函数工作流 functiongraph-j9九游会登录
云服务在iam预置了常用的权限,称为系统身份策略。如果iam系统身份策略无法满足授权要求,管理员可以根据各j9九游会登录的服务支持的授权项,创建iam自定义身份策略来进行精细的访问控制,iam自定义身份策略是对系统身份策略的扩展和补充。
除iam服务外,organizations服务中的服务控制策略(service control policy,以下简称scp)也可以使用这些授权项元素设置访问控制策略。
scp不直接进行授权,只划定权限边界。将scp绑定到组织单元或者成员账号时,并没有直接对组织单元或成员账号授予操作权限,而是规定了成员账号或组织单元包含的成员账号的授权范围。iam身份策略授予权限的有效性受scp限制,只有在scp允许范围内的权限才能生效。
iam服务与organizations服务在使用这些元素进行访问控制时,存在着一些区别,详情请参见:iam服务与organizations服务权限访问控制的区别。
本章节介绍iam服务身份策略授权场景中自定义身份策略和组织服务中scp使用的元素,这些元素包含了操作(action)、资源(resource)和条件(condition)。
操作(action)
操作(action)即为身份策略中支持的授权项。
- “访问级别”列描述如何对操作进行分类(list、read和write等)。此分类可帮助您了解在身份策略中相应操作对应的访问级别。
- “资源类型”列指每个操作是否支持资源级权限。
- 资源类型支持通配符号*表示所有。如果此列没有值(-),则必须在身份策略语句的resource元素中指定所有资源类型(“*”)。
- 如果该列包含资源类型,则必须在具有该操作的语句中指定该资源的urn。
- 资源类型列中必需资源在表中用星号(*)标识,表示使用此操作必须指定该资源类型。
关于定义的资源类型的详细信息请参见资源类型(resource)。
- “条件键”列包括了可以在身份策略语句的condition元素中支持指定的键值。
- 如果该授权项资源类型列存在值,则表示条件键仅对列举的资源类型生效。
- 如果该授权项资源类型列没有值(-),则表示条件键对整个授权项生效。
- 如果此列条件键没有值(-),表示此操作不支持指定条件键。
关于定义的条件键的详细信息请参见条件(condition)。
- “别名”列包括了可以在身份策略中配置的策略授权项。通过这些授权项,可以控制支持策略授权的api访问。详细信息请参见身份策略兼容性说明。
您可以在身份策略语句的action元素中指定以下functiongraph的相关操作。
|
授权项 |
描述 |
访问级别 |
资源类型(*为必须) |
条件键 |
别名 |
|---|---|---|---|---|---|
|
functiongraph:function:createfunction |
授予权限以创建函数。 |
write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:deletefunction |
授予权限以删除函数。 |
write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:listfunctions |
授予权限以查询函数列表。 |
list |
function * |
|
|
|
- |
|||||
|
functiongraph:function:getfunctioncode |
授予权限以获取指定函数代码信息。 |
read |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updatefunctioncode |
授予权限以修改指定的函数的代码。 |
write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:getfunctionconfig |
授予权限以获取指定函数的metadata。 |
read |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updatefunctionconfig |
授予权限以修改指定的函数的metadata信息。 |
write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updatemaxinstanceconfig |
授予权限以更新函数最大实例数。 |
write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updatesnapshot |
授予权限以启动/禁用函数快照。 |
write |
function * |
|
|
|
functiongraph:function:getsnapshotstate |
授予权限以查询函数快照制作状态。 |
read |
function * |
|
|
|
functiongraph:function:createurl |
授予权限以创建函数url。 |
write |
function * |
|
|
|
functiongraph:function:deleteurl |
授予权限以删除函数url。 |
write |
function * |
|
|
|
functiongraph:function:updateurl |
授予权限以更新函数url。 |
write |
function * |
|
|
|
functiongraph:function:geturl |
授予权限以获取指定函数的url。 |
read |
function * |
|
|
|
functiongraph::getresourceinstance |
授予权限以查询资源实例。 |
read |
- |
|
|
|
functiongraph::createtag |
授予权限以创建资源标签。 |
tagging |
- |
|
|
|
functiongraph::deletetag |
授予权限以删除资源标签。 |
tagging |
- |
|
|
|
functiongraph::listtags |
授予权限以获取资源标签列表。 |
list |
- |
|
|
|
functiongraph::createfunctionapp |
授予权限以创建应用程序。 |
write |
- |
|
|
|
functiongraph::deletefunctionapp |
授予权限以删除应用程序。 |
write |
- |
|
|
|
functiongraph::getfunctionapp |
授予权限以查询应用程序详情。 |
read |
- |
|
|
|
functiongraph::listfunctionapps |
授予权限以查询应用程序列表。 |
list |
- |
|
|
|
functiongraph::getfunctionapptemplate |
授予权限以查询应用程序模板详情。 |
read |
- |
|
|
|
functiongraph::listfunctionapptemplates |
授予权限以查询应用程序模板列表。 |
list |
- |
|
|
|
functiongraph::createvpcendpoint |
授予权限以创建下沉入口。 |
write |
- |
|
|
|
functiongraph::deletevpcendpoint |
授予权限以删除下沉入口。 |
write |
- |
|
|
|
functiongraph:function:export |
授予权限以导出函数。 |
read |
function * |
|
|
|
functiongraph:function:import |
授予权限以导入函数。 |
write |
function * |
|
|
|
functiongraph::exportpackage |
授予权限以导出函数应用。 |
read |
- |
|
|
|
functiongraph::importpackage |
授予权限以导入函数应用。 |
write |
- |
|
|
|
functiongraph:function:createversion |
授予权限以发布函数版本。 |
write |
function * |
- |
|
|
functiongraph:function:listversion |
授予权限以获取指定函数的版本列表。 |
list |
function * |
- |
|
|
functiongraph:function:createalias |
授予权限以创建函数灰度版本别名。 |
write |
function * |
- |
|
|
functiongraph:function:deletealias |
授予权限以删除函数版本别名。 |
write |
function * |
- |
|
|
functiongraph:function:listalias |
授予权限以获取指定函数所有版本别名列表。 |
list |
function * |
- |
|
|
functiongraph:function:getalias |
授予权限以获取函数版本指定别名信息。 |
read |
function * |
- |
|
|
functiongraph:function:updatealias |
授予权限以修改函数版本别名信息。 |
write |
function * |
- |
|
|
functiongraph::listquota |
授予权限以查询租户配额。 |
list |
- |
- |
|
|
functiongraph:dependency:createdependency |
授予权限以创建依赖包。 |
write |
- |
- |
|
|
functiongraph:dependency:deletedependency |
授予权限以删除依赖包。 |
write |
- |
- |
|
|
functiongraph:dependency:listdependencies |
授予权限以获取依赖包列表。 |
list |
- |
- |
|
|
functiongraph:dependency:getdependency |
授予权限以获取指定依赖包信息。 |
read |
- |
- |
|
|
functiongraph:dependency:updatedependency |
授予权限以更新指定依赖包信息。 |
write |
- |
- |
|
|
functiongraph:dependency:createdependencyversion |
授予权限以创建依赖包版本。 |
write |
- |
- |
|
|
functiongraph:dependency:deletedependencyversion |
授予权限以删除依赖包版本。 |
write |
- |
- |
|
|
functiongraph:dependency:listdependencyversion |
授予权限以获取依赖包版本列表。 |
list |
- |
- |
|
|
functiongraph:dependency:getdependencyversion |
授予权限以获取依赖包版本详细信息。 |
read |
- |
- |
|
|
functiongraph:function:createevent |
授予权限以创建测试事件。 |
write |
function * |
|
|
|
functiongraph:function:deleteevent |
授予权限以删除指定测试事件。 |
write |
function * |
|
|
|
functiongraph:function:updateevent |
授予权限以更新函数测试事件。 |
write |
function * |
|
|
|
functiongraph:function:listevent |
授予权限以获取函数测试事件列表。 |
list |
function * |
|
|
|
functiongraph:function:getevent |
授予权限以获取函数测试事件详细信息。 |
read |
function * |
|
|
|
functiongraph:function:gettracing |
授予权限以获取函数调用链配置。 |
read |
function * |
|
|
|
functiongraph:function:updatetracing |
授予权限以更新函数调用链配置。 |
write |
function * |
|
|
|
functiongraph::listfunctionbymetric |
授予权限以按指定指标获取函数列表。 |
list |
- |
- |
|
|
functiongraph:function:listfunctionstatistics |
授予权限以获取指定时间段的函数运行指标。 |
list |
function * |
|
|
|
functiongraph::liststatistics |
授予权限以获取租户函数统计信息。 |
list |
- |
- |
|
|
functiongraph:function:getreservedinstancemetrics |
授予权限以查询函数预留实例使用情况指标。 |
read |
function * |
|
|
|
functiongraph::enableltslogs |
授予权限以开通lts日志上报功能。 |
write |
- |
- |
|
|
functiongraph:function:getltslogconfiguration |
授予权限以获取指定函数的lts日志组日志流配置。 |
read |
function * |
|
|
|
functiongraph:function:updatereservedinstancecount |
授予权限以修改函数预留实例数量。 |
write |
function * |
|
|
|
functiongraph::listreservedinstancecount |
授予权限以获取函数预留实例数量。 |
list |
- |
- |
|
|
functiongraph::listreservedinstanceconfig |
授予权限以获取函数预留实例配置列表。 |
list |
function |
|
|
|
functiongraph::getreservedinstancestate |
授予权限以获取函数预留实例状态。 |
read |
- |
- |
|
|
functiongraph:function:invokeasync |
授予权限以异步执行函数。 |
write |
function * |
- |
|
|
functiongraph:function:invokesync |
授予权限以同步执行函数。 |
write |
function * |
|
|
|
functiongraph:function:invokereservedfunctionasync |
授予权限以函数异步执行并返回预留实例id。 |
write |
function * |
|
|
|
functiongraph:function:stopasyncinvoke |
授予权限以停止函数异步调用请求。 |
write |
function * |
|
|
|
functiongraph:function:listasyncinvocation |
授予权限以获取函数异步调用请求列表。 |
list |
function * |
|
|
|
functiongraph:function:deleteasyncinvokeconfig |
授予权限以删除函数异步配置信息。 |
write |
function * |
|
|
|
functiongraph:function:updateasyncinvokeconfig |
授予权限以设置函数异步配置信息。 |
write |
function * |
|
|
|
functiongraph:function:listasyncinvokeconfig |
授予权限以获取指定函数所有版本的异步配置列表。 |
list |
function * |
|
|
|
functiongraph:function:getasyncinvokeconfig |
授予权限以获取指定函数某一版本的异步配置信息。 |
read |
function * |
|
|
|
functiongraph::updateasyncstatuslog |
授予权限以允许异步状态通知。 |
write |
- |
- |
|
|
functiongraph::getasyncstatusloginfo |
授予权限以查询异步日志详情。 |
read |
- |
- |
|
|
functiongraph:function:listactiveasyncinvocations |
授予权限以获取函数异步调用活跃请求列表。 |
list |
function * |
|
|
|
functiongraph:trigger:createtrigger |
授予权限以创建触发器。 |
write |
function * |
|
|
|
functiongraph:trigger:delete |
授予权限以删除触发器。 |
write |
trigger * |
- |
|
|
functiongraph:trigger:update |
授予权限以更新触发器。 |
write |
function * |
|
|
|
functiongraph:trigger:list |
授予权限以获取指定函数的所有触发器。 |
list |
function * |
|
|
|
functiongraph:trigger:get |
授予权限以获取指定触发器的信息。 |
read |
trigger * |
- |
|
|
functiongraph:trigger:batchdelete |
授予权限以删除指定函数的所有触发器。 |
write |
function * |
|
|
|
functiongraph::listobsnotifications |
授予权限以获取指定obs桶的所有通知配置。 |
read |
- |
- |
|
|
functiongraph::listobsbucket |
授予权限以获取obs桶列表。 |
list |
- |
- |
|
|
functiongraph:workflow:create |
授予权限以创建函数流。 |
write |
workflow * |
|
|
|
functiongraph:workflow:delete |
授予权限以删除函数流。 |
write |
workflow * |
|
|
|
functiongraph:workflow:update |
授予权限以修改指定函数流实例的元数据。 |
write |
workflow * |
|
|
|
functiongraph:workflow:list |
授予权限以查询函数流。 |
list |
workflow * |
|
|
|
functiongraph:workflow:getconfig |
授予权限以获取指定函数流实例的元数据。 |
read |
workflow * |
|
|
|
functiongraph:workflow:invoke |
授予权限以异步执行方式启动函数流。 |
write |
workflow * |
|
|
|
functiongraph:workflow:invokesync |
授予权限以同步执行方式启动函数流。 |
write |
workflow * |
|
|
|
functiongraph:workflow:terminate |
授予权限以停止函数流。 |
write |
workflow * |
|
|
|
functiongraph:workflow:retry |
授予权限以重试函数流。 |
write |
workflow * |
|
|
|
functiongraph:workflow:listexecutions |
授予权限以获取指定函数流执行实例列表。 |
list |
workflow * |
|
|
|
functiongraph:workflow:getexecutiondetail |
授予权限以获取指定函数流执行实例。 |
read |
workflow * |
|
|
|
functiongraph:workflow:getmetric |
授予权限以获取指定函数流指标。 |
read |
workflow * |
|
|
|
functiongraph:workflow:listmetrics |
授予权限以获取函数流指标。 |
list |
- |
- |
|
|
functiongraph:workflow:downloadoutput |
授予权限以下载函数流节点的执行结果。 |
write |
workflow * |
|
|
|
functiongraph:workflow:cancel |
授予权限以停止执行函数流。 |
write |
workflow * |
|
|
|
functiongraph:workflow:metadata |
授予权限以获取函数流元数据。 |
list |
- |
- |
|
api通常对应着一个或多个授权项。表2展示了api与授权项的关系,以及该api需要依赖的授权项。
|
api |
对应的授权项 |
依赖的授权项 |
|---|---|---|
|
post /v2/{project_id}/fgs/functions |
functiongraph:function:createfunction |
|
|
delete /v2/{project_id}/fgs/functions/{function_urn} |
functiongraph:function:deletefunction |
|
|
put /v2/{project_id}/fgs/functions/{function_urn}/config |
functiongraph:function:updatefunctionconfig |
