AliyunNASReadOnlyAccess is a service system policy that is managed by Alibaba Cloud. You can attach the AliyunNASReadOnlyAccess policy to a Resource Access Management (RAM) identity, such as a RAM user, RAM user group, and RAM role. The AliyunNASReadOnlyAccess policy: Provides read-only access to Network Attached Storage via Management Console.
Policy details
Type: service system policy
Creation time: 03:34:14 on March 29, 2016
Update time: 16:48:07 on April 27, 2017
Current version: v1
Policy content
{
"Version": "1",
"Statement": [
{
"Action": [
"nas:Describe*",
"nas:Get*",
"nas:List*"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "bssapi:QueryResourcePackageInstances",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "cms:QueryMetricList",
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"vpc:DescribeVpcs",
"vpc:DescribeVSwitches"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": [
"kms:ListAliasesByKeyId",
"kms:ListKeys"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Action": "ram:GetRole",
"Resource": [
"acs:ram:*:*:role/aliyunservicerolefornasstandard",
"acs:ram:*:*:role/aliyunservicerolefornasextreme",
"acs:ram:*:*:role/aliyunservicerolefornasencryption",
"acs:ram:*:*:role/aliyunservicerolefornaslogdelivery",
"acs:ram:*:*:role/aliyunservicerolefornasecshandler",
"acs:ram:*:*:role/aliyunservicerolefornascpfsnetwork",
"acs:ram:*:*:role/aliyunservicerolefornascpfsclient",
"acs:ram:*:*:role/aliyunservicerolefornasossdataflow",
"acs:ram:*:*:role/aliyunservicerolefornaseventnotification",
"acs:ram:*:*:role/aliyunnastieringrole",
"acs:ram:*:*:role/aliyunnasencryptdefaultrole",
"acs:ram:*:*:role/aliyunnasdefaultrole",
"acs:ram:*:*:role/aliyunnaslogarchiverole",
"acs:ram:*:*:role/aliyunnasmanageenirole"
],
"Effect": "Allow"
}
]
}