策略授权参考
本章节介绍SecMaster基于策略授权场景下支持的策略授权项。
支持的授权项
策略包含系统策略和自定义策略,如果系统策略不满足授权要求,管理员可以创建自定义策略,并通过给用户组授予自定义策略来进行精细的访问控制。策略支持的操作与API相对应,授权项列表说明如下:
- 权限:允许或拒绝对指定资源在特定条件下进行某项操作。
- 对应API接口:自定义策略实际调用的API接口。
- 授权项:自定义策略中支持的Action,在自定义策略中的Action中写入授权项,可以实现授权项对应的权限功能。
- 依赖的授权项:部分Action存在对其他Action的依赖,需要将依赖的Action同时写入授权项,才能实现对应的权限功能。
- IAM项目(Project)/企业项目(Enterprise Project):自定义策略的授权范围,包括IAM项目与企业项目。授权范围如果同时支持IAM项目和企业项目,表示此授权项对应的自定义策略,可以在IAM和企业管理两个服务中给用户组授权并生效。如果仅支持IAM项目,不支持企业项目,表示仅能在IAM中给用户组授权并生效,如果在企业管理中授权,则该自定义策略不生效。管理员可以在授权项列表中查看授权项是否支持IAM项目或企业项目,“√”表示支持,“×”表示暂不支持。关于IAM项目与企业项目的区别,详情请参见:IAM与企业管理的区别。
SecMaster的支持自定义策略授权项如下所示:
工作空间管理
权限 | 对应API接口 | 授权项(Action) | IAM项目 (Project) | 企业项目 (Enterprise Project) |
|---|---|---|---|---|
查询工作空间列表 | GET /v1/{project_id}/workspaces | secmaster:workspace:listWorkspace | √ | × |
创建工作空间 | POST /v1/{project_id}/workspaces | secmaster:workspace:createWorkspace | √ | × |
更新工作空间 | PUT /v1/{project_id}/workspaces/{workspace_id} | secmaster:workspace:updateWorkspace | √ | × |
获取工作空间详情 | GET /v1/{project_id}/workspaces/{workspace_id} GET /v1/{project_id}/workspaces/{workspace_id}/recollect | secmaster:workspace:getWorkspace | √ | × |
删除工作空间 | DELETE /v1/{project_id}/workspaces/{workspace_id} | secmaster:workspace:deleteWorkspace | √ | × |
安全报告管理
权限 | 对应API接口 | 授权项(Action) | IAM项目 (Project) | 企业项目 (Enterprise Project) |
|---|---|---|---|---|
列出报告 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports | secmaster:report:list | √ | × |
查看报告 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} | secmaster:report:get | √ | × |
创建报告 | POST /v1/{project_id}/workspaces/{workspace_id}/sa/reports | secmaster:report:create | √ | × |
更新报告 | PUT /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} | secmaster:report:update | √ | × |
删除报告 | DELETE /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} | secmaster:report:delete | √ | × |
SecMaster支持的授权项
权限 | 对应API接口 | 授权项(Action) | IAM项目 (Project) | 企业项目 (Enterprise Project) |
|---|---|---|---|---|
授予权限获取剧本详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id} | secmaster:playbook:get | √ | × |
授予权限创建剧本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks | secmaster:playbook:create | √ | × |
授予权限删除剧本 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id} | secmaster:playbook:delete | √ | × |
授予权限更新剧本 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id} | secmaster:playbook:update | √ | × |
授予权限获取剧本列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks | secmaster:playbook:list | √ | × |
授予权限获取剧本统计数据 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/statistics | secmaster:playbook:getStatistics | √ | × |
授予权限获取剧本运行监控数据 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}/monitor | secmaster:playbook:getMonitor | √ | × |
授予权限克隆剧本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/clone | secmaster:playbook:copyVersion | √ | × |
授予权限审核剧本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id}/approve | secmaster:playbook:approve | √ | × |
授予权限创建剧本版本Action | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions | secmaster:playbook:createVersionAction | √ | × |
授予权限创建剧本版本规则 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/rules | secmaster:playbook:createVersionRule | √ | × |
授予权限删除剧本版本Action | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions/{action_id} | secmaster:playbook:deleteVersionAction | √ | × |
授予权限删除剧本版本规则 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/rules/{rule_id} | secmaster:playbook:deleteVersionRule | √ | × |
授予权限获取剧本版本规则详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/rules/{rule_id} | secmaster:playbook:getVersionRule | √ | × |
授予权限查询剧本版本Action列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions | secmaster:playbook:listVersionActions | √ | × |
授予权限更新剧本版本Action | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions/{action_id} | secmaster:playbook:updateVersionAction | √ | × |
授予权限更新剧本版本规则 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{version_id}/actions/{action_id} | secmaster:playbook:updateVersionRule | √ | × |
授予权限查询审核列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/approval | secmaster:playbook:listApproves | √ | × |
授予权限查询实例列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances | secmaster:playbook:listInstances | √ | × |
授予权限查询实例审计日志列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/auditlogs | secmaster:playbook:getInstanceAuditlog | √ | × |
