هذه الصفحة غير متوفرة حاليًا بلغتك المحلية. نحن نعمل جاهدين على إضافة المزيد من اللغات. شاكرين تفهمك ودعمك المستمر لنا.
- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Permissions Management
- Settings Management
- Migration Surveys
- Resource Discovery
- Application Management
- Big Data Lineage
- Migration Solutions
- Migration Plans
- Migration Clusters
- Migration Workflows
- Big Data Migration
- Big Data Verification
-
Tool Guide
- Overview
- Installing Edge
- Local Discovery and Collection
- Connecting Edge to MgC
- Edge Discovery
-
Tool Discovery
- Creating a Collection Task
- Managing Collectors
-
Configuring Collector Parameters
- Kubernetes Static Collector (app-discovery-k8s)
- Kubernetes Conntrack Collector (app-discovery-k8s-conntrack)
- Kubernetes Pod Network Collector (app-discovery-k8s-pod-net)
- Process and Network Collector (app-discovery-process-netstat)
- Windows Process and Network Collector (app-discovery-process-netstat-win)
- RabbitMQ Collector (app-discovery-rabbitmq)
- Kafka Collector (app-discovery-kafka)
- Eureka Collector (app-discovery-eureka)
- Redis Collector (app-discovery-redis)
- MongoDB Collector (app-discovery-mongodb)
- MySQL-General Log Collector (app-discovery-mysql-generallog)
- MySQL-JDBC Collector (app-discovery-mysql-jdbc)
- Nginx Configuration Collector (app-discovery-nginx)
- Cloud VPC Log Collector (app-discovery-cloud-vpc-log)
- Nacos Collector (app-discovery-nacos)
- Application Configuration Collector (app-discovery-application-config)
- Best Practices
-
FAQs
- What Are the Requirements on the Server for Installing Edge?
- How Do I Run Edge in Compatibility Mode?
- What Can I Do If the Edge Device Is Offline?
- Why Can't Edge Start After Being Installed?
- How Do I Upgrade Edge to the Latest Version?
- How Do I Uninstall Edge?
- How Do I Restart Edge?
- How Do I Check the Current Edge Version?
- How Do I Fix the Error "The collector is not installed" When a Discovery Task Fails?
- How Do I Obtain the Hive Metastore Credential Files?
- What Can I Do If the Port Required by Edge Is Occupied and the Installation Fails?
- What Can I Do If AK/SK Verification Fails?
- How Do I Configure WinRM and Troubleshoot WinRM Connection Problems?
- What Do I Do If the Credential List Is Empty When I Create a Data Connection for Big Data Verification?
-
Best Practices
- Configuring Permissions Required for Server Migration
-
Server Migration
- Network Requirements for Server Migration
- Migrating On-premises Servers to Huawei Cloud
- Migrating Servers from Alibaba Cloud to Huawei Cloud
- One-stop Cross-AZ ECS Migration
- Migrating Servers Across AZs on Huawei Cloud
- Migrating Servers to FlexusX Instances (Original HECS X Instances)
- Keeping Private IP Addresses of Servers Unchanged After the Migration
- Batch Modifying and Restoring the Host Configurations for Linux Source Servers
- Batch Modifying and Restoring the Host Configurations for Windows Source Servers
-
Storage Migration
- Migrating Data from Other Cloud Platforms to Huawei Cloud
- Migrating Data from Multiple Source Buckets by Prefix
- Migrating Archive (Cold) Data
- Migrating Data from SFS 1.0 to SFS 3.0
- Performing a NAS-to-NAS Migration and Service Cutover
- Migrating File Systems in Batches
- Migrating Data from MinIO to Huawei Cloud OBS over HTTP
- Migrating Data from Ceph to Huawei Cloud OBS over HTTP
- Reducing Disk Capacity for Target Servers
- Resizing Disks and Partitions for Target Servers
- Collecting Details of Azure Kubernetes Service (AKS) Resources
- Collecting Details of Google Cloud GKE Resources
- Collecting Details of AWS Container Resources
-
Verifying Big Data Consistency After Migration
- Verifying the Consistency of Data Migrated from MaxCompute to DLI
- Verifying the Consistency of Data Migrated Between MRS ClickHouse Clusters
- Verifying the Consistency of Data Migrated from Alibaba Cloud EMR ClickHouse to Huawei Cloud MRS ClickHouse
- Verifying the Consistency of Data Migrated from Alibaba Cloud ApsaraDB for ClickHouse to Huawei Cloud MRS ClickHouse
- Verifying the Consistency of Data Migrated from Alibaba Cloud ApsaraDB for ClickHouse to Huawei Cloud CloudTable ClickHouse
- Verifying the Consistency of Data Migrated Between MRS Doris Clusters
- Verifying the Consistency of Data Migrated Between MRS Doris Clusters or from CDH or EMR to MRS Doris
- Verifying the Consistency of Data Migrated from Alibaba Cloud MaxCompute to Huawei Cloud DLI
- Verifying the Consistency of Data Migrated Between MRS HBase Clusters
- Verifying the Consistency of Data Migrated from Delta Lake (with Metadata) to MRS Delta Lake
- Verifying the Consistency of Data Migrated from Delta Lake (without Metadata) to MRS Delta Lake
- Migrating Big Data Without Using the Internet
-
FAQs
-
Product Consultation
- How Do I Assign the Permissions Required for Using MgC to IAM Users?
