AliyunOpentrekManagerRolePolicy 是专用于服务角色的授权策略,通常会在创建对应的服务角色时同步完成授权,以允许服务角色代您访问其他云服务。本策略由对应的阿里云服务按需更新,请勿将本策略授权给服务角色之外的 RAM 身份使用。
策略详情
类型:系统策略
创建时间:2024-08-12 20:20:17
更新时间:2025-12-02 11:44:14
当前版本:v5
策略内容
{
"Version": "1",
"Statement": [
{
"Action": [
"cr:GetAuthorizationToken",
"cr:ListRepository",
"cr:ListRepositoryTag",
"cr:ListInstance",
"cr:ListInstanceEndpoint",
"cr:CreateRepository",
"cr:PushRepository",
"cr:PullRepository",
"cr:GetRepository",
"cr:GetNamespace",
"cr:ListNamespace",
"cr:CreateNamespace",
"cr:SearchRepo"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"cr-ee:GetAuthorizationToken",
"cr-ee:ListRepository",
"cr-ee:ListRepositoryTag",
"cr-ee:ListInstance",
"cr-ee:ListInstanceEndpoint",
"cr-ee:CreateRepository",
"cr-ee:PushRepository",
"cr-ee:PullRepository",
"cr-ee:GetRepository",
"cr-ee:GetNamespace",
"cr-ee:ListNamespace",
"cr-ee:CreateNamespace",
"cr-ee:SearchRepo"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"cs:Describe*",
"cs:Get*",
"cs:Check*",
"cs:Query*",
"cs:InstallClusterAddons",
"cs:UnInstallClusterAddons",
"cs:ModifyCluster",
"cs:ModifyClusterAddon",
"cs:UpgradeClusterAddons"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"oss:ListBuckets",
"oss:GetObjectMetadata",
"oss:GetObject",
"oss:ListObjects",
"oss:PutObject",
"oss:CopyObject",
"oss:CompleteMultipartUpload",
"oss:AbortMultipartUpload",
"oss:InitiateMultipartUpload",
"oss:UploadPartCopy",
"oss:UploadPart",
"oss:GetBucketInfo"
],
"Resource": "acs:oss:*:*:*",
"Effect": "Allow"
},
{
"Effect": "Allow",
"Action": [
"aipaas:*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"prometheus2:Get*",
"prometheus2:*Read",
"prometheus2:List*",
"prometheus:Get*",
"prometheus:*Read",
"prometheus:List*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "ascm:List*",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"cms:QueryMetricLast",
"cms:QueryMetricList",
"cms:GetMyGroups",
"cms:ListMyGroups",
"cms:DescribeMetricData",
"cms:DescribeMetricLast",
"cms:DescribeMetricMetaList",
"cms:DescribeMetricTop",
"cms:QueryMetricMeta",
"cms:QueryMetricTop",
"cms:ListMetricMeta",
"cms:ListMetricMetaProject",
"cms:QueryMetricData",
"cms:DescribeMetricList",
"cms:MetricMeta",
"cms:PutDimTableData",
"cms:BatchPutDimTableData"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"sls:List*",
"sls:Get*",
"sls:Create*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"log:List*",
"log:Get*",
"log:Create*",
"log:Update*",
"log:DeleteLogStore*"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "CPFS:Describe*",
"Resource": "*"
}
]
}相关文档
该文章对您有帮助吗?