授予权限创建剧本版本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions | secmaster:playbook:createVersion | √ | × |
授予权限获取剧本版本 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id} | secmaster:playbook:getVersion | √ | × |
授予权限删除剧本版本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id} | secmaster:playbook:deleteVersion | √ | × |
授予权限更新剧本版本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/versions/{playbook_version_id} | secmaster:playbook:updateVersion | √ | × |
授予权限获取剧本版本列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/{playbook_id}/versions | secmaster:playbook:listVersions | √ | × |
授予权限查询实例详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id} | secmaster:playbook:getInstance | √ | × |
授予权限查询实例拓扑详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id}/topology | secmaster:playbook:getInstanceTopology | √ | × |
授予权限操作剧本实例 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/instances/{instance_id}/operation | secmaster:playbook:operateInstance | √ | × |
授予权限查询流程列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows | secmaster:workflow:list | √ | × |
授予权限获取流程的详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id} | secmaster:workflow:get | √ | × |
授予权限删除流程 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id} | secmaster:workflow:delete | √ | × |
授予权限创建流程 | GET /v1/{project_id}/workspacesPOST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows | secmaster:workflow:create | √ | × |
授予权限更新流程 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id} | secmaster:workflow:update | √ | × |
授予权限获取流程版本的列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions | secmaster:workflow:listVersions | √ | × |
授予权限获取流程的版本详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id} | secmaster:workflow:getVersion | √ | × |
授予权限删除流程的版本 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id} | secmaster:workflow:deleteVersion | √ | × |
授予权限创建流程版本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions | secmaster:workflow:createVersion | √ | × |
授予权限更新流程的版本 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id} | secmaster:workflow:updateVersion | √ | × |
授予权限审核流程版本 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}/approval | secmaster:workflow:approveVersion | √ | × |
授予权限校验流程的版本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/validation | secmaster:workflow:validate | √ | × |
授予权限更新流程版本调试结果 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/versions/{version_id}/debug/result | secmaster:workflow:simulate | √ | × |
授予权限流程实例拓扑图 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/instances/{instance_id}/topology | secmaster:workflow:getInstance | √ | × |
授予权限更新或创建流程实例 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/workflows/{workflow_id}/instances | secmaster:workflow:operateInstance | √ | × |
授予权限查询资产连接列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials | secmaster:connection:list | √ | × |
授予权限创建资产连接 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials | secmaster:connection:create | √ | × |
授予权限获取资产连接详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id} | secmaster:connection:get | √ | × |
授予权限删除资产连接 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id} | secmaster:connection:delete | √ | × |
授予权限更新资产连接 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/assetcredentials/{asset_id} | secmaster:connection:update | √ | × |
授予权限查询待办列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/tasks | secmaster:task:list | √ | × |
授予权限创建待办 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/tasks | secmaster:task:create | √ | × |
授予权限更新待办 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/tasks/{task_id} | secmaster:task:update | √ | × |
授予权限获取待办详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/tasks/{task_id} | secmaster:task:get | √ | × |
授予权限获取情报详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id} | secmaster:indicator:get | √ | × |
授予权限创建情报 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators | secmaster:indicator:create | √ | × |
授予权限更新情报 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id} | secmaster:indicator:update | √ | × |
授予权限删除情报 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/{indicator_id} | secmaster:indicator:delete | √ | × |
授予权限查询情报列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/search | secmaster:indicator:list | √ | × |
授予权限查询情报类型列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/types | secmaster:indicator:listTypes | √ | × |
授予权限绑定情报类型与布局关联 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/types/layout | secmaster:indicator:bindLayout | √ | × |
