弹性云服务器 ecs-j9九游会登录
操作(action)
- “资源类型”列指每个操作是否支持资源级权限。
关于ecs定义的资源类型的详细信息请参见#iam_11_0007/zh-cn_topic_0000002369808774_zh-cn_topic_0000001571869865_zh-cn_topic_0000001492517298_section37181412519。
- “条件键”列包括了可以在身份策略语句的condition元素中支持指定的键值。
关于ecs定义的条件键的详细信息请参见条件(condition)。
|
授权项 |
描述 |
访问级别 |
资源类型(*为必须) |
条件键 |
别名 |
|---|---|---|---|---|---|
|
ecs:cloudservers:createservers |
授予创建ecs云服务器的权限。 |
write |
- |
ecs:cloudservers:create |
|
|
ecs:cloudservers:deleteservers |
授予删除ecs云服务器的权限。 |
write |
instance * |
- |
ecs:cloudservers:delete |
|
ecs:cloudservers:resize |
授予变更云服务器规格的权限。 |
write |
instance * |
- |
|
|
ecs:cloudservers:attachsharedvolume |
授予批量挂载指定共享盘的权限。 |
write |
instance * |
|
- |
|
ecs:cloudservers:showserver |
授予查询云服务器详情的权限。 |
read |
instance * |
ecs:cloudservers:get |
|
|
ecs:cloudservers:attach |
授予云服务器挂载磁盘的权限。 |
write |
instance * |
|
- |
|
ecs:cloudservers:showserverblockdevice |
授予查询弹性云服务器单个磁盘信息的权限。 |
read |
instance * |
- |
ecs:cloudservers:get |
|
ecs:cloudservers:updateserverblockdevice |
授予修改云服务器挂载的单个磁盘信息的权限。 |
write |
instance * |
- |
ecs:cloudservers:put |
|
ecs:cloudservers:changeos |
授予切换弹性云服务器操作系统的权限。 |
write |
instance * |
- |
|
|
ecs:cloudservers:detachvolume |
授予弹性云服务器卸载磁盘的权限。 |
write |
instance * |
- |
|
|
ecs:cloudservers:updatemetadata |
授予更新云服务器元数据的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:deletemetadata |
授予删除云服务器指定元数据的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:migrate |
授予冷迁移云服务器的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:listserverinterfaces |
授予查询云服务器网卡信息的权限。 |
list |
instance * |
- |
ecs:cloudservers:get |
|
ecs:cloudservers:showresetpasswordflag |
授予查询是否支持一键重置密码的权限。 |
read |
instance * |
- |
ecs:cloudservers:get |
|
ecs:cloudservers:showserverpassword |
授予云服务器获取密码的权限。 |
read |
instance * |
- |
ecs:cloudservers:get |
|
ecs:cloudservers:deletepassword |
授予云服务器清除密码的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:listservervolumeattachments |
授予查询弹性云服务器挂载磁盘信息的权限。 |
list |
instance * |
- |
ecs:cloudservers:get |
|
ecs:cloudservers:rebuild |
授予重装弹性云服务器操作系统的权限。 |
write |
instance * |
|
- |
|
ecs:cloudservers:vnc |
授予获取vnc远程登录地址的权限。 |
read |
instance * |
- |
- |
|
ecs:cloudservers:updateserver |
授予修改弹性云服务器的权限。 |
write |
instance * |
- |
ecs:cloudservers:put |
|
ecs:cloudservers:setautoterminatetime |
授予设置弹性云服务器自动销毁时间的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:addnics |
授予批量添加云服务器网卡的权限。 |
write |
instance * |
- |
|
|
ecs:cloudservernics:delete |
授予批量删除云服务器网卡的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:showservertags |
授予查询云服务器标签的权限。 |
list |
instance * |
- |
ecs:cloudservers:get |
|
ecs:cloudservers:batchcreateservertags |
授予批量添加云服务器标签的权限。 |
write |
instance * |
|
|
|
ecs:cloudservers:batchdeleteservertags |
授予批量删除云服务器标签的权限。 |
write |
instance * |
|
|
|
ecs:cloudservers:start |
授予批量启动云服务器的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:stop |
授予批量关闭云服务器的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:reboot |
授予批量重启云服务器的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:batchupdateserversname |
