服务(相关)角色是由腾讯云服务预定义,经用户授权后相应服务即可通过扮演服务相关角色对用户资源进行访问操作。本文档介绍具体服务相关角色的使用场景及相关权限策略信息。
| CAM中产品名 | 角色名称 | 角色类型 | 角色载体 |
|---|---|---|---|
| 云服务器 | CVM_QCSLinkedRoleInCbsInit | 服务相关角色 | cbsinit.cvm.cloud.tencent.com |
| 云服务器 | CVM_QCSLinkedRoleInClawPro | 服务相关角色 | clawpro.cvm.cloud.tencent.com |
| 云服务器 | CVM_QCSLinkedRoleInOpenClaw | 服务相关角色 | openclaw.cvm.cloud.tencent.com |
| 云服务器 | CVM_QCSLinkedRoleInCVMRecommender | 服务相关角色 | CVMRecommender.cvm.cloud.tencent.com |
| 云服务器 | CVM_QCSLinkedRoleInCVMSmartDiagnostic | 服务相关角色 | cvmsmartdiagnostic.cvm.cloud.tencent.com |
CVM_QCSLinkedRoleInCbsInit
使用场景: 当前角色为云服务器(CVM)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForCVMLinkedRoleInCbsinit
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "resource": [ "*" ], "action": [ "tat:RunCommand", "tat:DescribeInvocations", "tat:DescribeInvocationTasks", "tat:DescribeAutomationAgentStatus" ] } ] }
CVM_QCSLinkedRoleInClawPro
使用场景: 当前角色为 云服务器-ClawPro 服务角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForCVMLinkedRolelnClawPro
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cvm:*", "tat:*", "vpc:*", "ses:*", "sms:*" ], "resource": "*" }, { "effect": "allow", "action": [ "finance:trade" ], "resource": [ "qcs::cvm:::*" ] } ] }
CVM_QCSLinkedRoleInOpenClaw
使用场景: 当前角色为 云服务器-OpenClaw 服务角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForCVMLinkedRoleInOpenClaw
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cvm:*", "tat:*", "vpc:*", "ses:*", "sms:*" ], "resource": "*" }, { "effect": "allow", "action": [ "finance:trade" ], "resource": [ "qcs::cvm:::*" ] } ] }
CVM_QCSLinkedRoleInCVMRecommender
使用场景: 当前角色为云服务器(CVM)服务相关角色,该角色将在已关联策略的权限范围内访问您的CVM资源使用情况及相应的降本优化建议
权限策略
- 策略名称: QcloudAccessForCVMLinkedRoleInCVMRecommender
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cos:ListParts", "cos:PostObject", "cos:PutObject*", "cos:InitiateMultipartUpload", "cos:UploadPart", "cos:UploadPartCopy", "cos:CompleteMultipartUpload", "cos:AbortMultipartUpload", "cos:ListMultipartUploads", "organization:DescribeOrganizationMembers", "organization:CreateOrgMemberProductServiceRole", "region:DescribeRegions", "cvm:DescribeInstances", "cvm:DescribeInstancesStatus", "monitor:GetMonitorData", "cvm:InquiryPriceResetInstancesType", "cvm:InquiryPriceTerminateInstances", "cvm:DescribeZoneInstanceConfigInfos" ], "resource": "*" } ] }
CVM_QCSLinkedRoleInCVMSmartDiagnostic
使用场景: 当前角色为云服务器(CVM)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForCVMLinkedRoleInCVMSmartDiagnostic
- 策略内容:
{ "version": "2.0", "statement": [ { "action": [ "tat:DescribeAutomationAgentStatus", "tat:RunCommand", "tat:DescribeInvocationTasks", "cwp:DescribeMachineInfo", "cwp:DescribeMalWareList", "cwp:DescribeHostLoginList", "cwp:DescribeBruteAttackList", "cwp:DescribeRiskDnsList", "cwp:DescribeBashEvents" ], "resource": "*", "effect": "allow" } ] }
