Cloud Services Supported by IAM
If you want to grant an IAM user permissions for specific resources, create a custom policy that contains permissions for the resources, and assign the policy to the user. The user then only has the permissions for the specified resources. For example, to grant an IAM user permissions for buckets whose names start with TestBucket, create a custom policy, specify the resource path as OBS:*:*:bucket:TestBucket*, and assign the policy to the user.
The following table lists the cloud services that support resource-level authorization and the supported resource types.
|
Service |
Resource Type |
Resource Name |
|---|---|---|
|
bucket |
Bucket |
|
|
object |
Object |
|
|
product |
Product |
|
|
node |
Edge node |
|
|
group |
Edge node group |
|
|
deployment |
Deployment |
|
|
batchjob |
Batch job |
|
|
application |
Application template |
|
|
appVersion |
Application template version |
|
|
IEFInstance |
IEF instance |
|
|
queue |
DLI queue |
|
|
database |
DLI database |
|
|
table |
DLI table |
|
|
column |
DLI column |
|
|
datasourceauth |
DLI security authentication information |
|
|
jobs |
DLI job |
|
|
graphName |
GES graph name |
|
|
backupName |
GES backup name |
|
|
function |
Function |
|
|
trigger |
Trigger |
|
|
rabbitmq |
RabbitMQ instance |
|
|
kafka |
Kafka instance |
|
|
app |
Resource space ID |
|
|
KeyId |
Key ID |
|
|
Autonomous Driving Cloud Service (Octopus) |
dataset |
Dataset |
|
replay |
Replay |
|
|
cluster |
Cluster |
Last Article: Custom Policy Use Cases
Next Article: Projects
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.