更新时间:2024-08-30 GMT+08:00
分享

RDS授权分类

表1 公共查询

权限

对应API接口

授权项(Action)

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

查询数据库引擎版本

GET /v3/{projectId}/datastores/{database_name}

无需授权

×

查询数据库规格

GET /v3/{project_id}/flavors/{database_name}?version_name={version_name}

无需授权

×

查询数据库存储规格

GET /v3/{project_id}/storage-type/{database_name}?version_name={version_name}

无需授权

×

表2 实例管理

API功能

对应API接口

授权项(Action)

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

创建数据库实例

POST /v3/{project_id}/instances

rds:instance:create

(创建加密实例需要在项目上配置KMS Administrator权限。)

×

修改实例名称

PUT https://{Endpoint}/v3/{project_id}/instances/{instance_id}/name

rds:instance:modify

修改实例备注

PUT

https://{Endpoint}/v3/{project_id}/instances/{instance_id}/alias

rds:instance:modify

申请内网域名

POST

https://{Endpoint}/v3/{project_id}/instances/{instance_id}/create-dns

rds:instance:createDns

×

修改内网域名

PUT

https://{Endpoint}/v3/{project_id}/instances/{instance_id}/modify-dns

rds:instance:modifyDns

变更数据库实例的规格

POST /v3/{project_id}/instances/{instance_id}/action

rds:instance:modifySpec

×

扩容数据库实例的磁盘空间

POST /v3/{project_id}/instances/{instance_id}/action

rds:instance:extendSpace

单机转主备实例

POST /v3/{project_id}/instances/{instance_id}/action

rds:instance:singleToHa

(加密实例需要在项目上配置KMS Administrator权限。)

重启数据库实例

POST /v3/{project_id}/instances/{instance_id}/action

rds:instance:restart

删除数据库实例

DELETE /v3/{project_id}/instances/{instance_id}

rds:instance:delete

查询数据库实例列表

GET /v3/{project_id}/instances

rds:instance:list

查询跨区域备份实例列表

GET /v3/{project_id}/backups/offsite-backup-instance

rds:instance:list

绑定和解绑弹性公网IP

PUT /v3/{project_id}/instances/{instance_id}/public-ip

rds:instance:modifyPublicAccess

×

修改数据库实例密码

PUT /v3/{project_id}/instances/{instance_id}/password

rds:password:update

手动主备倒换

PUT /v3/{project_id}/instances/{instance_id}/failover

rds:instance:switchover

修改主备切换策略

PUT /v3/{project_id}/instances/{instance_id}/failover/strategy

rds:instance:modifyStrategy

修改主备同步模式

PUT /v3/{project_id}/instances/{instance_id}/failover/mode

rds:instance:modifySynchronizeModel

修改运维时间窗

PUT

/v3/{project_id}/instances/{instance_id}/ops-window

rds:instance:modify

备机可用区迁移

POST /v3/{project_id}/instances/{instance_id}/migrateslave

rds:instance:create

×

表3 灾备实例

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

配置主实例容灾能力

POST

/v3/{project_id}/instances/{instance_id}/action

rds:instance:buildDrRelation

×

配置灾备实例容灾能力

POST

/v3/{project_id}/instances/{instance_id}/action

rds:instance:buildDrRelation

灾备升主

POST

/v3/{project_id}/instances/{instance_id}/action

rds:instance:modifyDRRole

查询跨云容灾复制状态

GET /v3/{project_id}/instances/{instance_id}/disaster-recovery

rds:instance:list

×

表4 数据库安全性

API功能

对应API接口

授权项(Action)

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

设置SSL数据加密

PUT /v3/{project_id}/instances/{instance_id}/ssl

rds:instance:modifySSL

修改数据库端口

PUT /v3/{project_id}/instances/{instance_id}/port

rds:instance:modifyPort

修改内网地址

PUT /v3/{project_id}/instances/{instance_id}/ip

rds:instance:modifyIp

修改安全组

PUT /v3/{project_id}/instances/{instance_id}/security-group

rds:instance:modifySecurityGroup

表5 参数配置

API功能

对应API接口

授权项(Action)

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

获取参数模板列表

GET /v3/{project_id}/configurations

rds:param:list

创建参数模板

POST /v3/{project_id}/configurations

rds:param:create

×

修改参数模板参数

PUT /v3/{project_id}/configurations/{config_id}

rds:param:modify

应用参数模板

PUT /v3/{project_id}/configurations/{config_id}/apply

rds:param:apply

×

修改指定实例的参数

PUT /v3/{project_id}/instances/{instance_id}/configurations

rds:param:modify

获取指定实例的参数模板

GET /v3/{project_id}/instances/{instance_id}/configurations

rds:param:list

获取指定参数模板的参数

GET /v3/{project_id}/configurations/{config_id}

rds:param:list

删除参数模板

DELETE /v3/{project_id}/configurations/{config_id}

rds:param:delete

×

表6 备份与恢复

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

设置自动备份策略

PUT /v3/{project_id}/instances/{instance_id}/backups/policy

rds:instance:modifyBackupPolicy

设置跨区域备份策略

PUT /v3/{project_id}/instances/{instance_id}/backups/offsite-policy

rds:instance:modifyBackupPolicy

查询自动备份策略

GET /v3/{project_id}/instances/{instance_id}/backups/policy

rds:instance:list

查询跨区域备份策略

GET /v3/{project_id}/instances/{instance_id}/backups/offsite-policy

rds:instance:list

创建手动备份

POST /v3/{project_id}/backups

rds:backup:create

×

获取备份列表

GET /v3/{project_id}/backups?instance_id={instance_id}

rds:backup:list

×

获取跨区域备份列表

GET /v3/{project_id}/offsite-backups?instance_id={instance_id}

rds:backup:list

×

获取备份下载链接

GET /v3/{project_id}/backup-files?backup_id={backup_id}

rds:backup:download

×

删除手动备份

DELETE /v3/{project_id}/backups/{backup_id}

rds:backup:delete

×

查询可恢复时间段

GET /v3/{project_id}/instances/{instance_id}/restore-time

rds:instance:list

×

查询跨区域备份可恢复时间段

GET /v3/{project_id}/instances/{instance_id}/offsite-restore-time

rds:instance:list

×

恢复到新实例

POST /v3/{project_id}/instances

rds:instance:create

(加密实例需要在项目上配置KMS Administrator权限。)

