服务(相关)角色是由腾讯云服务预定义,经用户授权后相应服务即可通过扮演服务相关角色对用户资源进行访问操作。本文档介绍具体服务相关角色的使用场景及相关权限策略信息。
CAM中产品名 | 角色名称 | 角色类型 | 角色载体 |
---|---|---|---|
运维安全中心(堡垒机) | DASB_QCSLinkedRoleInUserasset | 服务相关角色 | userasset.dasb.cloud.tencent.com |
DASB_QCSLinkedRoleInUserasset
使用场景: 当前角色为运维安全中心(堡垒机)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForDASBLinkedRoleInUserasset
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cvm:DescribeInstances", "cvm:DescribeInstancesStatus", "cdb:DescribeDBInstances", "sqlserver:DescribeDBInstances", "cynosdb:DescribeInstances", "cynosdb:DescribeClusters", "mariadb:DescribeDBInstances", "postgres:DescribeDBInstances", "redis:DescribeInstances", "mongodb:DescribeDBInstances", "vpc:CreateVpcEndPoint", "vpc:DescribeVpcEndPoint", "vpc:DeleteVpcEndPoint", "dcdb:DescribeDCDBInstances", "ckafka:DescribeInstances", "ckafka:DescribeInstancesDetail", "ckafka:DescribeInstanceAttributes", "ckafka:DescribeTopic", "ckafka:DescribeTopicDetail", "ckafka:DescribeRoute", "ckafka:CreateRoute", "cam:ListMaskedSubAccounts" ], "resource": [ "*" ] } ] }