|
|
put /v2/{project_id}/fgs/functions/{function_urn}/code |
functiongraph:function:updatefunctioncode |
obs:object:getobject |
|
get /v2/{project_id}/fgs/functions |
functiongraph:function:listfunctions |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/config |
functiongraph:function:getfunctionconfig |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/code |
functiongraph:function:getfunctioncode |
- |
|
get /v2/{project_id}/fgs/public-network-bandwidth |
functiongraph::getpublicnetworkbandwidth |
- |
|
get /v2/{project_id}/fgs/resource-usage |
functiongraph::gettenantresourceusage |
- |
|
post /v2/{project_id}/fgs/functions/{function_urn}/command |
functiongraph::function:createtenantcommanmd |
- |
|
put /v2/{project_id}/fgs/functions/{function_urn}/config-max-instance |
functiongraph:function:updatemaxinstanceconfig |
- |
|
post /v2/{project_id}/fgs/functions/{function_urn}/snapshots/{action} |
functiongraph:function:updatesnapshot |
- |
|
post /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:createurl |
- |
|
delete /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:deleteurl |
- |
|
put /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:updateurl |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:geturl |
- |
|
post /v2/{project_id}/{resource_type}/resource-instances/{action} |
functiongraph::getresourceinstance |
- |
|
post /v2/{project_id}/{resource_type}/{resource_id}/tags/create |
functiongraph::createtag |
- |
|
delete /v2/{project_id}/{resource_type}/{resource_id}/tags/delete |
functiongraph::deletetag |
- |
|
get /v2/{project_id}/{resource_type}/tags |
functiongraph::listtags |
- |
|
post /v2/{project_id}/fgs/applications |
functiongraph::createfunctionapp |
- |
|
delete /v2/{project_id}/fgs/applications/{id} |
functiongraph::deletefunctionapp |
- |
|
get /v2/{project_id}/fgs/applications/{id} |
functiongraph::getfunctionapp |
- |
|
get /v2/{project_id}/fgs/applications |
functiongraph::listfunctionapps |
- |
|
get /v2/{project_id}/fgs/application/templates/{id} |
functiongraph::getfunctionapptemplate |
- |
|
get /v2/{project_id}/fgs/application/templates |
functiongraph::listfunctionapptemplates |
- |
|
post /v2/{project_id}/fgs/vpc-endpoint |
functiongraph::createvpcendpoint |
- |
|
delete /v2/{project_id}/fgs/vpc-endpoint/{vpc_id}/{subnet_id} |
functiongraph::deletevpcendpoint |
- |
|
get /v2/{project_id}/fgs/functions/{func_urn}/download |
functiongraph:function:getfunctioncode |
- |
|
get /v2/{project_id}/fgs/admins/sysconfig |
functiongraph:function:getfunctionconfig |
- |
|
get /v2/{project_id}/fgs/domainname/vpc/{vpc_id} |
functiongraph:function:getfunctionconfig |
dns:zone:list |
|
get /v2/{project_id}/fgs/functions/{function_urn}/servicebridge/relation |
functiongraph:function:listfunctions |
- |
|
post /v2/{project_id}/fgs/packages |
functiongraph:function:createfunction |
- |
|
delete /v2/{project_id}/fgs/packages/{package_name} |
functiongraph:function:deletefunction |
- |
|
put /v2/{project_id}/fgs/packages/{package_name} |
functiongraph:function:createfunction |
- |
|
get /v2/{project_id}/fgs/packages |
functiongraph:function:listfunctions |
- |
|
put /v2/{project_id}/fgs/functions/{func_urn}/collect/{state} |