授予权限获取告警详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/{alert_id} | secmaster:alert:get | √ | × |
授予权限创建告警 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts | secmaster:alert:create | √ | × |
授予权限更新告警 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/{alert_id} | secmaster:alert:update | √ | × |
授予权限搜索告警列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/search | secmaster:alert:list | √ | × |
授予权限删除告警 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/alerts | secmaster:alert:delete | √ | × |
授予权限告警转事件 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/batch-order | secmaster:alert:batchOrders | √ | × |
授予权限查询告警类型列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types | secmaster:alert:listTypes | √ | × |
授予权限查询告警类别列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/category | secmaster:alert:listCategories | √ | × |
授予权限创建告警类型 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types | secmaster:alert:createType | √ | × |
授予权限修改告警类型 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/{dataclass_type_id} | secmaster:alert:updateType | √ | × |
授予权限删除告警类型 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types | secmaster:alert:deleteType | √ | × |
授予权限启用/禁用告警类型 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/enable | secmaster:alert:enableType | √ | × |
授予权限绑定告警类型与布局关联 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/types/layout | secmaster:alert:bindLayout | √ | × |
授予权限获取事件详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id} | secmaster:incident:get | √ | × |
授予权限创建事件 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents | secmaster:incident:create | √ | × |
授予权限更新事件 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/{incident_id} | secmaster:incident:update | √ | × |
授予权限搜索事件列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/search | secmaster:incident:list | √ | × |
授予权限获取事件的类型列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types | secmaster:incident:listTypes | √ | × |
授予权限删除事件 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/incidents | secmaster:incident:delete | √ | × |
授予权限查询事件类别列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/category | secmaster:incident:listCategories | √ | × |
授予权限创建事件类型 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types | secmaster:incident:createType | √ | × |
授予权限修改事件类型 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/{dataclass_type_id} | secmaster:incident:updateType | √ | × |
授予权限删除事件类型 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types | secmaster:incident:deleteType | √ | × |
授予权限启用/禁用事件类型 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/alerts/incidents/enable | secmaster:incident:enableType | √ | × |
授予权限绑定事件类型与布局的关联 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/incidents/types/layout | secmaster:incident:bindLayout | √ | × |
授予权限创建对象关系 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type} | secmaster:dataobject:createRelation | √ | × |
授予权限删除对象关系 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type} | secmaster:dataobject:deleteRelation | √ | × |
授予权限搜索对象关系列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/{dataclass_type}/{data_object_id}/{related_dataclass_type}/search | secmaster:dataobject:listRelation | √ | × |
授予权限查询漏洞组列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/search | secmaster:vulnerability:listGroup | √ | × |
授予权限获取漏洞组详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/{vul_id} | secmaster:vulnerability:getGroup | √ | × |
授予权限导出漏洞组列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerability/export | secmaster:vulnerability:exportGroup | √ | × |
授予权限查询漏洞类型列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types | secmaster:vulnerability:listType | √ | × |
授予权限绑定漏洞类型与布局关联 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/layout | secmaster:vulnerability:bindLayout | √ | × |
授予权限创建漏洞类型 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types | secmaster:vulnerability:createType | √ | × |
授予权限修改漏洞类型 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/{dataclass_type_id} | secmaster:vulnerability:updateType | √ | × |
授予权限删除漏洞类型 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types | secmaster:vulnerability:deleteType | √ | × |
授予权限启用/禁用漏洞类型 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/vulnerabilities/types/enable | secmaster:vulnerability:enableType | √ | × |
