The service linked role for CloudMonitor, AliyunServiceRoleForCloudMonitor, is the Resource Access Management (RAM) role that authorizes CloudMonitor to access other Alibaba Cloud services in certain scenarios.
Note For more information, see Service linked roles.
Scenario
When CloudMonitor automatically installs the CloudMonitor agent on hosts, CloudMonitor uses the AliyunServiceRoleForCloudMonitor role to obtain the permission to use Cloud Assistant.
Role description
This section describes the details of the AliyunServiceRoleForCloudMonitor role.
- Name: AliyunServiceRoleForCloudMonitor
- Policy attached to the role: AliyunServiceRolePolicyForCloudMonitor
- Policy description: grants CloudMonitor the permissions to use Cloud Assistant to
view status, run commands, and view command output on all instances of the current
account.
{ "Version": "1", "Statement": [ { "Effect": "Allow", "Action": [ "ecs:RunCommand", "ecs:DescribeInvocations", "ecs:DescribeCloudAssistantStatus" ], "Resource": [ "acs:ecs:*:*:instance/*", "acs:ecs:*:*:command/*" ] } ] }
Delete the AliyunServiceRoleForCloudMonitor role
To delete the AliyunServiceRoleForCloudMonitor role, perform the following steps: