大数据统一存储 CloudFS
对象存储
费用中心控制台
费用中心
文件存储 vePFS
云服务器
弹性块存储
访问控制
私有网络
大数据研发治理套件
数据库工作台
云监控
云数据库MySQL 版
EMR-Serverless | 策略名:ServiceRolePolicyForEMR {
"Statement": [
{
"Effect": "Allow",
"Action": [
"ecs:CreateInstances",
"ecs:CreateScheduledInstances",
"ecs:DescribeScheduledInstances",
"ecs:DeleteScheduledInstance",
"ecs:DescribeAvailableResource",
"ecs:RunInstances",
"ecs:DescribeInstances",
"ecs:StartInstance",
"ecs:StopInstance",
"ecs:DeleteInstance",
"ecs:DeleteInstances",
"ecs:BindAssumeRole",
"ecs:AssociateInstancesIamRole",
"ecs:UnbindAssumeRole",
"ecs:ListAssumeRoles",
"ecs:ModifyInstanceChargeType",
"ecs:DescribeInstanceTypes",
"ecs:ModifyInstanceAttribute",
"ecs:ReplaceSystemVolume",
"ecs:CreateTags",
"ecs:DeleteTags",
"ecs:CreateDeploymentSet",
"ecs:DescribeDeploymentSets",
"ecs:DescribeDeploymentSetSupportedInstanceTypeFamily",
"ecs:DeleteDeploymentSet",
"ecs:DescribeSystemEvents",
"ecs:ModifyInstanceSpec",
"ecs:DescribeZones",
"ecs:DescribeImages",
"ecs:ModifySystemEventDefaultAction",
"ecs:GetScheduledInstanceLatestReleaseAt"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"storage_ebs:ServiceCreateVolumePreorder",
"storage_ebs:ServiceExtendVolumePreorder",
"storage_ebs:ServiceTerminateVolumePreorder",
"storage_ebs:ListVolumeTypes",
"storage_ebs:DescribeVolumes",
"storage_ebs:InnerCreateTags",
"storage_ebs:DeleteTags",
"storage_ebs:ServiceDescribeQuotaInfos",
"storage_ebs:DescribeVolumeType"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"Volc_Observe:ListAlertGroup",
"Volc_Observe:GetMetricData",
"Volc_Observe:ListEvents"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"vpc:AllocateEipAddress",
"vpc:AssociateEipAddress",
"vpc:CreateVpc",
"vpc:CreateSubnet",
"vpc:CreateSecurityGroup",
"vpc:ConvertEipAddressBillingType",
"vpc:DescribeEipAddresses",
"vpc:DescribeSecurityGroupAttributes",
"vpc:DescribeVpcAttributes",
"vpc:DescribeSubnetAttributes",
"vpc:ReleaseEipAddress",
"vpc:DisassociateEipAddress",
"vpc:InnerCreateEipAddressPreOrder",
"vpc:InnerConvertEipAddressBillingTypePreOrder",
"vpc:CreateHaVip",
"vpc:ModifyHaVipAttributes",
"vpc:DeleteHaVip",
"vpc:AssociateHaVip",
"vpc:DisassociateHaVip",
"vpc:DescribeHaVips",
"vpc:AuthorizeSecurityGroupIngress",
"vpc:RevokeSecurityGroupIngress",
"vpc:DescribeSecurityGroupAttribute",
"vpc:TagResources",
"vpc:UntagResources",
"vpc:DescribeVpcs",
"vpc:DescribeSubnets",
"vpc:DescribeSecurityGroups",
"vpc:RemoveBandwidthPackageIp",
"vpc:ModifyNetworkInterfaceAttributes"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:GetUser",
"iam:ListUsers",
"iam:GetGroup",
"iam:ListGroups",
"iam:GetRole",
"iam:ListRoles",
"iam:GetPolicy",
"iam:ListPolicies",
"iam:ListProjects",
"iam:ListProjectResources",
"iam:ListProjectIdentities",
"iam:MoveProjectResource",
"iam:CreateRole",
"iam:ListAttachedRolePolicies",
"iam:CreateServiceLinkedRole",
"iam:AttachRolePolicy",
"iam:CreatePolicy",
"iam:DeleteRole",
"iam:DeletePolicy",
"iam:UpdatePolicy"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"dataleap:StudioReleaseEngine"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"rds_mysql:DescribeDBInstanceConnection",
"rds_mysql:CreateDatabase",
"rds_mysql:GrantAccountPrivilege",
"rds_mysql:CreateAccount",
"rds_mysql:ListAccounts",
"rds_mysql:ListDatabases",
"rds_mysql:CreateDBInstanceIPList",
"rds_mysql:ModifyDBInstanceIPList",
"rds_mysql:DeleteDBInstanceIPList",
"rds_mysql:ModifyInstanceParams",
"rds_mysql:ListDBInstances",
"rds_mysql:ListDBInstanceIPLists",
"rds_mysql:DescribeDBInstance",
"rds_mysql:DescribeDBInstanceDetail",
"rds_mysql:DeleteDatabase",
"rds_mysql:DeleteAccount",
"rds_mysql:CreateAllowList",
"rds_mysql:DescribeAllowLists",
"rds_mysql:DescribeAllowListDetail",
"rds_mysql:ModifyAllowList",
"rds_mysql:AssociateAllowList",
"rds_mysql:DisassociateAllowList",
"rds_mysql:DeleteAllowList",
"rds_mysql:UpgradeAllowListVersion",
"rds_mysql:DescribeDBInstances",
"rds_mysql:ModifyDBInstanceParameters",
"rds_mysql:GrantDatabasePrivilege",
"rds_mysql:CreateDBAccount"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"cfs:ListFs"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"dbw:DataConnectInstance",
"dbw:DataCloseSession"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"tos:ListBucket",
"tos:ListBuckets",
"tos:GetBucketTagging",
"tos:PutBucketTagging",
"tos:ListObjectsV2",
"tos:ListObjects",
"tos:GetObject",
"tos:GetObjectVersion",
"tos:ListAccessPoints"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"emr_serverless:GetQueue",
"emr_serverless:ListTagQueue",
"emr_serverless:ListJob",
"emr_serverless:QueryGetJobV2",
"emr_serverless:QueryGetJob",
"emr_serverless:QueryGetResultUrl",
"emr_serverless:QueryFetchDriverLog",
"emr_serverless:QueryFetchSubmitLog",
"emr_serverless:QueryCreateQuery",
"emr_serverless:CreateQueryThruAssumeRole",
"emr_serverless:QueryGetTrackingURL",
"emr_serverless:QueryCheckJobStatus",
"emr_serverless:QueryAnalyzeQueryV2",
"emr_serverless:QueryCancelQueryV2"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"bill_volcano_engine:ListPreOrder"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"billing:SetRenewalType",
"billing:UnsubscribeInstance",
"billing:ListAvailableInstances"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"vepfs:DescribeMountServices"
],
"Resource": [
"*"
]
}
]
}
|
E-MapReduce
文档反馈
问问助手