授予权限删除按需订单 | DELETE /v1/{project_id}/subscriptions/orders | secmaster:subscription:deletePostPaidOrder | √ | × |
授予权限创建按需订单 | POST /v1/{project_id}/subscriptions/orders | secmaster:subscription:createPostPaidOrder | √ | × |
授予权限创建包周期订单 | POST /v1/{project_id}/subscriptions/orders/{order_id} | secmaster:subscription:createPrePaidOrder | √ | × |
授予权限查看订购版本 | GET /v1/{project_id}/subscriptions/version | secmaster:subscription:getVersion | √ | × |
授予权限查看指标结果 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/{metric_id}/result | secmaster:metric:getResult | √ | × |
授予权限列出指标结果 | POST /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/results | secmaster:metric:listResults | √ | × |
授予权限列出指标Hits结果 | POST /v1/{project_id}/workspaces/{workspace_id}/sa/metrics/hits | secmaster:metric:listHits | √ | × |
授予权限查看委托 | GET /v1/{project_id}/agency | secmaster:agency:get | √ | × |
授予权限创建委托 | POST /v1/{project_id}/agency | secmaster:agency:create | √ | × |
授予权限查看资源统计 | GET /v1/{project_id}/workspaces/{workspace_id}/resource-statistics | secmaster:resource:getStatistics | √ | × |
授予权限列出资源 | GET /v1/{project_id}/workspaces/{workspace_id}/resources | secmaster:resource:list | √ | × |
授予权限导入资源 | POST /v1/{project_id}/workspaces/{workspace_id}/sa/resources/import | secmaster:resource:import | √ | × |
授予权限获取资源导入模板 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/resource/template | secmaster:resource:getTemplate | √ | × |
授予权限列出报告 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports | secmaster:report:list | √ | × |
授予权限查看报告 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} | secmaster:report:get | √ | × |
授予权限创建报告 | POST /v1/{project_id}/workspaces/{workspace_id}/sa/reports | secmaster:report:create | √ | × |
授予权限更新报告 | PUT /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} | secmaster:report:update | √ | × |
授予权限删除报告 | DELETE /v1/{project_id}/workspaces/{workspace_id}/sa/reports/{report_id} | secmaster:report:delete | √ | × |
授予权限设置应急漏洞读取状态 | POST /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/read-status | secmaster:emergencyVulnerability:updateReadStatus | √ | × |
授予权限列出应急漏洞 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/list | secmaster:emergencyVulnerability:list | √ | × |
授予权限导出应急漏洞 | GET /v1/{project_id}/workspaces/{workspace_id}/sa/vulnerability/export | secmaster:emergencyVulnerability:export | √ | × |
授予权限查询数据空间列表 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces | secmaster:dataspace:list | √ | × |
授予权限创建数据空间 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces | secmaster:dataspace:create | √ | × |
授予权限查询数据空间详情 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id} | secmaster:dataspace:get | √ | × |
授予权限更新数据空间 | PUT /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id} | secmaster:dataspace:update | √ | × |
授予权限删除数据空间 | DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/dataspaces/{dataspace_id} | secmaster:dataspace:delete | √ | × |
授予权限查询数据管道列表 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes | secmaster:pipe:list | √ | × |
授予权限创建数据管道 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/pipes | secmaster:pipe:create | √ | × |
授予权限查询数据管道详情 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id} | secmaster:pipe:get | √ | × |
授予权限更新数据管道 | PUT /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id} | secmaster:pipe:update | √ | × |
授予权限删除数据管道 | DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id} | secmaster:pipe:delete | √ | × |
授予权限查询数据管道索引 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/index | secmaster:pipe:getIndex | √ | × |
授予权限更新数据管道索引 | PUT /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/index | secmaster:pipe:updateIndex | √ | × |
授予权限查询数据管道消费 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption | secmaster:pipe:getConsumption | √ | × |
授予权限创建数据管道消费 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption | secmaster:pipe:createConsumption | √ | × |
授予权限删除数据管道消费 | DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/pipes/{pipe_id}/consumption | secmaster:pipe:deleteConsumption | √ | × |
授予权限查询数据 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/logs | secmaster:search:listLogs | √ | × |
授予权限查询数据分布直方图 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/histograms | secmaster:search:listHistograms | √ | × |
授予权限执行分析 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/analysis | secmaster:search:createAnalysis | √ | × |