授予批量修改弹性云服务器信息的权限。 |
write |
instance * |
- |
ecs:cloudservers:put |
|
ecs:cloudservers:listserversdetails |
授予查询云服务器详情列表的权限。 |
list |
- |
ecs:cloudservers:list |
|
|
ecs:cloudserverflavors:get |
授予查询云服务器规格详情和扩展信息列表的权限。 |
read |
- |
- |
- |
|
ecs:cloudserverquotas:get |
授予查询租户配额的权限。 |
read |
- |
- |
- |
|
ecs:cloudservers:updateserverinterface |
授予更新云服务器网卡挂载信息的权限。 |
write |
instance * |
- |
ecs:cloudservernics:update |
|
ecs:cloudservers:resetserverpwd |
授予一键重置弹性云服务器密码的权限。 |
write |
instance * |
- |
|
|
ecs:cloudservers:listservergroups |
授予查询云服务器组列表的权限。 |
list |
- |
- |
ecs:cloudservers:list |
|
ecs:cloudservers:createservergroup |
授予创建云服务器组的权限。 |
write |
- |
- |
ecs:cloudservers:create |
|
ecs:cloudservers:showservergroup |
授予查询云服务器组详情的权限。 |
read |
- |
- |
ecs:cloudservers:get |
|
ecs:cloudservers:deleteservergroup |
授予删除云服务器组的权限。 |
write |
- |
- |
ecs:cloudservers:delete |
|
ecs:cloudservers:addservergroupmember |
授予添加云服务器组成员的权限。 |
write |
- |
- |
ecs:cloudservers:create |
|
ecs:cloudservers:deleteservergroupmember |
授予删除云服务器组成员的权限。 |
write |
- |
- |
ecs:cloudservers:delete |
|
ecs:cloudservers:listserversbytag |
授予按标签查询云服务器列表的权限。 |
list |
- |
- |
ecs:cloudservers:list |
|
ecs:cloudservers:listresizeflavors |
授予查询云服务器规格变更支持列表的权限。 |
list |
- |
- |
ecs:cloudservers:list |
|
ecs:cloudservers:listservertags |
授予查询项目标签的权限。 |
list |
- |
- |
ecs:cloudservers:list |
|
ecs:cloudservers:changevpc |
授予切换云服务器的vpc的权限。 |
write |
instance * |
- |
|
|
ecs:cloudservers:changechargemode |
授予变更云服务器计费方式的权限。 |
write |
instance * |
- |
- |
|
ecs:instancescheduledevents:list |
授予查询计划事件列表的权限。 |
list |
- |
- |
- |
|
ecs:instancescheduledevents:accept |
授予接受并授权执行计划事件操作的权限。 |
write |
- |
- |
- |
|
ecs:instancescheduledevents:update |
授予更新计划事件操作的权限。 |
write |
- |
- |
- |
|
ecs:launchtemplateversions:list |
授予查询模板版本列表的权限。 |
list |
- |
- |
- |
|
ecs:launchtemplates:list |
授予查询模板列表的权限。 |
list |
- |
- |
- |
|
ecs:launchtemplates:delete |
授予删除模板的权限。 |
write |
- |
- |
- |
|
ecs:launchtemplates:create |
授予创建模板的权限。 |
write |
- |
- |
- |
|
ecs:cloudservers:redeploy |
授予重部署云服务器的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:getautorecovery |
授予查询虚拟机是否配置了自动恢复的权限。 |
read |
instance * |
- |
- |
|
ecs:cloudservers:setautorecovery |
授予配置虚拟机自动恢复的权限。 |
write |
instance * |
- |
- |
|
ecs:cloudservers:triggercrashdump |
授予触发故障转储的权限。 |
write |
instance * |
- |
- |
|
ecs:recyclebin:updatepolicy |
授予更新回收站策略的权限。 |
write |
- |
- |
- |
|
ecs:recyclebin:update |
授予更新回收站配置的权限。 |
write |
- |
- |
- |
|
ecs:recyclebin:get |
授予查询回收站配置的权限。 |
read |
- |
- |
- |
|
ecs:recyclebin:listservers |
授予查询回收站中云服务器列表的权限。 |
list |
- |
- |
- |
|
ecs:recyclebin:revertserver |
授予恢复回收站中云服务器的权限。 |
write |
- |
- |
- |
|
ecs:recyclebin:deleteserver |
授予删除回收站中云服务器的权限。 |
write |
- |
- |
- |
|
ecs:metrics:use |
授予通过原生接口注册云服务器监控的权限。 |
write |
- |
- |
|
|
ecs:limits:manage |
授予通过原生接口查询租户配额限制的权限。 |
write |
- |
- |
|
|
ecs:cloudservers:showmetadataoptions |
授予获取云服务器元数据配置的权限 |
read |
- |
- |
|
|
