AliyunServiceRolePolicyForAmqpSTAROps 是专用于服务关联角色的授权策略,会在创建服务关联角色 AliyunServiceRoleForAmqpSTAROps 时自动授权,以允许服务关联角色代您访问其他云服务。本策略由对应的阿里云服务按需更新,请勿将本策略授权给服务关联角色之外的 RAM 身份使用。
策略详情
类型:系统策略
创建时间:2026-06-23 16:26:50
更新时间:2026-06-23 16:26:50
当前版本:v1
策略内容
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"starops:CreateDigitalEmployee",
"starops:GetDigitalEmployee",
"starops:ListDigitalEmployees",
"starops:UpdateDigitalEmployee",
"starops:DeleteDigitalEmployee"
],
"Resource": [
"acs:starops:*:*:digitalemployee/*"
]
},
{
"Effect": "Allow",
"Action": [
"starops:CreateChat",
"starops:CreateThread",
"starops:GetThread",
"starops:GetThreadData",
"starops:ListThreads",
"starops:UpdateThread",
"starops:DeleteThread"
],
"Resource": [
"acs:starops:*:*:digitalemployee/*",
"acs:starops:*:*:digitalemployee/*/thread/*"
]
},
{
"Effect": "Allow",
"Action": [
"starops:CreateDigitalEmployeeSkill",
"starops:GetDigitalEmployeeSkill",
"starops:ListDigitalEmployeeSkills",
"starops:UpdateDigitalEmployeeSkill",
"starops:DeleteDigitalEmployeeSkill",
"starops:ListDigitalEmployeeSkillVersions"
],
"Resource": [
"acs:starops:*:*:digitalemployee/*/skill/*"
]
},
{
"Effect": "Allow",
"Action": [
"starops:CreateMission",
"starops:GetMission",
"starops:ListMissions",
"starops:ListTasks",
"starops:UpdateMission",
"starops:DeleteMission"
],
"Resource": [
"acs:starops:*:*:mission/*"
]
},
{
"Effect": "Allow",
"Action": [
"starops:CreateMcpService",
"starops:GetMcpService",
"starops:ListMcpServices",
"starops:UpdateMcpService",
"starops:DeleteMcpService",
"starops:FetchRemoteMcpTools"
],
"Resource": [
"acs:starops:*:*:digitalemployee/*/mcpservice/*"
]
},
{
"Effect": "Allow",
"Action": [
"starops:GetArtifact",
"starops:ListArtifacts"
],
"Resource": [
"acs:starops:*:*:digitalemployee/*/artifact/*"
]
},
{
"Effect": "Allow",
"Action": [
"starops:GetCreditQuota",
"starops:SetCreditQuota"
],
"Resource": [
"acs:starops:*:*:quota/credit"
]
},
{
"Effect": "Allow",
"Action": [
"cms:CreateDigitalEmployee",
"cms:GetDigitalEmployee",
"cms:ListDigitalEmployees",
"cms:UpdateDigitalEmployee",
"cms:DeleteDigitalEmployee"
],
"Resource": [
"acs:cms:*:*:digitalemployee/*"
]
},
{
"Effect": "Allow",
"Action": [
"cms:CreateChat",
"cms:CreateThread",
"cms:GetThread",
"cms:GetThreadData",
"cms:ListThreads",
"cms:UpdateThread",
"cms:DeleteThread"
],
"Resource": [
"acs:cms:*:*:digitalemployee/*",
"acs:cms:*:*:digitalemployee/*/thread/*"
]
},
{
"Effect": "Allow",
"Action": [
"cms:CreateDigitalEmployeeSkill",
"cms:GetDigitalEmployeeSkill",
"cms:ListDigitalEmployeeSkills",
"cms:UpdateDigitalEmployeeSkill",
"cms:DeleteDigitalEmployeeSkill",
"cms:ListDigitalEmployeeSkillVersions"
],
"Resource": [
"acs:cms:*:*:digitalemployee/*/skill/*"
]
},
{
"Effect": "Allow",
"Action": [
"cms:CreateMission",
"cms:GetMission",
"cms:ListMissions",
"cms:ListTasks",
"cms:UpdateMission",
"cms:DeleteMission"
],
"Resource": [
"acs:cms:*:*:mission/*"
]
},
{
"Effect": "Allow",
"Action": [
"cms:CreateMcpService",
"cms:GetMcpService",
"cms:ListMcpServices",
"cms:UpdateMcpService",
"cms:DeleteMcpService",
"cms:FetchRemoteMcpTools"
],
"Resource": [
"acs:cms:*:*:digitalemployee/*/mcpservice/*"
]
},
{
"Effect": "Allow",
"Action": [
"cms:GetArtifact",
"cms:ListArtifacts"
],
"Resource": [
"acs:cms:*:*:digitalemployee/*/artifact/*"
]
},
{
"Effect": "Allow",
"Action": [
"cms:ListWorkspaces",
"cms:GetWorkspace",
"cms:GetEntityStore",
"cms:GetEntityStoreData"
],
"Resource": [
"acs:cms:*:*:workspace/*",
"acs:cms:*:*:entitystore/*",
"acs:cms:*:*:entitystoredata/*"
]
},
{
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "starops.amqp.aliyuncs.com"
}
}
}
]
}相关文档
该文章对您有帮助吗?