授予权限查询检索条件列表 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions | secmaster:searchCondition:list | √ | × |
授予权限创建检索条件 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions | secmaster:searchCondition:create | √ | × |
授予权限查询检索条件详情 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id} | secmaster:searchCondition:get | √ | × |
授予权限更新检索条件 | PUT /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id} | secmaster:searchCondition:update | √ | × |
授予权限删除检索条件 | DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/search/conditions/{condition_id} | secmaster:searchCondition:delete | √ | × |
授予权限查询告警模型 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules | secmaster:alertRule:list | √ | × |
授予权限创建告警模型 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules | secmaster:alertRule:create | √ | × |
授予权限查询告警模型详情 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/{rule_id} | secmaster:alertRule:get | √ | × |
授予权限修改告警模型 | PUT /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/{rule_id} | secmaster:alertRule:update | √ | × |
授予权限删除告警模型 | DELETE /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules | secmaster:alertRule:delete | √ | × |
授予权限启用告警模型 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/enable | secmaster:alertRule:enable | √ | × |
授予权限停用告警模型 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/disable | secmaster:alertRule:disable | √ | × |
授予权限查询告警模型总览 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/metrics | secmaster:alertRule:listMetrics | √ | × |
授予权限模拟告警模型 | POST /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/simulation | secmaster:alertRule:createSimulation | √ | × |
授予权限查询告警模板 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates | secmaster:alertRuleTemplate:list | √ | × |
授予权限查询告警模板详情 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates/{template_id} | secmaster:alertRuleTemplate:get | √ | × |
授予权限查询告警模板总览 | GET /v1/{project_id}/workspaces/{workspace_id}/siem/alert-rules/templates/metrics | secmaster:alertRuleTemplate:listMetrics | √ | × |
授予权限创建数据类 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses | secmaster:dataclass:create | √ | × |
授予权限更新数据类 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id} | secmaster:dataclass:update | √ | × |
授予权限删除数据类 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id} | secmaster:dataclass:delete | √ | × |
授予权限获取数据类详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id} | secmaster:dataclass:get | √ | × |
授予权限查询数据类列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses | secmaster:dataclass:list | √ | × |
授予权限创建字段 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields | secmaster:dataclass:createField | √ | × |
授予权限更新字段 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields/{field_id} | secmaster:dataclass:updateField | √ | × |
授予权限删除字段 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields | secmaster:dataclass:deleteField | √ | × |
授予权限获取字段详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields/{field_id} | secmaster:dataclass:getField | √ | × |
授予权限查询字段列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/fields | secmaster:dataclass:listFields | √ | × |
授予权限获取类型详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/types/{dataclass_type_id} | secmaster:dataclass:getType | √ | × |
授予权限查询类型列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/dataclasses/{dataclass_id}/types | secmaster:dataclass:listTypes | √ | × |
授予权限更新分类映射状态 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id}/status | secmaster:mapping:update | √ | × |
授予权限搜索分类映射列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/search | secmaster:mapping:list | √ | × |
授予权限获取分类映射数据源 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/data-source | secmaster:mapping:getDatasource | √ | × |
授予权限获取分类映射函数 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/functions | secmaster:mapping:listFunctions | √ | × |
授予权限删除分类映射 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id} | secmaster:mapping:delete | √ | × |
授予权限复制分类映射 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/{mapping_id}/clone | secmaster:mapping:copy | √ | × |
授予权限创建分类 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers | secmaster:mapping:createClassifier | √ | × |
授予权限更新分类 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id} | secmaster:mapping:updateClassifier | √ | × |
授予权限获取分类信息 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id} | secmaster:mapping:getClassifier | √ | × |