ecs:cloudservers:updatemetadataoptions |
授予更新云服务器元数据配置的权限 |
write |
- |
- |
|
|
ecs:cloudservers:changenetworkinterface |
授予更新云服务器指定网卡属性的权限 |
write |
instance * |
- |
ecs的api通常对应着一个或多个授权项。表2展示了api与授权项的关系,以及该api需要依赖的授权项。
|
api |
对应的授权项 |
依赖的授权项 |
|---|---|---|
|
post /v1.1/{project_id}/cloudservers |
ecs:cloudservers:createservers |
|
|
post /v1/{project_id}/cloudservers |
ecs:cloudservers:createservers |
|
|
post /v1/{project_id}/cloudservers/delete |
ecs:cloudservers:deleteservers |
- |
|
post /v1.1/{project_id}/cloudservers/{server_id}/resize |
ecs:cloudservers:resize |
- |
|
post /v1/{project_id}/batchaction/attachvolumes/{volume_id} |
ecs:cloudservers:attachsharedvolume |
evs:volumes:use |
|
get /v1/{project_id}/cloudservers/{server_id} |
ecs:cloudservers:showserver |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/os-interface_extension |
ecs:cloudservers:showserver |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/appendvolumequota |
ecs:cloudservers:showserver |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/attachvolume |
ecs:cloudservers:attach |
evs:volumes:use |
|
get /v1/{project_id}/cloudservers/{server_id}/block_device |
ecs:cloudservers:listserverblockdevices |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/block_device/{volume_id} |
ecs:cloudservers:showserverblockdevice |
- |
|
put /v1/{project_id}/cloudservers/{server_id}/block_device/{volume_id} |
ecs:cloudservers:updateserverblockdevice |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/changeos |
ecs:cloudservers:changeos |
- |
|
delete /v1/{project_id}/cloudservers/{server_id}/detachvolume/{volume_id} |
ecs:cloudservers:detachvolume |
- |
|
post /v1/{project_id}/batchaction/detachvolumes/{volume_id} |
ecs:cloudservers:detachvolume |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/metadata |
ecs:cloudservers:updatemetadata |
iam:agencies:pass |
|
delete /v1/{project_id}/cloudservers/{server_id}/metadata/{key} |
ecs:cloudservers:deletemetadata |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/migrate |
ecs:cloudservers:migrate |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/os-interface |
ecs:cloudservers:listserverinterfaces |
- |
|
put /v1/{project_id}/cloudservers/{server_id}/os-reset-password |
ecs:cloudservers:resetserverpwd |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/os-resetpwd-flag |
ecs:cloudservers:showresetpasswordflag |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/os-server-password |
ecs:cloudservers:showserverpassword |
- |
|
delete /v1/{project_id}/cloudservers/{server_id}/os-server-password |
ecs:cloudservers:deletepassword |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/os-volume_attachments |
ecs:cloudservers:listservervolumeattachments |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/reinstallos |
ecs:cloudservers:rebuild |
- |
|
post /v2/{project_id}/cloudservers/{server_id}/reinstallos |
ecs:cloudservers:rebuild |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/remote_console |
