Product | Role Name | Role Types | Role Entity |
---|---|---|---|
SSL Certification | SSL_QCSLinkedRoleInCertificateWaf | Service-Related Roles | certificatewaf.ssl.cloud.tencent.com |
SSL Certification | SSL_QCSLinkedRoleInCertificateDependence | Service-Related Roles | certificatedependence.ssl.cloud.tencent.com |
SSL Certification | SSL_QCSLinkedRoleInReplaceLoadCertificate | Service-Related Roles | replaceloadcertificate.ssl.cloud.tencent.com |
SSL Certification | SSL_QCSLinkedRoleInCertificateCloudMonitor | Service-Related Roles | certificatecloudmonitor.ssl.cloud.tencent.com |
SSL Certification | SSL_QCSLinkedRoleInDescribeDeployedResources | Service-Related Roles | describedeployedresources.ssl.cloud.tencent.com |
Use Cases: The current role is the SSL service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"action": [
"waf:DescribeSpartaProtectionList",
"waf:DescribeSpartaProtectionInfo",
"waf:DescribeUserInstances",
"waf:DescribeUserQPS",
"waf:DescribePeakPoints",
"waf:AddSpartaProtection",
"waf:DeleteSpartaProtection",
"waf:ModifySpartaProtection",
"waf:ModifyProtectionStatus",
"waf:DescribeDomains"
],
"resource": [
"*"
]
}
]
}
Use Cases: The current role is the SSL service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"statement": [
{
"action": [
"dnspod:CreateRecord",
"dnspod:DescribeDomain",
"dnspod:CreateDomain",
"dnspod:DescribeRecordList",
"dnspod:DeleteRecord",
"dnspod:DescribeDomain",
"dnspod:ModifyRecordStatus"
],
"effect": "allow",
"resource": "*"
}
],
"version": "2.0"
}
Use Cases: The current role is the SSL service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"action": [
"clb:ReplaceCertForLoadBalancers",
"waf:DescribeCertificatedDomain",
"waf:ModifyCertificatedDomain",
"live:DescribeLiveDomainsByCerts",
"live:ModifyLiveDomainCertBindings",
"antiddos:DescribeL7RulesBySSLCertId",
"antiddos:CreateL7RuleCerts",
"clb:DescribeLoadBalancerListByCertId",
"clb:DescribeLoadBalancers",
"clb:DescribeListeners",
"clb:ModifyListener",
"clb:ModifyDomainAttributes",
"clb:DescribeTaskStatus",
"cos:GetBucketDomain",
"cos:GetBucketDomainCertificate",
"cos:GetService",
"cos:PutBucketDomainCertificate",
"tke:DescribeClusters",
"tke:AcquireClusterAdminRole",
"tke:AcquireEKSClusterAdminRole",
"lighthouse:DescribeSupportHttpsInstances",
"lighthouse:InstallCertificate",
"lighthouse:DescribeInstallCertificateTasks",
"vod:DescribeVodDomainsByCertIds",
"vod:ModifyVodDomainCertBindings",
"vod:UpdateCertForVodDomains",
"clb:DescribeLoadBalancerCount",
"teo:ModifyHostsCertificateByHosts",
"teo:DescribeHostsByCertID",
"tcb:DescribeEnvs",
"tcb:DescribeCloudBaseGWService",
"tcb:DescribeHostingDomain",
"tcb:BindCloudBaseAccessDomain",
"tcb:CreateHostingDomain",
"tcb:ModifyCloudBaseAccessDomain",
"tcb:ModifyHostingDomain",
"tse:ModifyCloudNativeAPIGatewayCertificate",
"tse:DescribeCloudNativeAPIGatewayCertificates",
"tse:DescribeCloudNativeAPIGateways",
"cdn:DescribeCdnDomainsByCerts",
"cdn:UpdateDomainHttps",
"tcm:DescribeMeshList",
"tcm:DescribeIstioGatewayList",
"tcm:ModifyGatewayCert"
],
"resource": [
"*"
]
}
]
}
Use Cases: The current role is the SSL service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"resource": [
"*"
],
"action": [
"monitor:CreateAlarmPolicy",
"monitor:DeleteAlarmPolicy",
"monitor:DescribeAlarmPolicies",
"monitor:ModifyAlarmPolicyStatus",
"monitor:BindingPolicyObject",
"monitor:UnBindingPolicyObject",
"monitor:ModifyAlarmPolicyNotice",
"monitor:CreateAlarmNotice",
"monitor:DeleteAlarmNotices",
"monitor:ModifyAlarmNotice",
"monitor:DescribeAlarmNotices",
"monitor:UnBindingAllPolicyObject"
]
}
]
}
Use Cases: The current role is the SSL service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"action": [
"clb:ReplaceCertForLoadBalancers",
"waf:DescribeCertificatedDomain",
"waf:ModifyCertificatedDomain",
"live:DescribeLiveDomainsByCerts",
"live:ModifyLiveDomainCertBindings",
"antiddos:DescribeL7RulesBySSLCertId",
"antiddos:CreateL7RuleCerts",
"clb:DescribeLoadBalancerListByCertId",
"cdn:UpdateDomainsCertificate",
"teo:DescribeHostsByCertID",
"teo:ModifyHostsCertificateByHosts"
],
"resource": [
"*"
]
}
]
}
문제 해결에 도움이 되었나요?