All Products
Search
Document Center

Global Traffic Manager:Service-linked role

Last Updated:Oct 09, 2023

Overview

This topic describes the scenarios of the service-linked role for Global Traffic Manager (GTM) and how to delete the service-linked role. The service-linked role is named AliyunServiceRoleForGTM, which is a Resource Access Management (RAM) role.

Background information

GTM may need to access other cloud services to implement its own features. Alibaba Cloud provides the service-linked role that allows GTM to access other cloud services. For more information about service-linked roles, see Service-linked roles.

Scenarios

The alert group feature of GTM requires access to the cloud service resources of Cloud Monitor. GTM obtains permissions to access these resources by using its service-linked role. When you use this feature, the service-linked role is automatically created. You do not need to manually create the role.

Introduction

  • Role name: AliyunServiceRoleForGTM

  • Policy name: AliyunServiceRolePolicyForGTM

  • Permission description:

{
  "Version": "1",
  "Statement": [
    {
      "Action": [
        "cms:QueryContactGroup",
        "cms:QueryContact"
      ],
      "Resource": "*",
      "Effect": "Allow"
    }
  ]
}

Delete the service-linked role

If you need to delete the service-linked role AliyunServiceRoleForDAS for GTM, you must first delete all GTM instances.