Supported Actions in RBAC

Supported Actions

Enterprise Router provides system-defined policies that can be directly used. You can also create custom policies to work with system-defined policies for more refined access control. Actions supported by policies are specific to APIs. Common concepts related to policies include:

• Permissions: allow or deny operations on specified resources under specific conditions.
• APIs: REST APIs that can be called by a user who has been granted specific permissions.
• Actions: specific operations that are allowed or denied.
• Related actions: actions on which a specific action depends. When assigning permissions for the action to a user, you also need to assign permissions for the dependent actions.
• IAM projects or enterprise projects: type of projects for which an action will take effect. For example, if you set the authorization scope of a custom policy to both IAM projects and enterprise projects, the policy takes effect for user groups in either IAM or enterprise projects. If the authorization scope is set to IAM projects only, the custom policy will take effect only for user groups in IAM projects. Administrators can check whether an action supports IAM projects or enterprise projects in the action list. "√" indicates that the action supports the project and "×" indicates that the action does not support the project.