All Products
Search

This Product

    Resource Access Management:AliyunServiceRolePolicyForAsrdr

    Document Center

    Resource Access Management:AliyunServiceRolePolicyForAsrdr

    Last Updated:Aug 05, 2025

    AliyunServiceRolePolicyForAsrdr is the authorization policy dedicated to a service-linked role. The policy is automatically attached to a service role when the service role is created. Then, the service-linked role is authorized to access other cloud services. This policy is updated by the relevant Alibaba Cloud service. Do not attach this policy to a RAM identity other than a service-linked role.

    Policy details

    • Type: service system policy

    • Creation time: 10:07:34 on April 14, 2025

    • Update time: 03:35:21 on August 05, 2025

    • Current version: v3

    Policy content

    {
  "Version": "1",
  "Statement": [
    {
      "Action": [
        "asr:AckMessage",
        "asr:Activate",
        "asr:ChangeResourceGroup",
        "asr:ConsumeMessage",
        "asr:CreateCloudInstance",
        "asr:CreateDrGroup",
        "asr:CreateProtectGroup",
        "asr:CreateRecoveryPlan",
        "asr:CreateRecoveryTask",
        "asr:CreateRuntimeData",
        "asr:CreateSubscribe",
        "asr:DeleteCloudInstance",
        "asr:DeleteCloudInstanceRegionConfig",
        "asr:DeleteDrGroup",
        "asr:DeleteProtectGroup",
        "asr:DeleteRecoveryPlan",
        "asr:DeleteRecoveryTask",
        "asr:GetAccountState",
        "asr:GetCloudInstance",
        "asr:GetCloudInstanceRegion",
        "asr:GetCloudInstanceRegionConfig",
        "asr:GetDrGroup",
        "asr:GetProtectGroup",
        "asr:GetRecoveryPlan",
        "asr:GetRecoveryPlanSnapshot",
        "asr:GetRecoveryTask",
        "asr:KeepClientAlive",
        "asr:ListAvailableRegions",
        "asr:ListCloudInstanceRegionConfigs",
        "asr:ListCloudInstanceRegions",
        "asr:ListCloudInstances",
        "asr:ListDrGroups",
        "asr:ListProtectGroups",
        "asr:ListRecoveryPlans",
        "asr:ListRecoveryTasks",
        "asr:ListRemoteCloudInstances",
        "asr:ListResourceSyncOperationLogs",
        "asr:ListTagResources",
        "asr:ProduceMessage",
        "asr:ProtectGroupCtl",
        "asr:RecoveryTaskCtl",
        "asr:RetryResourceSyncOperationLog",
        "asr:StopRetryResourceSyncOperationLog",
        "asr:TagResources",
        "asr:UntagResources",
        "asr:UpdateCloudInstance",
        "asr:UpdateCloudInstanceRegionConfig",
        "asr:UpdateDrGroup",
        "asr:UpdateProtectGroup",
        "asr:UpdateRecoveryPlan"
      ],
      "Resource": "*",
      "Effect": "Allow"
    },
    {
      "Action": "ram:DeleteServiceLinkedRole",
      "Resource": "*",
      "Effect": "Allow",
      "Condition": {
        "StringEquals": {
          "ram:ServiceName": "asrdr.aliyuncs.com"
        }
      }
    }
  ]
}

    References