AI 助理
备案控制台
文档
输入文档关键字查找
首页 访问控制 开发参考 系统策略参考 AliyunCSManagedEdgeRolePolicy

AliyunCSManagedEdgeRolePolicy

更新时间:
产品详情
我的收藏

AliyunCSManagedEdgeRolePolicy 是专用于服务角色的授权策略,通常会在创建对应的服务角色时同步完成授权,以允许服务角色代您访问其他云服务。本策略由对应的阿里云服务按需更新,请勿将本策略授权给服务角色之外的 RAM 身份使用。

策略详情

  • 类型:系统策略

  • 创建时间:2024-10-23 15:51:45

  • 更新时间:2024-10-23 15:51:45

  • 当前版本:v1

策略内容

{
	"Version": "1",
	"Statement": [{
			"Action": [
				"vpc:DescribeVpcs",
				"vpc:DescribeRouteEntryList"
			],
			"Resource": [
				"*"
			],
			"Effect": "Allow"
		},
		{
			"Effect": "Allow",
			"Action": [
				"vpc:DescribeEipAddresses",
				"vpc:AllocateEipAddress",
				"vpc:ReleaseEipAddress"
			],
			"Resource": "acs:vpc:*:*:eip/*"
		},
		{
			"Effect": "Allow",
			"Action": [
				"vpc:DescribeRouteTableList",
				"vpc:CreateRouteEntry",
				"vpc:DeleteRouteEntry"
			],
			"Resource": [
				"acs:vpc:*:*:routetable/*"
			]
		},
		{
			"Effect": "Allow",
			"Action": [
				"slb:DescribeLoadBalancers",
				"slb:DescribeLoadBalancerAttribute",
				"slb:DescribeAccessControlLists",
				"slb:DescribeAccessControlListAttribute",
				"slb:AddAccessControlListEntry",
				"slb:RemoveAccessControlListEntry",
				"slb:CreateLoadBalancer",
				"slb:DeleteLoadBalancer",
				"slb:CreateAccessControlList",
				"slb:DeleteAccessControlList",
				"slb:TagResources"
			],
			"Resource": [
				"acs:slb:*:*:acl/*",
				"acs:slb:*:*:loadbalancer/*"
			]
		},
		{
			"Effect": "Allow",
			"Action": [
				"vpc:AssociateEipAddress",
				"vpc:UnassociateEipAddress"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
				"ens:DescribeNetworks",
				"ens:DescribeInstances",
				"ens:DescribeLoadBalancers",
				"ens:DescribeLoadBalancerAttribute",
				"ens:DescribeLoadBalancerUDPListenerAttribute",
				"ens:DescribeLoadBalancerTCPListenerAttribute",
				"ens:DescribeLoadBalancerHTTPListenerAttribute",
				"ens:DescribeLoadBalancerHTTPSListenerAttribute",
				"ens:DescribeEnsEipAddresses",
				"ens:CreateLoadBalancer",
				"ens:ReleaseInstance",
				"ens:SetLoadBalancerStatus",
				"ens:ModifyLoadBalancerAttribute",
				"ens:SetBackendServers",
				"ens:AddBackendServers",
				"ens:RemoveBackendServers",
				"ens:CreateLoadBalancerUDPListener",
				"ens:SetLoadBalancerUDPListenerAttribute",
				"ens:CreateLoadBalancerTCPListener",
				"ens:SetLoadBalancerTCPListenerAttribute",
				"ens:StartLoadBalancerListener",
				"ens:StopLoadBalancerListener",
				"ens:DeleteLoadBalancerListener",
				"ens:CreateLoadBalancerHTTPListener",
				"ens:SetLoadBalancerHTTPListenerAttribute",
				"ens:CreateLoadBalancerHTTPSListener",
				"ens:SetLoadBalancerHTTPSListenerAttribute",
				"ens:CreateEipInstance",
				"ens:ModifyEnsEipAddressAttribute",
				"ens:AssociateEnsEipAddress",
				"ens:DescribeNetworkInterfaces",
				"ens:DescribeVSwitches",
				"ens:AssignPrivateIpAddresses",
				"ens:UnassignPrivateIpAddresses",
				"ens:UnAssociateEnsEipAddress"
			],
			"Resource": "*"
		},
		{
			"Action": "ram:CreateServiceLinkedRole",
			"Resource": "*",
			"Effect": "Allow",
			"Condition": {
				"StringEquals": {
					"ram:ServiceName": "eipaccess.slb.aliyuncs.com"
				}
			}
		}
	]
}

相关文档

上一篇:AliyunCSManagedCsiRolePolicy下一篇:AliyunCSManagedKubernetesRolePolicy