AliyunSasClawDefaultRolePolicy

AliyunSasClawDefaultRolePolicy 是专用于服务角色的授权策略，通常会在创建对应的服务角色时同步完成授权，以允许服务角色代您访问其他云服务。本策略由对应的阿里云服务按需更新，请勿将本策略授权给服务角色之外的 RAM 身份使用。

策略详情

• 类型：系统策略

• 创建时间：2026-04-27 14:28:49

• 更新时间：2026-04-27 14:28:49

• 当前版本：v1

策略内容

{
  "Version": "1",
  "Statement": [
    {
      "Action": [
        "yundun-aegis:Get*",
        "yundun-aegis:Describe*",
        "yundun-aegis:Query*",
        "yundun-aegis:List*",
        "yundun-sas:Get*",
        "yundun-sas:Describe*",
        "yundun-sas:Query*",
        "yundun-sas:List*",
        "yundun-sas:Check*",
        "yundun-aisc:Get*",
        "yundun-aisc:Describe*",
        "yundun-aisc:Query*",
        "yundun-aisc:List*",
        "yundun-aisc:Check*",
        "sasti:Get*",
        "sasti:Describe*",
        "sasti:Query*",
        "sasti:List*",
        "yundun-sas:Export*",
        "yundun-sas:HandleSecurityEvents",
        "yundun-sas:RefreshAssets",
        "yundun-sas:AddInstallCode",
        "yundun-sas:CreateOrUpdateAssetGroup",
        "yundun-sas:ModifyPostPayModuleSwitch",
        "yundun-sas:BindAuthToMachine",
        "yundun-sas:UpdatePostPaidBindRel",
        "yundun-sas:AddUninstallClientsByUuids",
        "yundun-sas:ModifyPushAllTask",
        "yundun-sas:ModifyStartVulScan",
        "yundun-sas:ExecStrategy",
        "yundun-sas:GenerateOnceTask",
        "yundun-sas:CreateAssetSelectionConfig",
        "yundun-sas:AddAssetSelectionCriteria",
        "yundun-sas:UpdateSelectionKeyByType",
        "yundun-sas:CreateVirusScanOnceTask",
        "yundun-sas:CreateFileDetectUploadUrl",
        "yundun-sas:CreateFileDetect"

      ],
      "Resource": "*",
      "Effect": "Allow"
    },
    {
      "Action": [
        "ecs:InvokeCommand"
      ],
      "Resource": "*",
      "Effect": "Allow"
    }
  ]
}

相关文档

• 权限策略基本元素

• 普通服务角色