×

恢复到已有或当前实例

POST /v3/{project_id}/instances/recovery

rds:instance:restoreInPlace

×

表7 获取日志信息

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

查询数据库错误日志

GET /v3/{project_id}/instances/{instance_id}/errorlog?start_date={start_date}&end_date={end_date}

rds:log:list

查询数据库慢日志

GET /v3/{project_id}/instances/{instance_id}/slowlog?start_date={start_date}&end_date={end_date}

rds:log:list

设置审计日志策略

PUT

/v3/{project_id}/instances/{instance_id}/auditlog-policy

rds:auditlog:operate

查询审计日志策略

GET

/v3/{project_id}/instances/{instance_id}/auditlog-policy

rds:auditlog:list

获取审计日志列表

GET

/v3/{project_id}/instances/{instance_id}/auditlog?start_time={start_time}&end_time={end_time}&offset={offset}&limit={limit}

rds:auditlog:list

生成审计日志下载链接

POST

/v3/{project_id}/instances/{instance_id}/auditlog-links

rds:auditlog:download

获取慢日志下载链接

POST

/v3/{project_id}/instances/{instance_id}/slowlog-download

rds:log:download

获取binlog本地保留时长

GET /v3/{project_id}/instances/{instance_id}/binlog/clear-policy

rds:binlog:get

设置binlog本地保留时长

PUT /v3/{project_id}/instances/{instance_id}/binlog/clear-policy

rds:binlog:setPolicy

表8 管理数据库和用户(MySQL)

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

创建数据库

POST /v3/{project_id}/instances/{instance_id}/database

rds:database:create

查询数据库列表

GET /v3/{project_id}/instances/{instance_id}/database/detail?page={page}&limit={limit}

rds:database:list

查询指定用户的已授权数据库

GET /v3/{project_id}/instances/{instance_id}/db_user/database?user-name={user-name}&page={page}&limit={limit}

rds:database:list

删除数据库

DELETE /v3/{project_id}/instances/{instance_id}/database/{db_name}

rds:database:drop

创建数据库用户

POST /v3/{project_id}/instances/{instance_id}/db_user

rds:databaseUser:create

查询数据库用户列表

GET /v3/{project_id}/instances/{instance_id}/db_user/detail?page={page}&limit={limit}

rds:databaseUser:list

查询指定数据库的已授权用户

GET /v3/{project_id}/instances/{instance_id}/database/db_user?db-name={db-name}&page={page}&limit={limit}

rds:databaseUser:list

修改数据库用户的备注

PUT /v3/{project_id}/instances/{instance_id}/db-users/{user_name}/comment

rds:databaseUser:update

删除数据库用户

DELETE /v3/{project_id}/instances/{instance_id}/db_user/{user_name}

rds:databaseUser:drop

授权数据库账号

POST /v3/{project_id}/instances/{instance_id}/db_privilege

rds:databasePrivilege:grant

修改数据库账号密码

POST /v3/{project_id}/instances/{instance_id}/db_user/resetpwd

rds:password:update

解除数据库账号权限

DELETE /v3/{project_id}/instances/{instance_id}/db_privilege

rds:databasePrivilege:revoke

表9 管理数据库和用户(PostgreSQL)

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

创建数据库

POST /v3/{project_id}/instances/{instance_id}/database

rds:database:create

创建数据库用户

POST /v3/{project_id}/instances/{instance_id}/db_user

rds:databaseUser:create

授权数据库账号

POST /v3/{project_id}/instances/{instance_id}/db_privilege

rds:databasePrivilege:grant

创建数据库 schema

POST

/v3/{project_id}/instances/{instance_id}/schema

rds:database:create

查询数据库列表

GET

/v3/{project_id}/instances/{instance_id}/database/detail?page={page}&limit={limit}

rds:database:list

查询数据库用户列表

GET

/v3/{project_id}/instances/{instance_id}/db_user/detail?page={page}&limit={limit}

rds:databaseUser:list

查询数据库SCHEMA列表

GET

/v3/{project_id}/instances/{instance_id}/schema/detail?db_name={name}page={page}&limit={limit}

rds:database:list

修改数据库用户的备注

PUT /v3/{project_id}/instances/{instance_id}/db-users/{user_name}/comment

rds:databaseUser:update

表10 回收站

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

设置回收站策略

PUT https://{Endpoint}/v3/{project_id}/instances/recycle-policy

rds:instance:setRecycleBin

×

×

表11 标签管理

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

批量添加删除标签

POST /v3/{project_id}/instances/{instance_id}/tags/action

rds:instance:dealTag

查询项目标签

GET

/v3/{project_id}/tags

rds:tag:list

×

表12 配额管理

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

查询配额

GET https://{Endpoint}/v3/{project_id}/quotas

rds:instance:list

表13 任务功能

API功能

对应API接口

授权项

IAM项目(Project)

企业项目(Enterprise Project)

实例授权

获取任务信息

GET /v3/{project_id}/jobs?id={id}

rds:task:list

×

相关文档