- 动态与公告
- 新手指引
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 实践教程
- 运维指南
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- Instance APIs
- RenewInstances
- DescribeInstanceVncUrl
- DescribeInstancesDeniedActions
- DescribeInstancesDiskNum
- DescribeInstancesReturnable
- DescribeInstancesTrafficPackages
- DescribeModifyInstanceBundles
- DescribeResetInstanceBlueprints
- IsolateInstances
- ModifyInstancesBundle
- RebootInstances
- ResetInstance
- ResetInstancesPassword
- StartInstances
- StopInstances
- ModifyInstancesAttribute
- ModifyInstancesRenewFlag
- CreateInstances
- DescribeInstances
- TerminateInstances
- CBS APIs
- Snapshot APIs
- Key APIs
- CCN APIs
- Image APIs
- Firewall APIs
- Scene APIs
- Package APIs
- Quota APIs
- Region APIs
- Other APIs
- Data Types
- Error Codes
- 常见问题
- 联系我们
- lighthouse 政策
- 动态与公告
- 新手指引
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 实践教程
- 运维指南
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- Instance APIs
- RenewInstances
- DescribeInstanceVncUrl
- DescribeInstancesDeniedActions
- DescribeInstancesDiskNum
- DescribeInstancesReturnable
- DescribeInstancesTrafficPackages
- DescribeModifyInstanceBundles
- DescribeResetInstanceBlueprints
- IsolateInstances
- ModifyInstancesBundle
- RebootInstances
- ResetInstance
- ResetInstancesPassword
- StartInstances
- StopInstances
- ModifyInstancesAttribute
- ModifyInstancesRenewFlag
- CreateInstances
- DescribeInstances
- TerminateInstances
- CBS APIs
- Snapshot APIs
- Key APIs
- CCN APIs
- Image APIs
- Firewall APIs
- Scene APIs
- Package APIs
- Quota APIs
- Region APIs
- Other APIs
- Data Types
- Error Codes
- 常见问题
- 联系我们
- lighthouse 政策
资源级权限指的是能够指定用户对哪些资源具有执行操作的能力。例如,您可授权用户拥有广州地域的轻量应用服务器操作权限。
在访问管理 CAM 中轻量应用服务器可授权的资源类型如下:
资源类型 | 授权策略中的资源描述方法 |
实例相关 | qcs::lighthouse:$region:$account:instance/* |
镜像相关 | qcs::lighthouse:$region:$account:blueprint/* |
快照相关 | qcs::lighthouse:$region:$account:snapshot/* |
密钥相关 | qcs::lighthouse:$region:$account:keypair/* |
下表中列出了当前支持资源级权限的轻量应用服务器的 API 操作,以及每个操作支持的资源和条件密钥。设置资源路径时,您需要将
$region、$account 等变量参数修改为您实际的参数信息,同时您也可以在路径中使用 * 通配符。
访问管理策略中的 region、action、account、resource 等相关概念请参见 资源描述方式。注意:
表中未列出的轻量应用服务器 API 操作即表示该 API 操作不支持资源级权限。针对不支持资源级权限的 API 操作,您仍可以向用户授予使用该操作的权限,但是策略语句的资源元素必须指定为
*。实例相关
API 接口:action | 资源路径:resource |
ModifyInstancesBundle | qcs::lighthouse:$region:$account:instance/$instanceId |
RenewInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
IsolateInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
ModifyInstancesAttribute | qcs::lighthouse:$region:$account:instance/$instanceId |
ModifyInstancesRenewFlag | qcs::lighthouse:$region:$account:instance/$instanceId |
RebootInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
ResetInstance | qcs::lighthouse:$region:$account:instance/$instanceId |
ResetInstancesPassword | qcs::lighthouse:$region:$account:instance/$instanceId |
StartInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
StopInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
TerminateInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
DescribeInstancesDeniedActions | qcs::lighthouse:$region:$account:instance/$instanceId |
DescribeInstancesReturnable | qcs::lighthouse:$region:$account:instance/$instanceId |
DescribeInstancesTrafficPackages | qcs::lighthouse:$region:$account:instance/$instanceId |
DescribeInstanceVncUrl | qcs::lighthouse:$region:$account:instance/$instanceId |
DescribeResetInstanceBlueprints | qcs::lighthouse:$region:$account:instance/$instanceId |
快照相关
API 接口:action | 资源路径:resource |
CreateInstanceSnapshot | qcs::lighthouse:$region:$account:instance/$instanceIdqcs::lighthouse:$region:$account:snapshot/* |
DeleteSnapshots | qcs::lighthouse:$region:$account:snapshot/$snapshotId |
ApplyInstanceSnapshot | qcs::lighthouse:$region:$account:instance/$instanceIdqcs::lighthouse:$region:$account:snapshot/$snapshotId |
DescribeSnapshotsDeniedActions | qcs::lighthouse:$region:$account:snapshot/$snapshotId |
ModifySnapshotAttribute | qcs::lighthouse:$region:$account:snapshot/$snapshotId |
防火墙相关
API 接口:action | 资源路径:resource |
CreateFirewallRules | qcs::lighthouse:$region:$account:instance/$instanceId |
DeleteFirewallRules | qcs::lighthouse:$region:$account:instance/$instanceId |
DescribeFirewallRules | qcs::lighthouse:$region:$account:instance/$instanceId |
ModifyFirewallRules | qcs::lighthouse:$region:$account:instance/$instanceId |
ModifyFirewallRuleDescription | qcs::lighthouse:$region:$account:instance/$instanceId |
密钥相关
API 接口:action | 资源路径:resource |
DeleteKeyPairs | qcs::lighthouse:$region:$account:keypair/$keypairId |
AssociateInstancesKeyPairs | qcs::lighthouse:$region:$account:instance/$instanceIdqcs::lighthouse:$region:$account:keypair/$keypairId |
DescribeInstanceLoginKeyPairAttribute | qcs::lighthouse:$region:$account:instance/$instanceId |
DisassociateInstancesKeyPairs | qcs::lighthouse:$region:$account:instance/$instanceIdqcs::lighthouse:$region:$account:keypair/$keypairId |
ModifyInstancesLoginKeyPairAttribute | qcs::lighthouse:$region:$account:instance/$instanceId |
镜像相关
API 接口:action | 资源路径:resource |
CreateBlueprint | qcs::lighthouse:$region:$account:instance/$instanceIdqcs::lighthouse:$region:$account:blueprint/* |
DeleteBlueprints | qcs::lighthouse:$region:$account:blueprint/$blueprintId |
DescribeBlueprintInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
ModifyBlueprintAttribute | qcs::lighthouse:$region:$account:blueprint/$blueprintId |
套餐相关
API 接口:action | 资源路径:resource |
DescribeModifyInstanceBundles | qcs::lighthouse:$region:$account:instance/$instanceId |
计费相关
API 接口:action | 资源路径:resource |
InquirePriceRenewInstances | qcs::lighthouse:$region:$account:instance/$instanceId |
是
否
本页内容是否解决了您的问题?