functiongraph:function:updatefunctionconfig |
- |
|
get /v2/{project_id}/fgs/template-labels |
functiongraph:function:listfunctions |
- |
|
get /v2/fgs/template-labels |
functiongraph:function:listfunctions |
- |
|
get /v2/{project_id}/fgs/templates |
functiongraph:function:listfunctions |
- |
|
get /v2/{project_id}/fgs/templates/{template_id} |
functiongraph:function:listfunctions |
- |
|
get /v2/fgs/runtimetypes |
functiongraph:function:listfunctions |
- |
|
get /v2/fgs/service-trusted-agencies |
functiongraph:function:getfunctionconfig |
- |
|
get /v2/{project_id}/fgs/feature |
functiongraph:function:getfunctionconfig |
- |
|
post /v2/{project_id}/fgs/agc/agency/{agency_name} |
functiongraph:function:createfunction |
- |
|
post /v2/{project_id}/fgs/functions/enable-async-status-logs |
functiongraph::updateasyncstatuslog |
|
|
get /v2/{project_id}/fgs/functions/async-status-log-detail |
functiongraph::getasyncstatusloginfo |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/active-async-invocations |
functiongraph:function:listactiveasyncinvocations |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/export |
functiongraph:function:export |
- |
|
post /v2/{project_id}/fgs/functions/import |
functiongraph:function:import |
- |
|
get /v2/{project_id}/fgs/packages/{package_name}/export |
functiongraph::exportpackage |
- |
|
post /v2/{project_id}/fgs/packages/import |
functiongraph::importpackage |
- |
|
post /v2/{project_id}/fgs/functions/{function_urn}/versions |
functiongraph:function:createversion |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/versions |
functiongraph:function:listversion |
- |
|
post /v2/{project_id}/fgs/functions/{function_urn}/aliases |
functiongraph:function:createalias |
- |
|
delete /v2/{project_id}/fgs/functions/{function_urn}/aliases/{alias_name} |
functiongraph:function:deletealias |
functiongraph:trigger:list |
|
put /v2/{project_id}/fgs/functions/{function_urn}/aliases/{alias_name} |
functiongraph:function:updatealias |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/aliases |
functiongraph:function:listalias |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/aliases/{alias_name} |
functiongraph:function:getalias |
- |
|
post /v2/{project_id}/fgs/dependencies |
functiongraph:dependency:createdependency |
obs:object:getobject |
|
delete /v2/{project_id}/fgs/dependencies/{depend_id} |
functiongraph:dependency:deletedependency |
- |
|
put /v2/{project_id}/fgs/dependencies/{depend_id} |
functiongraph:dependency:updatedependency |
obs:object:getobject |
|
get /v2/{project_id}/fgs/dependencies |
functiongraph:dependency:listdependencies |
- |
|
get /v2/{project_id}/fgs/dependencies/{depend_id} |
functiongraph:dependency:getdependency |
- |
|
post /v2/{project_id}/fgs/dependencies/version |
functiongraph:dependency:createdependencyversion |
obs:object:getobject |
|
delete /v2/{project_id}/fgs/dependencies/{depend_id}/version/{version} |
functiongraph:dependency:deletedependencyversion |
- |
|
get /v2/{project_id}/fgs/dependencies/{depend_id}/version |
functiongraph:dependency:listdependencyversion |
- |
|
get /v2/{project_id}/fgs/dependencies/{depend_id}/version/{version} |
functiongraph:dependency:getdependencyversion |
