Cloud profiles with minimal permissions for CAL

Australia IT Operations Management

Release

australia

ft:locale

ja-JP

ft:publication_title

Australia IT Operations Management

ft:clusterId

itom

bundleId

itom

workflow

Technology

Cloud profiles with minimal permissions for Cloud Action Library actions and subflows

リリースバージョン: Australia

更新日 2026年03月12日

所要時間：2分

You need appropriate cloud permissions to execute the Cloud Action Library actions and subflows. Edit the cloud permissions profile JSON to suit the needs of your organization.

Amazon Web Services (AWS) profile with minimal permissions

{
	"Version": "2012-10-17",
	"Statement": [{
		"Sid": "VisualEditor0",
		"Effect": "Allow",
		"Action": [
			"iam:GenerateCredentialReport",
			"s3:GetEncryptionConfiguration",
			"ec2:DescribeInstances",
			"s3:ListBucketVersions",
			"ec2:DescribeRegions",
			"s3:ListBucket",
			"iam:GetCredentialReport",
			"iam:DeleteLoginProfile",
			"ec2:MonitorInstances",
			"iam:GetLoginProfile",
			"ec2:DescribeImages",
			"s3:PutEncryptionConfiguration",
			"ec2:StopInstances",
			"s3:GetBucketAcl"
		],
		"Resource": "*"
	}]
}

Microsoft Azure profile with minimal permissions

{
	"properties": {
		"roleName": "CCGAzureMinimalPermission",
		"description": "Grants access to scan compute resources from the Azure subscription",
		"assignableScopes": [
			"/subscriptions/${subscription_id}"
		],
		"permissions": [{
			"actions": [
				"Microsoft.ResourceGraph/resources/read",
				"Microsoft.Compute/virtualMachines/instanceView/read",
				"Microsoft.Compute/virtualMachines/*/powerOff"
			],
			"notActions": [],
			"dataActions": [],
			"notDataActions": []
		}]
	}
}