AliyunKMSSecretUserAccess - Resource Access Management - Alibaba Cloud ドキュメントセンター

AliyunKMSSecretUserAccess is a service system policy that is managed by Alibaba Cloud. You can attach the AliyunKMSSecretUserAccess policy to a Resource Access Management (RAM) identity, such as a RAM user, RAM user group, and RAM role. The AliyunKMSSecretUserAccess policy: Provides access to retrieve the secrets in KMS.

Policy details

Type: service system policy
Creation time: 14:41:59 on March 04, 2020
Update time: 14:41:59 on March 04, 2020
Current version: v1

Policy content

{
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "kms:GetSecretValue"
      ],
      "Resource": "*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "kms:DescribeSecret",
        "kms:ListSecretVersionIds"
      ],
      "Resource": "*"
    }
  ],
  "Version": "1"
}

References

Policy elements
Grant permissions to a RAM user
Grant permissions to a RAM user group
Grant permissions to a RAM role