- How Do I Prepare for Using MgC?
- How Do I Fix the Error "Failed to access IAM. Check the current user's IAM permissions"?
- Why Can't I Sign the Privacy Statement and Use MgC?
- How Does MgC Ensure Data Security?
- Does Data Collection Affect My Source Services?
-
Network Settings
- What Can I Do If a Source Server Fails the Migration Readiness Check Because Its IP address or Port Is Unreachable?
- What Can I Do If a Source Server Fails the Migration Readiness Check Because the Username or Password Is Incorrect?
- What Can I Do If a Source Server Fails the Migration Readiness Check Because Delivering Commands to Edge Fails?
- What Can I Do If a Source Server Fails the Migration Readiness Check Due to an Unreachable Port, Incorrect Firewall Settings, or Insufficient Access Permissions?
- What Can I Do If Deep Collection Fails on a Source Server Due to Disabled WinRM or an Unreachable IP Address or Port?
-
Server Migration
- Why the Workflow Status Is Always "Running"?
- How Do I View the Migration Progress When the Migration Workflow Is in the Running State?
- How Do I Fix the Error "Edge is not accessible" When a Step in the Migration Workflow Fails?
- How Do I Fix the Error "server require to bind credential first..." When the Migration Workflow Fails on a Source Server?
- How Do I Handle Resource Exceptions during a Batch Server Migration?
- What Are the Known Errors Related to Server Migration Workflows and How Can I Fix Them?
- What Can I Do If an Error Occurs During the Migration of a VMware Server?
- What Are the Information Mappings Between MgC and SMS?
- Why Is the Migration Progress Inconsistent Between MgC and SMS?
- What Do I Do If I Use a sudo User to Migrate a Source Server and the Server Fails the Source Environment Check?
- What Can I Do If the StartUpAgent Step Fails and the Error Message "System.OutOfMemoryException" Is Displayed?
- How Do I Fix the Error "SMS-Workflow.0503: SMS migration task failed. SMS.xxxx?"
-
Storage Migration
- What Are the Restrictions on Using MgC for Storage Migration?
- What Are the Requirements for the Source and Target Environments?
- How Do I Choose the Right Specifications for a Migration Cluster?
- What Affects the Migration Speed of Large Objects?
- What Affects the Migration Speed of Small Objects?
- How Do I View Key Metrics that Affect the Migration Speed?
- Why Is My Storage Migration Workflow Stalled for a Long Time?
- When I Migrate HTTP/HTTPS Data to Huawei Cloud OBS, How Are the Objects with the Same Name but Different URLs Processed?
- When I Migrate Data from OBS to NAS on Huawei Cloud, How Are Objects with the Same Name but Different Capitalization Processed?
- What Are the Constraints on the Length of Object Paths for Migrations Between OBS, NAS, and SMB Storage Systems on Huawei Cloud?
- How Do I Resolve the Problem that a Migration Cluster Fails to Be Created?
- How Do I Obtain Credentials for Accessing Microsoft Azure?
- What Do I Do If the Storage Migration Workflow Fails and "COMPARISON_ATTRIBUTE_NOT_SAME" Is Displayed?
- How Do I Choose Storage Classes?
- Cross-AZ Migration
- TCO Analysis
-
Resource Discovery
- Known Resource Discovery Problems and Solutions
- Where Can I Find the Collection Failure Cause?
- What Can I Do If an Internet Discovery Task Fails and the Error Message "Network connection timed out" or "Other exception" Is Displayed?
- How Do I Collect Data from a Data Source Again If the Previous Collection Fails?
- How Do I Obtain the Cloud Platform Credentials (AK/SK Pairs)?
- How Do I Obtain the Information for Adding Azure Credentials to MgC?
- How Do I Obtain the Required Credentials Before Using MgC to Perform a Deep Collection for My Azure Object Storage Resources?
