AliyunServiceRoleForIoTRuleengineLindorm service-linked role

Updated at:
Copy as MD

The AliyunServiceRoleForIoTRuleengineLindorm service-linked role grants IoT Platform the permissions to access Lindorm for data forwarding. This topic also explains how to delete the role.

Background Information

For more information, see Service-linked roles.

Description

You can forward device data to a specified table of a Lindorm instance. To use this feature, you must grant IoT Platform the permissions to access Lindorm.

IoT Platform automatically creates service-linked roles. When you configure a data forwarding rule to forward data to Lindorm, you can authorize IoT Platform to access Lindorm. After the authorization is complete, the AliyunServiceRoleForIoTRuleengineLindorm service-linked role is automatically created. For more information, see Forward data to Lindorm.

Role name:

AliyunServiceRoleForIoTRuleengineLindorm

Role policy:

AliyunServiceRolePolicyForIoTRuleengineLindorm

Policy document:

{
    "Version": "1",
    "Statement": [{
            "Action": [
                "lindorm:GetLindormInstanceList",
                "lindorm:GetLindormInstance",
                "lindorm:GetLindormInstanceEngineList",
                "lindorm:GetInstanceIpWhiteList",
                "lindorm:UpdateInstanceIpWhiteList"
            ],
            "Resource": "*",
            "Effect": "Allow"
        },
        {
            "Action": "ram:DeleteServiceLinkedRole",
            "Resource": "*",
            "Effect": "Allow",
            "Condition": {
                "StringEquals": {
                "ram:ServiceName": "ruleengine-lindorm.iot.aliyuncs.com"
                }
            }
        }
    ]
}

Delete the role

If you no longer need the AliyunServiceRoleForIoTRuleengineLindorm service-linked role, delete it by performing the following steps.

  1. On the Data Destination tab of the Data Forwarding page, delete data destinations whose Operation is set to Store Data to ApsaraDB for Lindorm in sequence.

  2. Delete the role. For more information, see Delete a service-linked role.