AI 助理
备案控制台
首页 访问控制 开发参考 系统策略参考 AliyunYundunBastionHostAuditOnlyAccess

AliyunYundunBastionHostAuditOnlyAccess

更新时间: 2024-12-16 19:14:21

AliyunYundunBastionHostAuditOnlyAccess 是阿里云管理的产品系统策略,您可以将 AliyunYundunBastionHostAuditOnlyAccess 授权给 RAM 身份(RAM 用户、RAM 用户组和 RAM 角色),本策略定义了管理云盾堡垒机(BastionHost)的审计员权限。

策略详情

  • 类型:系统策略

  • 创建时间:2018-09-27 09:31:34

  • 更新时间:2024-12-16 11:13:55

  • 当前版本:v5

策略内容

{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "yundun-bastionhost:GetInstance*",
                "yundun-bastionhost:DescribeInstance*",
                "yundun-bastionhost:QueryInstance*",
                "yundun-bastionhost:ListInstance*",
                "yundun-bastionhost:*Audit*"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": "pam:GetInstanceDetail",
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": "ram:CheckServiceLinkedRoleExistence",
            "Resource": "*",
            "Effect": "Allow",
            "Condition": {
                "StringEquals": {
                    "ram:ServiceName": "bastionhost.aliyuncs.com"
                }
            }
        }
    ]
}

相关文档

上一篇: AliyunYundunAvdsFullAccess 下一篇: AliyunYundunBastionHostFullAccess
文档推荐