- How Do I Configure the Permissions Required for Collecting Details of Azure Containers?
- How Do I Convert the Encoding Format of a CSV File to UTF-8?
- What Can I Do If the Collected Disk Information Is Empty or Incorrect After a Deep Collection Is Performed for a Windows Source Server?
- What Can I Do If the Collected OS Information Is Incorrect After a Deep Collection Is Performed for a Windows Source Server?
- What Can I Do If an RVTools Import Fails?
-
Target Recommendations
- Where Can I Find the Assessment Failure Cause?
- Why Can't I Manually Select Target Server Specifications and Disk Types?
- What Can I Do If a Server Assessment Fails and the System Displays a Message Indicating No Proper Specifications Are Matched?
- What Can I Do If a Server Assessment Fails Because the Target Server Specifications Do Not Support Windows Images?
- What Types of Databases Can I Assess Using MgC?
- How Does MgC Generate Target Recommendations?
- Big Data Migration
-
Big Data Verification
- What Do I Do If the Credential List Is Empty When I Create a Data Connection for Big Data Verification?
- Why Are 0 or -1 Displayed in the Hive Verification Results?
- Why Does a Field in Hive Fail the Sum Verification?
- Why Do a Large Number of Tables Fail to Be Verified in a DLI Verification Task?
- How Do I Optimize the Verification Task When the Delta Lake Data Volume Is Large?
- Known Issues and Solutions
-
Product Consultation
- General Reference
Show all
Copied.
Permissions Required for Data Collection over the Internet
The tables below describe the permissions required for collecting resource details from supported cloud platforms over the Internet.
Alibaba Cloud Data Collection
The following table lists the permissions required for collecting data of Alibaba Cloud resources.
Resource Type |
Cloud Service |
Action |
Minimum Permission Policy |
---|---|---|---|
Servers |
Elastic Compute Service (ECS) |
ecs:DescribeInstances |
Read |
ecs:DescribeDisks |
List |
||
ecs:DescribeMetricData |
List |
||
Storage |
NAS |
nas:DescribeFileSystems |
Read |
Object Storage Service (OSS) |
ListBuckets |
oss:ListBuckets |
|
oss:DescribeMetricData |
List |
||
Databases |
Relational Database Service (RDS) |
rds:DescribeDBInstances |
Read |
rds:DescribeDBInstanceAttribute |
Read |
||
MongoDB |
rds:DescribeDBInstances |
Read |
|
rds:DescribeDBInstanceAttribute |
Read |
||
Middleware |
Redis |
kvstore:DescribeInstances |
List |
kvstore:DescribeInstanceAttribute |
Read |
||
kvstore:DescribeMetricData |
List |
||
Kafka |
alikafka:ListInstance |
Read |
|
kafka::DescribeMetricData |
List |
||
RocketMQ |
rocketmq:GetInstance |
Read |
|
rocketmq::DescribeMetricData |
List |
||
Containers |
K8S ACK |
cs:GetClusters |
Read |
cs:DescribeClusterDetail |
Read |
||
k8s::DescribeMetricData |
List |
||
Big data clusters |
Elastic MapReduce (EMR) |
emr:ListClusters |
List |
Networks |
CEN |
cen:ListTransitRouters |
Read |
cen:DescribeCenPrivateZoneRoutes |
Read |
||
cen:DescribeRouteServicesInCen |
Read |
||
cen:ListTransitRouterVpcAttachments |
List |
||
cen:ListTransitRouterVbrAttachments |
List |
||
cen:ListTransitRouterVpnAttachments |
List |
||
cen:DescribeCenAttachedChildInstances |
Read |
||
cen:DescribeCenAttachedChildInstanceAttribute |
Read |
||
cen:ListTransitRouterPeerAttachments |
Read |
||
cen:ListTransitRouterRouteTables |
Read |
||
cen:ListTransitRouterRouteEntries |
Read |
||
cen:ListTransitRouterRouteTableAssociations |
Read |
||
cen:ListTransitRouterPrefixListAssociation |
Read |
||
cen:DescribeCenRouteMaps |
Read |
||
cen:ListTransitRouterRouteTables |
Read |
||
cen:DescribeCenRegionDomainRouteEntries |
Read |
||
cen:ListTransitRouters |
Read |
||
cen:DescribeCens |
Read |
||
ALB |
alb:ListLoadBalancers |
Read |
|
alb:ListServerGroupServers |
Read |
||
CLB |
slb:DescribeLoadBalancers |
Read |
|
slb:DescribeLoadBalancerListeners |
Read |
||
slb:DescribeVServerGroupAttribute |
Read |
||
slb:DescribeMasterSlaveServerGroupAttribute |
Read |
||
slb:DescribeHealthStatus |
Read |
||
slb:DescribeMasterSlaveServerGroupAttribute |
Read |
||
slb:DescribeMasterSlaveServerGroups |
Read |
||
Virtual Private Cloud (VPC) |
vpc:DescribePhysicalConnections |
Read |
|
vpc:DescribeVirtualBorderRouters |
Read |
||
vpc:DescribeRouteTables |
Read |
||
vpc:DescribeRouteTableList |
List |
||
DNS |
alidns:DescribeDomainRecords |
Read |
|
alidns:DescribeDomains |
Read |
||
Private Zone |
pvtz:DescribeZoneVpcTree |
Read |
|
pvtz:DescribeZoneRecords |
Read |
||
Elastic IP (EIP) |
ens:DescribeEipAddresses |
Read |
|
NAT Gateway |
ens:DescribeNatGateways |
Read |
|
ens:DescribeSnatTableEntries |
List |
||
ens:DescribeForwardTableEntries |
List |
Huawei Cloud Data Collection
The following table lists the permissions required for collecting data of Huawei Cloud resources.