ecs:cloudservers:vnc |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/resize |
ecs:cloudservers:resize |
- |
|
post /v1/{project_id}/cloudservers/batch-resize |
ecs:cloudservers:resize |
- |
|
get /v1/{project_id}/cloudservers/detail?flavor={flavor}&name={name}&status={status}&limit={limit}&offset={offset}¬-tags={not-tags}&reservation_id={reservation_id}&enterprise_project_id={enterprise_project_id}&tags={tags}&ip={ip} |
ecs:cloudservers:listserversdetails |
- |
|
get /v1.1/{project_id}/cloudservers/detail |
ecs:cloudservers:listserversdetails |
- |
|
get /v1/{project_id}/availability-zones |
ecs:cloudservers:listserversdetails |
- |
|
put /v1/{project_id}/cloudservers/{server_id} |
ecs:cloudservers:updateserver |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/actions/update-auto-terminate-time |
ecs:cloudservers:setautoterminatetime |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/nics |
ecs:cloudservers:addnics |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/nics/delete |
ecs:cloudservernics:delete |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/tags |
ecs:cloudservers:showservertags |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/tags/action |
ecs:cloudservers:batchcreateservertags |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/tags/action |
ecs:cloudservers:batchdeleteservertags |
- |
|
post /v1/{project_id}/cloudservers/action |
ecs:cloudservers:start |
- |
|
post /v1/{project_id}/cloudservers/action |
ecs:cloudservers:stop |
- |
|
post /v1/{project_id}/cloudservers/action |
ecs:cloudservers:reboot |
- |
|
get /v1/{project_id}/cloudservers/flavors?availability_zone={availability_zone}&flavor_id={flavor_id}&limit={limit}&marker={marker} |
ecs:cloudserverflavors:get |
- |
|
get /v1/{project_id}/cloudservers/limits |
ecs:cloudserverquotas:get |
- |
|
put /v1/{project_id}/cloudservers/os-reset-passwords |
ecs:cloudservers:resetserverpwd |
- |
|
get /v1/{project_id}/cloudservers/os-server-groups?limit={limit}&marker={marker} |
ecs:cloudservers:listservergroups |
- |
|
post /v1/{project_id}/cloudservers/os-server-groups |
ecs:cloudservers:createservergroup |
- |
|
get /v1/{project_id}/cloudservers/os-server-groups/{server_group_id} |
ecs:cloudservers:showservergroup |
- |
|
delete /v1/{project_id}/cloudservers/os-server-groups/{server_group_id} |
ecs:cloudservers:deleteservergroup |
- |
|
post /v1/{project_id}/cloudservers/os-server-groups/{server_group_id}/action |
ecs:cloudservers:addservergroupmember |
- |
|
post /v1/{project_id}/cloudservers/os-server-groups/{server_group_id}/action |
ecs:cloudservers:deleteservergroupmember |
- |
|
get /v1/{project_id}/cloudservers/resize_flavors?instance_uuid={instance_uuid}&source_flavor_id={source_flavor_id}&source_flavor_name={source_flavor_name} |
ecs:cloudservers:listresizeflavors |
- |
|
get /v1/{project_id}/cloudservers/tags |
ecs:cloudservers:listservertags |
- |
|
post /v2/{project_id}/cloudservers/{server_id}/changeos |
ecs:cloudservers:changeos |
- |
|
put /v1/{project_id}/cloudservers/server-name |