授予权限删除分类 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/classifiers/{classifier_id} | secmaster:mapping:deleteClassifier | √ | × |
授予权限创建映射 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers | secmaster:mapping:createMapper | √ | × |
授予权限更新映射 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id} | secmaster:mapping:updateMapper | √ | × |
授予权限查询映射列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/search | secmaster:mapping:listMappers | √ | × |
授予权限获取映射信息 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id} | secmaster:mapping:getMapper | √ | × |
授予权限删除映射 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/mappings/mappers/{mapper_id} | secmaster:mapping:deleteMapper | √ | × |
授予权限获取布局类型列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/business-type | secmaster:layout:listBusinessTypes | √ | × |
授予权限查询布局列表 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/search | secmaster:layout:list | √ | × |
授予权限创建布局 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts | secmaster:layout:create | √ | × |
授予权限删除布局 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts | secmaster:layout:delete | √ | × |
授予权限更新布局 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id} | secmaster:layout:update | √ | × |
授予权限查询布局 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id} | secmaster:layout:get | √ | × |
授予权限另存为模板 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/template | secmaster:layout:createTemplate | √ | × |
授予权限创建布局字段 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields | secmaster:layout:createField | √ | × |
授予权限获取布局字段列表 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields | secmaster:layout:listFields | √ | × |
授予权限获取布局字段详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields/{field_id} | secmaster:layout:getField | √ | × |
授予权限删除布局字段 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/fields | secmaster:layout:deleteField | √ | × |
授予权限获取页面 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/wizards | secmaster:layout:listWizards | √ | × |
授予权限创建页面 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/{layout_id}/wizards | secmaster:layout:createWizard | √ | × |
授予权限获取页面详情 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards/{wizard_id};/v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards | secmaster:layout:getWizard | √ | × |
授予权限删除页面 | DELETE /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards/{wizard_id} | secmaster:layout:deleteWizard | √ | × |
授予权限更新页面 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/layouts/wizards | secmaster:layout:updateWizard | √ | × |
授予权限目录列表查询 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/catalogues/search;/v1/{project_id}/workspaces/{workspace_id}/soc/catalogues | secmaster:catalogue:list | √ | × |
授予权限更新目录 | PUT /v1/{project_id}/workspaces/{workspace_id}/soc/catalogues/{catalogue_id} | secmaster:catalogue:update | √ | × |
授予权限导出剧本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/export | secmaster:playbook:export | √ | × |
授予权限导入剧本 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/playbooks/import | secmaster:playbook:import | √ | × |
授予权限下载指标模板 | GET /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/template/download | secmaster:indicator:downloadTemplate | √ | × |
授予权限导出指标 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/export | secmaster:indicator:export | √ | × |
授予权限导入指标 | POST /v1/{project_id}/workspaces/{workspace_id}/soc/indicators/import | secmaster:indicator:import | √ | × |
授予权限查询表 | GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables | secmaster:table:list | √ | × |
授予权限创建表 | -POST /v2/{project_id}/workspaces/{workspace_id}/siem/tables | secmaster:table:create | √ | × |
授予权限查询表详情 | GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id} | secmaster:table:get | √ | × |
授予权限修改表 | PUT /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id} | secmaster:table:update | √ | × |
授予权限删除表 | DELETE /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id} | secmaster:table:delete | √ | × |
授予权限锁止表 | POST /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/lock | secmaster:table:createLock | √ | × |
授予权限解锁表 | DELETE /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/lock | secmaster:table:deleteLock | √ | × |
授予权限查询表总览 | GET /v2/{project_id}/workspaces/{workspace_id}/siem/tables/metrics | secmaster:table:listMetrics | √ | × |
授予权限设计表 | PUT /v2/{project_id}/workspaces/{workspace_id}/siem/tables/{table_id}/schema | secmaster:table:updateSchema | √ | × |
