腾讯云cvm服务器可授权的资源类型

腾讯云服务器 1年前 (2023-09-04) 浏览 66

资源级权限指的是能够指定用户对哪些资源具有执行操作的能力。云服务器(Cloud Virtual Machine,CVM)部分支持资源级权限,即表示针对支持资源级权限的 CVM 操作,控制何时允许用户执行操作或是允许用户使用的特定资源。例如,您 授权用户拥有广州地域的 CVM 操作权限
在访问管理(Cloud Access Management,CAM)中可授权的资源类型如下:

资源类型 授权策略中的资源描述方法
云服务器实例相关 qcs::cvm:$region::instance/*
云服务器密钥相关 qcs::cvm:$region::keypair/*
云服务器镜像相关 qcs::cvm:$region:$account:image/*

云服务器实例相关云服务器密钥相关云服务器镜像相关 分别介绍了当前支持资源级权限的 CVM API 操作,以及每个操作支持的资源和条件密钥。设置资源路径时,您需要将$region$account等变量参数修改为您实际的参数信息,同时您也可以在路径中使用 * 通配符。相关操作示例可参见 访问管理示例注意表中未列出的 CVM API 操作即表示该 CVM API 操作不支持资源级权限。针对不支持资源级权限的 CVM API 操作,您仍可以向用户授予使用该操作的权限,但是策略语句的资源元素必须指定为 *

云服务器实例相关

API 操作 资源路径 条件密钥
DescribeInstanceInternetBandwidthConfigs qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ModifyInstanceInternetChargeType qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ModifyInstancesAttribute qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ModifyInstancesProject qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ModifyInstancesRenewFlag qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
RebootInstances qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
RenewInstances qcs::cvm:$region:$account:instance/* qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ResetInstance qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceIdqcs::cvm:$region:$account:image/*qcs::cvm:$region:$account:image/$imageIdqcs::cvm:$region:$account:keypair/*qcs::cvm:$region:$account:keypair/$keyIdqcs::cvm:$region:$account:systemdisk/* cvm:regioncvm:zonecvm:instance_type
ResetInstancesInternetMaxBandwidth qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ResetInstancesPassword qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ResetInstancesType qcs::cvm:$region:$account:instance/* qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
ResizeInstanceDisks qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
RunInstances qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:image/*qcs::cvm:$region:$account:image/$imageIdqcs::cvm:$region:$account:keypair/*qcs::cvm:$region:$account:keypair/$keyIdqcs::cvm:$region:$account:sg/*qcs::cvm:$region:$account:sg/$sgIdqcs::vpc:$region:$account:subnet/* qcs::vpc:$region:$account:subnet/$subnetIdqcs::cvm:$region:$account:systemdisk/*qcs::cvm:$region:$account:datadisk/*qcs::vpc:$region:$account:vpc/* qcs::vpc:$region:$account:vpc/$vpcId cvm:regioncvm:zonecvm:instance_type
StartInstances qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
StopInstances qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type
TerminateInstances qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId cvm:regioncvm:zonecvm:instance_type

云服务器密钥相关

API 操作 资源路径 条件密钥
AssociateInstancesKeyPairs qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceIdqcs::cvm:$region:$account:keypair/*qcs::cvm:$region:$account:keypair/$keyId
CreateKeyPair qcs::cvm:$region:$account:keypair/*
DeleteKeyPairs qcs::cvm:$region:$account:keypair/*qcs::cvm:$region:$account:keypair/$keyId
DescribeKeyPairs qcs::cvm:$region:$account:keypair/*
DescribeKeyPairsAttribute qcs::cvm:$region:$account:keypair/* qcs::cvm:$region:$account:keypair/$keyId
DisassociateInstancesKeyPairs qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceIdqcs::cvm:$region:$account:keypair/*qcs::cvm:$region:$account:keypair/$keyId
ImportKeyPair qcs::cvm:$region:$account:keypair/*
ModifyKeyPairAttribute qcs::cvm:$region:$account:keypair/*qcs::cvm:$region:$account:keypair/$keyId

云服务器镜像相关

API 操作 资源路径 条件密钥
CreateImage qcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceIdqcs::cvm:$region:$account:image/* cvm:region
DeleteImages qcs::cvm:$region:$account:image/*qcs::cvm:$region:$account:image/$imageId cvm:region
DescribeImages qcs::cvm:$region:$account:image/* cvm:region
DescribeImagesAttribute qcs::cvm:$region:$account:image/* qcs::cvm:$region:$account:image/$imageId cvm:region
DescribeImageSharePermission qcs::cvm:$region:$account:image/* cvm:region
ModifyImageAttribute qcs::cvm:$region:$account:image/*qcs::cvm:$region:$account:image/$imageId cvm:region
ModifyImageSharePermission qcs::cvm:$region:$account:image/*qcs::cvm:$region:$account:image/$imageId cvm:region
SyncImages qcs::cvm:$region:$account:image/*qcs::cvm:$region:$account:image/$imageId cvm:region



- 0人点赞 -

相关推荐

发表点评 (0条)

not found

暂无评论,你要说点什么吗?