DLI Request Conditions
Request conditions are useful in determining when a custom policy takes effect. A request condition consists of a condition key and operator. Condition keys are either global or service-level and are used in the Condition element of a policy statement. Global condition keys (starting with g:) are available for operations of all services, while service-level condition keys (starting with a service name such as dli) are available only for operations of a specific service. An operator is used together with a condition key to form a complete condition statement.
DLI has a group of predefined condition keys that can be used in IAM. For example, to define an allow permission, you can use the condition key hw:SourceIp to filter matching requesters by IP addresses. The following table lists the predefined condition keys of DLI.
| Condition Key | Operator | Description |
|---|---|---|
| g:CurrentTime | Date and time | Time when an authentication request is received NOTE: The time is expressed in the format defined by ISO 8601, for example, 2012-11-11T23:59:59Z. |
| g:MFAPresent | Boolean | Whether multi-factor authentication is used during user login |
| g:UserId | String | ID of the current login user |
| g:UserName | String | Current login user |
| g:ProjectName | String | Project that you have logged in to |
| g:DomainName | String | Domain that you have logged in to |
Last Article: DLI Resources
Next Article: Common Operations Supported by DLI System Policy
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.