Agency Policies Obtained After the Access To Assets Is Allowed
After the access to cloud resources is allowed, DSC can access your OBS buckets, databases, big data assets, and asset map. Table 1 describes the agency policies obtained after the access is allowed.
Asset |
Policy |
Scope |
Remarks |
---|---|---|---|
OBS |
OBS Administrator |
Global |
Used to configure OBS logs, obtain the OBS bucket list, and download items form OBS. |
EVS ReadOnlyAccess |
Regional |
Used to obtain the EVS disk list. |
|
OBS Administrator |
Global |
Used to obtain the logs delivered by OBS. |
|
Database |
ECS ReadOnlyAccess |
Regional |
Used to obtain the list of ECSs where databases are built. |
RDS ReadOnlyAccess |
Regional |
Used to obtain the RDS database list and related information. |
|
DWS ReadOnlyAccess |
Regional |
Used to obtain the DWS instance list. |
|
VPC FullAccess |
Regional |
Used to establish network connection and create VPC ports and security group rules |
|
KMS CMKFullAccess |
Regional |
Used to perform encryption using KMS in data masking. |
|
GaussDB ReadOnlyAccess |
Regional |
Used to obtain the GaussDB list. |
|
Big Data |
ECS ReadOnlyAccess |
Regional |
Used to obtain the list of ECSs where big data sources reside. |
CSS ReadOnlyAccess |
Regional |
Used to obtain the CSS data cluster list and data indexes. |
|
DLI Service User |
Regional |
Used to obtain the DLI queue and database. |
|
VPC FullAccess |
Regional |
Used to establish network connection and create VPC ports and security group rules. |
|
KMS CMKFullAccess |
Regional |
Used to perform encryption using KMS in data masking. |
|
MRS |
MRS CommonOperations |
Regional |
Used for cluster query and task creation. |
Asset Map |
Tenant Guest |
Regional |
Used to obtain the list of cloud services used for data storage and processing. |
OBS Administrator |
Global |
Used to configure OBS logs, obtain the OBS bucket list, and download items form OBS. |
|
EVS ReadOnlyAccess |
Regional |
Used to obtain the EVS disk list. |
|
OBS Administrator |
Global |
Used for OBS to deliver logs. |
|
LTS |
LTS ReadOnlyAccess |
Region |
Used to read LTS log groups or log streams. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.