AliyunNASFullAccess 是阿里云管理的产品系统策略,您可以将 AliyunNASFullAccess 授权给 RAM 身份(RAM 用户、RAM 用户组和 RAM 角色),本策略定义了管理文件存储服务(NAS)的权限。
策略详情
类型:系统策略
创建时间:2016-03-29 03:34:09
更新时间:2023-02-14 12:17:35
当前版本:v2
策略内容
{
"Version": "1",
"Statement": [
{
"Action": "nas:*",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "bssapi:QueryResourcePackageInstances",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "cms:QueryMetricList",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"vpc:DescribeVpcs",
"vpc:DescribeVSwitches"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "ram:GetRole",
"Resource": [
"acs:ram:*:*:role/aliyunservicerolefornasstandard",
"acs:ram:*:*:role/aliyunservicerolefornasextreme",
"acs:ram:*:*:role/aliyunservicerolefornasencryption",
"acs:ram:*:*:role/aliyunservicerolefornaslogdelivery",
"acs:ram:*:*:role/aliyunservicerolefornasecshandler",
"acs:ram:*:*:role/aliyunservicerolefornascpfsnetwork",
"acs:ram:*:*:role/aliyunservicerolefornascpfsclient",
"acs:ram:*:*:role/aliyunservicerolefornasossdataflow",
"acs:ram:*:*:role/aliyunservicerolefornaseventnotification",
"acs:ram:*:*:role/aliyunnastieringrole",
"acs:ram:*:*:role/aliyunnasencryptdefaultrole",
"acs:ram:*:*:role/aliyunnasdefaultrole",
"acs:ram:*:*:role/aliyunnaslogarchiverole",
"acs:ram:*:*:role/aliyunnasmanageenirole"
],
"Effect": "Allow"
},
{
"Action": "ram:CreateServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": [
"extreme.nas.aliyuncs.com",
"encryption.nas.aliyuncs.com",
"logdelivery.nas.aliyuncs.com",
"ecs-handler.nas.aliyuncs.com",
"cpfs-network.nas.aliyuncs.com",
"cpfs-client.nas.aliyuncs.com",
"oss-dataflow.nas.aliyuncs.com",
"event-notification.nas.aliyuncs.com"
]
}
}
},
{
"Action": [
"kms:ListAliasesByKeyId",
"kms:ListKeys"
],
"Resource": "*",
"Effect": "Allow"
}
]
}相关文档
文档内容是否对您有帮助?