ecs:cloudservers:batchupdateserversname |
- |
|
post /v1/{project_id}/cloudservers/resource_instances/action |
ecs:cloudservers:listserversbytag |
- |
|
put /v1/{project_id}/cloudservers/{server_id}/os-interface/{port_id} |
ecs:cloudservers:updateserverinterface |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/changevpc |
ecs:cloudservers:changevpc |
- |
|
post /v1/{project_id}/cloudservers/actions/change-charge-mode |
ecs:cloudservers:changechargemode |
|
|
get /v3/{project_id}/instance-scheduled-events |
ecs:instancescheduledevents:list |
- |
|
post /v3/{project_id}/instance-scheduled-events/{id}/actions/accept |
ecs:instancescheduledevents:accept |
- |
|
put /v3/{project_id}/instance-scheduled-events/{id} |
ecs:instancescheduledevents:update |
- |
|
get /v3/{project_id}/launch-template-versions |
ecs:launchtemplateversions:list |
- |
|
get /v3/{project_id}/launch-templates |
ecs:launchtemplates:list |
- |
|
delete /v2/{domain_id}/auto-launch-groups/{auto_launch_group_id} |
ecs:launchtemplates:delete |
- |
|
post /v3/{project_id}/launch-templates |
ecs:launchtemplates:create |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/actions/redeploy |
ecs:cloudservers:redeploy |
- |
|
get /v1/{project_id}/cloudservers/flavor-sell-policies?flavor_id={flavor_id} |
ecs:cloudserverflavors:get |
- |
|
get /v1/{project_id}/cloudservers/flavors/{flavor_id}/resources |
ecs:cloudserverflavors:get |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/autorecovery |
ecs:cloudservers:getautorecovery |
- |
|
put /v1/{project_id}/cloudservers/{server_id}/autorecovery |
ecs:cloudservers:setautorecovery |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/actions/trigger-crash-dump |
ecs:cloudservers:triggercrashdump |
- |
|
put /v1/{project_id}/recycle-bin/policy |
ecs:recyclebin:updatepolicy |
- |
|
put /v1/{project_id}/recycle-bin |
ecs:recyclebin:update |
- |
|
get /v1/{project_id}/recycle-bin |
ecs:recyclebin:get |
- |
|
post /v1/{project_id}/recycle-bin/cloudservers/{server_id}/actions/revert |
ecs:recyclebin:revertserver |
- |
|
delete /v1/{project_id}/recycle-bin/cloudservers/{server_id} |
ecs:recyclebin:deleteserver |
- |
|
get /v1/{project_id}/recycle-bin/cloudservers |
ecs:recyclebin:listservers |
- |
|
get /v1/{project_id}/cloudservers/{server_id}/metadata-options |
ecs:cloudservers:showmetadataoptions |
- |
|
put /v1/{project_id}/cloudservers/{server_id}/metadata-options |
ecs:cloudservers:updatemetadataoptions |
- |
|
get /v2.1/{project_id}/limits?project_id={project_id} |
ecs:limits:manage |
- |
|
post /v1.0/servers/{server_id}/action |
ecs:metrics:use |
- |
|
post /v1/{project_id}/cloudservers/{server_id}/os-interface/{port_id}/change-network-interface |
ecs:cloudservers:changenetworkinterface |
- |
条件(condition)
- 条件键表示身份策略语句的condition元素中的键值。根据适用范围,分为全局级条件键和服务级条件键。
- 服务级条件键(前缀通常为服务缩写,如ecs:)仅适用于对应服务的操作,详情请参见#iam_11_0007/zh-cn_topic_0000002369808774_zh-cn_topic_0000001571869865_table9823560490。
相关文档
意见反馈
文档内容是否对您有帮助?
如您有其它疑问,您也可以通过华为云社区问答频道来与我们联系探讨
