AliyunServiceRolePolicyForCustomKeyStore

AliyunServiceRolePolicyForCustomKeyStore 是专用于服务关联角色的授权策略，会在创建服务关联角色 AliyunServiceRoleForCustomKeyStore 时自动授权，以允许服务关联角色代您访问其他云服务。本策略由对应的阿里云服务按需更新，请勿将本策略授权给服务关联角色之外的 RAM 身份使用。

策略详情

• 类型：系统策略

• 创建时间：2025-09-17 10:58:47

• 更新时间：2025-09-17 10:58:47

• 当前版本：v1

策略内容

{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "ecs:CreateNetworkInterfacePermission",
                "ecs:DeleteNetworkInterfacePermission",
                "ecs:CreateNetworkInterface",
                "ecs:DescribeNetworkInterfaces",
                "ecs:DescribeSecurityGroups",
                "ecs:CreateSecurityGroup",
                "ecs:DeleteSecurityGroup"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": [
                "vpc:DescribeVSwitches",
                "vpc:DescribeVpcs"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": [
                "yundun-hsm:DescribeInstances",
                "yundun-hsm:DescribeClusters"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": "ram:DeleteServiceLinkedRole",
            "Resource": "*",
            "Effect": "Allow",
            "Condition": {
              "StringEquals": {
                "ram:ServiceName": "customkeystore.kms.aliyuncs.com"
              }
            }
          }
    ]
}

相关文档

• 权限策略基本元素

• 服务关联角色