AliyunServiceRolePolicyForRapidPush 是专用于服务关联角色的授权策略,会在创建服务关联角色 AliyunServiceRoleForRapidPush 时自动授权,以允许服务关联角色代您访问其他云服务。本策略由对应的阿里云服务按需更新,请勿将本策略授权给服务关联角色之外的 RAM 身份使用。
策略详情
类型:系统策略
创建时间:2025-11-10 11:05:47
更新时间:2026-02-09 05:31:33
当前版本:v22
策略内容
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"vpc:DescribeVpcs",
"vpc:DescribeZones",
"vpc:CreateVpc",
"vpc:DeleteVpc",
"vpc:CreateVSwitch",
"vpc:DescribeVSwitches",
"vpc:DeleteVSwitch",
"vpc:AllocateEipAddress",
"vpc:DescribeEipAddresses",
"vpc:ReleaseEipAddress",
"vpc:CreateNatGateway",
"vpc:DeleteNatGateway",
"vpc:DescribeNatGateways",
"vpc:AssociateEipAddress",
"vpc:UnassociateEipAddress",
"vpc:CreateSnatEntry",
"vpc:DeleteSnatEntry",
"vpc:DescribeSnatTableEntries",
"vpc:CreateCommonBandwidthPackage",
"vpc:AddCommonBandwidthPackageIp"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"alb:CreateLoadBalancer",
"alb:GetLoadBalancerAttribute",
"alb:CreateServerGroup",
"alb:AddServersToServerGroup",
"alb:CreateListener",
"alb:DeleteListener",
"alb:DeleteServerGroup",
"alb:ListServerGroupServers",
"alb:ListListeners"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"ecs:DescribeAvailableResource",
"ecs:DescribePrice",
"ecs:DescribeInstanceTypes",
"ecs:DescribeSecurityGroups",
"ecs:DescribeSecurityGroupAttribute",
"ecs:CreateSecurityGroup",
"ecs:AuthorizeSecurityGroup",
"ecs:DescribeDisks",
"ecs:DescribeSecurityGroupAttribute"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"r-kvstore:CreateInstance",
"r-kvstore:DescribeInstanceAttribute",
"r-kvstore:DeleteInstance",
"r-kvstore:ModifySecurityIps",
"r-kvstore:DescribeSecurityIps"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"eci:DescribeContainerGroups",
"eci:DeleteContainerGroup",
"eci:UpdateContainerGroup",
"eci:DescribeContainerGroupMetric",
"eci:DescribeContainerGroupStatus",
"eci:RestartContainerGroup",
"eci:UpdateContainerGroupByTemplate",
"eci:DescribeContainerLog",
"eci:ExportContainerGroupTemplate",
"eci:DescribeDataCaches",
"eci:DescribeContainerLog"
],
"Resource": "*",
"Condition": {
"StringEquals": {
"acs:ResourceTag/sss": "sss-deployment"
}
}
},
{
"Effect": "Allow",
"Action": [
"eci:CreateImageCache",
"eci:DescribeImageCaches"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "eci:CreateContainerGroup",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "bssapi:DescribeInstanceBill",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "bss:DescribePrice",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"eas:ListResources",
"eas:ListResourceInstances",
"eas:DeleteResource",
"eas:DeleteResourceInstances",
"eas:CreateResource",
"eas:DescribeResource",
"eas:CreateService",
"eas:DescribeService",
"eas:DeleteService",
"eas:ListServices",
"eas:ListServiceInstances",
"eas:CreateResourceInstances",
"eas:UpdateService"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"paiworkspace:ListWorkspaces",
"paiworkspace:DeleteWorkspace",
"paiworkspace:CreateWorkspace"
],
"Resource": "*"
},
{
"Effect": "Allow",
"Action": [
"pai:CreateOrder",
"pai:ListProducts"
],
"Resource": "*"
},
{
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "rpintlmarket.market.aliyuncs.com"
}
}
},
{
"Action": "ram:CreateServiceLinkedRole",
"Resource": "*",
"Effect": "Allow"
},
{
"Effect": "Allow",
"Action": [
"oss:CreateBucket",
"oss:GetBucketInfo",
"oss:ListParts",
"oss:PutObject",
"oss:GetObject",
"oss:HeadObject",
"oss:DeleteObject",
"oss:CopyObject",
"oss:ListObjects",
"oss:InitiateMultipartUpload",
"oss:ListMultipartUploads",
"oss:AbortMultipartUpload",
"oss:GetObjectTagging",
"oss:PutObjectTagging",
"oss:DeleteObjectTagging",
"oss:UploadPart",
"oss:UploadPartCopy",
"oss:CompleteMultipartUpload",
"oss:PutBucket",
"oss:PutBucketCors"
],
"Resource": [
"acs:oss:*:*:sss-*"
]
}
]
}相关文档
该文章对您有帮助吗?