服务(相关)角色是由腾讯云服务预定义,经用户授权后相应服务即可通过扮演服务相关角色对用户资源进行访问操作。本文档介绍具体服务相关角色的使用场景及相关权限策略信息。
CAM中产品名 | 角色名称 | 角色类型 | 角色载体 |
---|---|---|---|
数据湖计算 | DLC_QCSLinkedRoleInCheckDLCResource | 服务相关角色 | checkdlcresource.dlc.cloud.tencent.com |
DLC_QCSLinkedRoleInCheckDLCResource
使用场景: 当前角色为数据湖计算 Data Lake Compute(DLC)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForDLCLinkedRoleInCheckDLCResource
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cos:GetService", "cos:GetBucket", "cos:ListMultipartUploads", "cos:GetObject*", "cos:HeadObject", "cos:GetBucketObjectVersions", "cos:OptionsObject", "cos:ListParts", "cos:DeleteObject", "cos:PostObject", "cos:PostObjectRestore", "cos:PutObject*", "cos:InitiateMultipartUpload", "cos:UploadPart", "cos:UploadPartCopy", "cos:CompleteMultipartUpload", "cos:AbortMultipartUpload", "cos:DeleteMultipleObjects", "cos:AppendObject", "cos:HeadBucket", "vpc:DescribeRouteTable", "vpc:CreateRoute", "vpc:AcceptVpcPeeringConnection", "vpc:CreateVpcPeeringConnectionEx", "vpc:CreateVpcPeeringConnection", "vpc:DeleteVpcPeeringConnection", "vpc:DeleteVpcPeeringConnectionEx", "vpc:AcceptVpcPeeringConnectionEx", "vpc:DescribeVpcPeeringConnections", "cloudaudit:DescribeEvents", "cos:GetBucket*", "cos:PutBucket*", "cos:DeleteBucket*", "cos:RenameObject", "monitor:GetMonitorData", "chdfs:DescribeMountPoint", "chdfs:DescribeFileSystem", "chdfs:DescribeAccessGroups", "chdfs:DescribeAccessRules", "chdfs:ModifyFileSystem", "chdfs:ModifyAccessRules", "chdfs:CreateAccessGroup", "chdfs:CreateAccessRules", "chdfs:AssociateAccessGroups", "chdfs:DisassociateAccessGroups", "chdfs:DeleteAccessGroup", "chdfs:DeleteAccessRules", "vpc:DescribeAssistantCidr", "vpc:DescribeVpcEx", "chdfs:DescribeMountPoints", "oceanus:DescribeWorkSpaces", "oceanus:DescribeClusters", "oceanus:DescribeCHDFSAccessGroups", "oceanus:CreateCHDFSAccessGroup", "vpc:DescribeVpcEndPoint", "vpc:CreateVpcEndPoint", "vpc:DeleteVpcEndPoint" ], "resource": "*" } ] }