SCF_QcsRole
产品服务-scf.qcloud.com
QcloudAccessForScfRole
策略,具备以下功能:SCF_QcsRole
角色用于授予 SCF 在配置过程中读取和操作用户资源的权限。如果您在管理函数(如使用命令行工具或 VS Code 插件更新函数代码)时,收到相应无角色或无权限报错,则需要配置 SCF_QcsRole
角色。SCF_QcsRole
。如下图所示:
QcloudSCFFullAccess
和 QcloudSCFReadOnlyAccess
完成修改,针对配置角色 SCF_QcsRole
添加了 QcloudAccessForScfRole
策略。详情如下:{"version":"2.0","statement":[{"action":["scf:*","tag:*","cam:DescribeRoleList","cam:GetRole","cam:ListAttachedRolePolicies","apigw:DescribeServicesStatus","apigw:DescribeService","apigw:DescribeApisStatus","cmqtopic:ListTopicDetail","cmqqueue:ListQueueDetail","cmqtopic:GetSubscriptionAttributes","cmqtopic:GetTopicAttributes","cos:GetService","cos:HeadBucket","cos:HeadObject","vpc:DescribeVpcEx","vpc:DescribeSubnetEx","cls:getTopic","cls:getLogset","cls:listLogset","cls:listTopic","ckafka:List*","ckafka:Describe*","monitor:GetMonitorData","monitor:DescribeBasicAlarmList","monitor:DescribeBaseMetrics","monitor:DescribeSortObjectList","monitor:DescribePolicyConditionList","cdb:DescribeDBInstances"],"resource":"*","effect":"allow"}]}
{"version": "2.0","statement": [{"action": ["scf:Get*","scf:List*","ckafka:List*","ckafka:Describe*","monitor:GetMonitorData","monitor:DescribeBasicAlarmList","monitor:DescribeBaseMetrics","monitor:DescribeSortObjectList","cam:GetRole","cam:ListAttachedRolePolicies","vpc:DescribeVpcEx","vpc:DescribeSubnetEx","cls:getLogset","cls:getTopic","cls:listTopic","apigw:DescribeService","cmqtopic:GetTopicAttributes","cmqtopic:GetSubscriptionAttributes","cos:HeadBucket","cos:GetService","cos:GetObject"],"resource": "*","effect": "allow"}]}
{"version": "2.0","statement": [{"action": ["ckafka:List*","ckafka:Describe*","ckafka:AddRoute","ckafka:CreateRoute","apigw:ReleaseService","apigw:CreateService","apigw:CreateApi","apigw:DeleteApi","cls:*","cos:List*","cos:Get*","cos:Head*","cos:PutBucket","cos:OptionsObject","cmqqueue:*","cmqtopic:*"],"resource": "*","effect": "allow"}]}
本页内容是否解决了您的问题?