- |
|
post /v2/{project_id}/fgs/functions/{function_urn}/events |
functiongraph:function:createevent |
- |
|
delete /v2/{project_id}/fgs/functions/{function_urn}/events/{event_id} |
functiongraph:function:deleteevent |
- |
|
put /v2/{project_id}/fgs/functions/{function_urn}/events/{event_id} |
functiongraph:function:updateevent |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/events |
functiongraph:function:listevent |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/events/{event_id} |
functiongraph:function:getevent |
- |
|
put /v2/{project_id}/fgs/functions/{function_urn}/tracing |
functiongraph:function:updatetracing |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/tracing |
functiongraph:function:gettracing |
- |
|
get /v2/{project_id}/fgs/function/report |
functiongraph::listfunctionbymetric |
|
|
get /v2/{project_id}/fgs/functions/statistics |
functiongraph::liststatistics |
aom:metric:get |
|
post /v2/{project_id}/fgs/functions/enable-lts-logs |
functiongraph::enableltslogs |
|
|
get /v2/{project_id}/fgs/functions/{function_urn}/lts-log-detail |
functiongraph:function:getltslogconfiguration |
- |
|
put /v2/{project_id}/fgs/functions/{function_urn}/reservedinstances |
functiongraph:function:updatereservedinstancecount |
- |
|
get /v2/{project_id}/fgs/functions/reservedinstances |
functiongraph::listreservedinstancecount |
- |
|
get /v2/{project_id}/fgs/functions/reservedinstanceconfigs |
functiongraph::listreservedinstanceconfig |
- |
|
get /v2/{project_id}/fgs/functions/reservedinstances/state |
functiongraph::getreservedinstancestate |
- |
|
post /v2/{project_id}/fgs/functions/{function_urn}/cancel |
functiongraph:function:stopasyncinvoke |
lts:structconfig:get |
|
get /v2/{project_id}/fgs/functions/{function_urn}/async-invocations |
functiongraph:function:listasyncinvocation |
|
|
delete /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-config |
functiongraph:function:deleteasyncinvokeconfig |
- |
|
put /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-config |
functiongraph:function:updateasyncinvokeconfig |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-configs |
functiongraph:function:listasyncinvokeconfig |
- |
|
get /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-config |
functiongraph:function:getasyncinvokeconfig |
- |
|
post /v2/{project_id}/fgs/servicebridge |
functiongraph:bridge:createservicebridge |
- |
|
delete /v2/{project_id}/fgs/servicebridge/{bridge_name} |
functiongraph:bridge:deleteservicebridge |
- |
|
put /v2/{project_id}/fgs/servicebridge/{bridge_name}/config |
functiongraph:bridge:updateservicebridgeconfig |
- |
|
get /v2/{project_id}/fgs/servicebridge |
functiongraph:bridge:listservicebridges |
- |
|
get /v2/{project_id}/fgs/servicebridge/{bridge_name}/config |
functiongraph:bridge:getservicebridgeconfig |
- |
资源类型(resource)
资源类型(resource)表示身份策略所作用的资源。如表3中的某些操作指定了可以在该操作指定的资源类型,则必须在具有该操作的身份策略语句中指定该资源的urn,身份策略仅作用于此资源;如未指定,resource默认为“*”,则身份策略将应用到所有资源。您也可以在身份策略中设置条件,从而指定资源类型。
定义了以下可以在自定义身份策略的resource元素中使用的资源类型。
|
资源类型 |
urn |
|---|---|
|
workflow |
functiongraph: |
|
function |
functiongraph: |
|
trigger |
functiongraph: |
相关文档
意见反馈
文档内容是否对您有帮助?
如您有其它疑问,您也可以通过华为云社区问答频道来与我们联系探讨
