阿里云后台访问控制的权限管理,让小号帮你管理阿里云服务器

2021年4月2日10:27:19 评论 180

阿里云后台访问控制的权限管理,良心说这个权限分得真是细,细到一般人都看不懂。

非技术人员看帮助文档比较费劲,例子太少。

自己摸索也只是知道怎么给“实例”加team tag

然后通过tag筛选控制权限。安全组策略的等等也可以使用类似方法。

那些被分配权限的小号也有坑,登录后台不是aliyun.com,而是signin.aliyun.com

进到后台你会发现根本找不到被开放权限的主机,因为还需要选帐号全部资源》具体的服务器位置(美国硅谷之类的)。

全局标签,填好,键值,如此操作后就行了。还没有就多登录退出几次。也许就好了

阿里云后台访问控制的权限管理,让小号帮你管理阿里云服务器

 

一些规则,具体哪个靠谱我都忘了,试试就行了

+++++++++++++++++++++++++++++++++++
{
    "Statement": [
        {
            "Action": "ecs:*",
            "Effect": "Allow",
            "Resource": "*",
            "Condition": {
                "StringEquals": {
                    "ecs:tag/team": "huixing"
                }
            }
        },
        {
            "Action": "ecs:DescribeTag*",
            "Effect": "Allow",
            "Resource": "*"
        },
        {
            "Action": [
                "vpc:DescribeVpcs",
                "vpc:DescribeVSwitches"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ],
    "Version": "1"
}

++++++++++++++++++++++++++++++++++++++++
{
    "Version": "1",
    "Statement": [
        {
            "Action": "ecs:*",
            "Effect": "Allow",
            "Resource": "*",
            "Condition": {
                "StringEquals": {
                    "ecs:tag/*": "*"
                }
            }
        },
        {
            "Action": "ecs:DescribeTag*",
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}
++++++++++++++++++++++++++++++++++++
什么都允许
{
    "Statement": [
        {
            "Action": "*",
            "Effect": "Allow",
            "Resource": "*"
        }
    ],
    "Version": "1"
}

+++++++++++++++++++++++++++++++++
{
    "Statement": [
        {
            "Action": "ecs:*",
            "Effect": "Allow",
            "Resource": "*",
            "Condition": {
                "StringEquals": {
                    "ecs:tag/team": "wuhan"
                }
            }
        },
        {
            "Action": "ecs:DescribeTag*",
            "Effect": "Allow",
            "Resource": "*"
        },
        {
            "Action": [
                "vpc:DescribeVpcs",
                "vpc:DescribeVSwitches"
            ],
            "Resource": "*",
            "Effect": "Allow"
        }
    ],
    "Version": "1"
}
  • 君子仁爱:取之有道。刷新有惊喜,看头像。
  • 原创不易,转载注明出处和链接:https://acg.92ylq.com/anime/aliyun/
匿名

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: