访问云服务器ECS、专有网络VPC等云服务的资源时,需要通过服务关联角色AliyunServiceRoleForCDP获取访问权限。

AliyunServiceRoleForCDP权限说明

AliyunServiceRoleForCDP具备以下云服务的访问权限:

"Action": [
  "acm:DescribeInstance",
  "acm:DescribeOrder",
  "acm:CreateOrder",
  "acm:DescribeProduct",
  "acm:DescribePrice",
  "ecs:RunInstances",
  "ecs:CreateInstance",
  "ecs:RenewInstance",
  "ecs:DescribeInstances",
  "ecs:DescribeDisks",
  "ecs:DescribeInstanceHistoryEvents",
  "ecs:DescribeInstanceStatus",
  "ecs:DescribeDeploymentSets",
  "ecs:DescribeAccountAttributes",
  "ecs:DescribeInstanceTypes",
  "ecs:AuthorizeSecurityGroup",
  "ecs:DescribeAvailableResource",
  "ecs:DescribePrice",
  "ecs:CreateDeploymentSet",
  "ecs:DeleteDeploymentSet",
  "ecs:ModifyInstanceChargeType",
  "ecs:ModifyInstanceSpec",
  "ecs:ModifyPrepayInstanceSpec",
  "ecs:AcceptInquiredSystemEvent",
  "ecs:RedeployInstance",
  "ecs:DescribeTasks",
  "ecs:ModifyInstanceAttribute",
  "ecs:DeleteInstances",
  "ecs:RebootInstances",
  "ecs:StartInstances",
  "ecs:StopInstances",
  "ecs:ResizeDisk",
  "ecs:AttachInstanceRamRole",
  "ecs:AllocateEipAddress",
  "ecs:AssociateEipAddress",
  "ecs:DescribeEipAddresses",
  "ecs:ReleaseEipAddress",
  "ecs:UnassociateEipAddress",
  "ecs:DescribeRenewalPrice"
],
"Resource": "*",
"Effect": "Allow"
}

删除AliyunServiceRoleForCDP

如果您需要删除AliyunServiceRoleForCDP服务关联角色,需要先释放依赖这个服务关联角色的Cloudera企业数据云平台集群。

删除服务关联角色的具体操作请参见删除服务关联角色

  • 本页导读 (0)
文档反馈