AliyunYundunBastionHostAuditOnlyAccess 是阿里云管理的產(chǎn)品系統(tǒng)策略，您可以將 AliyunYundunBastionHostAuditOnlyAccess 授權(quán)給 RAM 身份（RAM 用戶、RAM 用戶組和 RAM 角色），本策略定義了管理云盾堡壘機(jī)（BastionHost）的審計(jì)員權(quán)限。

策略詳情

• 類型：系統(tǒng)策略

• 創(chuàng)建時(shí)間：2018-09-27 09:31:34

• 更新時(shí)間：2024-12-16 11:13:55

• 當(dāng)前版本：v5

策略內(nèi)容

{
    "Version": "1",
    "Statement": [
        {
            "Action": [
                "yundun-bastionhost:GetInstance*",
                "yundun-bastionhost:DescribeInstance*",
                "yundun-bastionhost:QueryInstance*",
                "yundun-bastionhost:ListInstance*",
                "yundun-bastionhost:*Audit*"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": "pam:GetInstanceDetail",
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": "ram:CheckServiceLinkedRoleExistence",
            "Resource": "*",
            "Effect": "Allow",
            "Condition": {
                "StringEquals": {
                    "ram:ServiceName": "bastionhost.aliyuncs.com"
                }
            }
        }
    ]
}

相關(guān)文檔

• 權(quán)限策略基本元素

• 為RAM用戶授權(quán)

• 為RAM用戶組授權(quán)

• 為RAM角色授權(quán)