服务(相关)角色是由腾讯云服务预定义,经用户授权后相应服务即可通过扮演服务相关角色对用户资源进行访问操作。本文档介绍具体服务相关角色的使用场景及相关权限策略信息。
CAM中产品名 | 角色名称 | 角色类型 | 角色载体 |
---|---|---|---|
私有域解析 Private DNS | PrivateDNS_QCSLinkedRoleInPL | 服务相关角色 | privatedns.cloud.tencent.com |
私有域解析 Private DNS | PrivateDNS_QCSLinkedRoleInCls | 服务相关角色 | privatedns.qcloud.com |
PrivateDNS_QCSLinkedRoleInPL
使用场景: 当前角色为私有域解析 Private DNS(privatedns)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForPrivateDNSLinkedRoleInPL
- 策略内容:
{ "statement": [ { "action": [ "vpc:CreateVpcEndPoint", "vpc:DeleteVpcEndPoint", "vpc:CreateVpcEndPointService", "vpc:DeleteVpcEndPointService", "vpc:CreateVpcEndPointServiceWhiteList", "vpc:DeleteVpcEndPointServiceWhiteList", "vpc:DescribeVpcEndPointService", "clb:DescribeLoadBalancers", "clb:DescribeLoadBalancersDetail", "clb:DescribeListeners", "clb:DescribeTargets" ], "effect": "allow", "resource": "*" } ], "version": "2.0" }
PrivateDNS_QCSLinkedRoleInCls
使用场景: 当前角色为私有域解析(privatedns)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForPrivateDNSLinkedRoleInCLS
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cls:DescribeConfigs", "cls:DescribeDashboards", "cls:DescribeTopics", "cls:GetChart", "cls:GetClsService", "cls:GetDashboard", "cls:getCursor", "cls:getIndex", "cls:getLogset", "cls:getTopic", "cls:searchLog", "cls:CreateChart", "cls:CreateDashboard", "cls:CreateIndex", "cls:ModifyDashboard", "cls:createLogset", "cls:createTopic", "cls:downloadLog", "cls:pushLog", "cls:DescribeLogsets", "cls:ListChart", "cls:ListDashboard", "cls:listLogset", "cls:listTopic", "cls:DescribeAgentConfigs" ], "resource": [ "*" ] } ] }