合规性
权限 | 对应API接口 | 授权项 | 依赖的授权项 | IAM项目 | 企业项目 |
|---|---|---|---|---|---|
列出内置策略 | GET /v1/resource-manager/policy-definitions | rms:policyDefinitions:get | - | √ | x |
查询单个内置策略 | GET /v1/resource-manager/policy-definitions/{policy_definition_id} | rms:policyDefinitions:get | - | √ | x |
更新合规规则 | PUT /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id} | rms:policyAssignments:update | - | √ | x |
启用合规规则 | POST /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/enable | rms:policyAssignments:update | - | √ | x |
停用合规规则 | POST /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/disable | rms:policyAssignments:update | - | √ | x |
创建合规规则 | PUT /v1/resource-manager/domains/{domain_id}/policy-assignments | rms:policyAssignments:create | - | √ | x |
列出合规规则 | GET /v1/resource-manager/domains/{domain_id}/policy-assignments | rms:policyAssignments:get | - | √ | x |
查看单个合规规则 | GET /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id} | rms:policyAssignments:get | - | √ | x |
删除合规规则 | DELETE /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id} | rms:policyAssignments:delete | - | √ | x |
获取规则的评估状态 | GET /v1/resource-manager/domains/{domain_id}/policy-states/evaluation-state | rms:policyStates:get | - | √ | x |
获取资源的合规结果 | GET /v1/resource-manager/domains/{domain_id}/resources/{resource_id}/policy-states | rms:policyStates:get | - | √ | x |
获取用户的合规结果 | GET /v1/resource-manager/domains/{domain_id}/policy-states | rms:policyStates:get | - | √ | x |
获取规则的合规结果 | GET /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/policy-states | rms:policyStates:get | - | √ | x |
运行合规评估 | POST /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/policy-states/run-evaluation | rms:policyStates:runEvaluation | - | √ | x |
更新合规评估结果 | PUT /v1/resource-manager/domains/{domain_id}/policy-states | rms:policyStates:update | - | √ | x |
创建或更新组织合规规则 | PUT /v1/resource-manager/organizations/{organization_id}/policy-assignments | rms:organizationPolicyAssignments:put |
| √ | x |
查询组织合规规则列表 | GET /v1/resource-manager/organizations/{organization_id}/policy-assignments | rms:organizationPolicyAssignments:list | organizations:organizations:get | √ | x |
查询指定组织合规规则 | GET /v1/resource-manager/organizations/{organization_id}/policy-assignments/{organization_policy_assignment_id} | rms:organizationPolicyAssignments:get | organizations:organizations:get | √ | x |
查询组织合规规则部署状态 | GET /v1/resource-manager/organizations/{organization_id}/policy-assignment-statuses | rms:organizationPolicyAssignments:list | organizations:organizations:get | √ | x |
查询组织内每个成员账号合规规则部署的详细状态 | GET /v1/resource-manager/organizations/{organization_id}/policy-assignment-detailed-status | rms:organizationPolicyAssignments:list | organizations:organizations:get | √ | x |
删除组织合规规则 | DELETE /v1/resource-manager/organizations/{organization_id}/policy-assignments/{organization_policy_assignment_id} | rms:organizationPolicyAssignments:delete | organizations:organizations:get | √ | x |
创建或更新修正配置 | PUT /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-configuration | rms:policyAssignmentsRemediation:putRemediationConfiguration |
| √ | x |
查询修正配置 | GET /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-configuration | rms:policyAssignmentsRemediation:getRemediationConfiguration | - | √ | x |
删除修正配置 | DELETE /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-configuration | rms:policyAssignmentsRemediation:deleteRemediationConfiguration | - | √ | x |
批量创建修正例外 | POST /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-exception/create | rms:policyAssignmentsRemediation:createRemediationExceptions | - | √ | x |
批量删除修正例外 | POST /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-exception/delete | rms:policyAssignmentsRemediation:deleteRemediationExceptions | - | √ | x |
查询修正例外 | GET /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-exception | rms:policyAssignmentsRemediation:listRemediationExceptions | - | √ | x |
运行修正执行 | POST /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-execution | rms:policyAssignmentsRemediation:runRemediation |
| √ | x |
查询修正执行结果 | GET /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-execution-statuses | rms:policyAssignmentsRemediation:listRemediationExecutionStatuses | - | √ | x |
列举修正最新记录 | POST /v1/resource-manager/domains/{domain_id}/policy-assignments/{policy_assignment_id}/remediation-execution-statuses/summary | rms:policyAssignmentsRemediation:listRemediationExecutionStatuses | - | √ | x |
授予权限查看合规结果列表 | GET /v1/resource-manager/domains/{domain_id}/policy-states/statistics | rms:policyStates:list | - | √ | x |
