AliyunServiceRolePolicyForAccImc 是专用于服务关联角色的授权策略,会在创建服务关联角色 AliyunServiceRoleForAccImc 时自动授权,以允许服务关联角色代您访问其他云服务。本策略由对应的阿里云服务按需更新,请勿将本策略授权给服务关联角色之外的 RAM 身份使用。
策略详情
类型:系统策略
创建时间:2025-05-06 18:06:49
更新时间:2025-07-02 07:05:03
当前版本:v2
策略内容
{
"Version": "1",
"Statement": [
{
"Action": [
"cr:PullRepository",
"cr:GetAuthorizationToken",
"cr:GetRepositoryLayers",
"cr:GetRepositoryManifest",
"cr:GetRepositoryTag",
"cr:GetRepository",
"cr:ListInstance",
"cr:ListInstanceEndpoint"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"vpc:DescribeVSwitches",
"vpc:DescribeVSwitchAttributes",
"vpc:DescribeVpcs",
"vpc:AssociateEipAddress",
"vpc:UnassociateEipAddress",
"vpc:DescribeEipAddresses",
"vpc:AllocateEipAddress",
"vpc:ReleaseEipAddress",
"vpc:AddCommonBandwidthPackageIp",
"vpc:RemoveCommonBandwidthPackageIp",
"vpc:TagResources",
"vpc:CheckCanAllocateVpcPrivateIpAddress"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"ecs:CreateNetworkInterfacePermission",
"ecs:DeleteNetworkInterfacePermission",
"ecs:DescribeNetworkInterfacePermissions",
"ecs:CreateNetworkInterface",
"ecs:DescribeNetworkInterfaces",
"ecs:AttachNetworkInterface",
"ecs:DetachNetworkInterface",
"ecs:DeleteNetworkInterface",
"ecs:DescribeSecurityGroups",
"ecs:TagResources"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "imc.acc.aliyuncs.com"
}
}
}
]
}相关文档
该文章对您有帮助吗?