Resource Type |
Cloud Service |
Action |
Minimum Permission Policy |
---|---|---|---|
Servers |
ECS |
ecs:ListServersDetails ces:BatchListMetricData evs:ListVolumes eip:ListPublicips |
|
Containers |
CCE |
cce:ListNodes cce:ListClusters aom:ShowMetricsData |
|
Big data clusters |
MRS |
mrs:ListClusters mrs:ListHosts |
MRS ReadOnlyAccess |
Databases |
DDS |
dds:ListInstances dds:ListFlavors |
DDS ReadOnlyAccess |
RDS |
rds:ListInstances |
RDS ReadOnlyAccess |
|
Middleware |
Distributed Message Service (DMS) for Kafka |
dms:ListInstances dms:ShowInstance dms:ListAvailableZones dms:ShowCluster ces:BatchListMetricData |
DMS ReadOnlyAccess |
Distributed Cache Service (DCS) |
dcs:ListInstances dcs:ListFlavors dcs:ListGroupReplicationInfo ces:BatchListMetricData |
DCS ReadOnlyAccess |
|
Storage |
OBS |
obs:ListBuckets obs:GetBucketPolicy obs:GetBucketAcl obs:GetBucketLifecycle obs:GetBucketMetadata obs:GetBucketVersioning obs:GetBucketStorageInfo obs:GetBucketStoragePolicy ces:BatchListMetricData |
You need to create custom policies for actions that are not included in the preceding two policies. |
SFS Turbo |
sfsturbo:ListShares |
SFS Turbo ReadOnlyAccess |
|
Networks |
ELB |
elb:ListListeners elb:ListLoadbalancers elb:ListPools elb:ListL7policies elb:ListL7rules elb:ListMembers elb:ListFlavors vpc:ListSubnets |
ELB ReadOnlyAccess |
DNS |
dns:ListPublicZones dns:ListPrivateZones dns:ListRecordSetsByZone |
DNS ReadOnlyAccess |
|
EIP |
eip:ListPublicips |
EIP ReadOnlyAccess |
|
NAT |
nat:ListNatGateways nat:ListNatGatewayDnatRules nat:ListNatGatewaySnatRules vpc:ShowPort vpc:ShowSubnet vpc:ListSubnets |
NAT ReadOnlyAccess |
|
VPC |
vpc:ListRouteTables vpc:ShowRouteTable vpc:ListVpcs vpc:ListSecurityGroups vpc:ListSecurityGroupRules vpc:ListSubnets |
VPC ReadOnlyAccess |
AWS Data Collection
The following table lists the permissions required for collecting data of AWS resources.
Resource Type |
Cloud Service |
Action |
Minimum Permission Policy |
---|---|---|---|
Servers |
Elastic Compute Cloud (EC2) |
ec2:DescribeInstances |
AmazonEC2ReadOnlyAccess |
ec2:DescribeAddresses |
|||
ec2:DescribeImages |
|||
ec2:DescribeVolumes |
|||
cloudwatch:GetMetricStatistics |
|||
Storage |
Elastic File System (EFS) |
elasticfilesystem:DescribeFileSystems |
AmazonElasticFileSystemReadOnlyAccess |
elasticfilesystem:DescribeMountTargets |
|||
cloudwatch:GetMetricStatistics |
|||
S3 |
s3:ListObjectsV2 |
AmazonS3ReadOnlyAccess |
|
cloudwatch:GetMetricStatistics |
|||
Databases |
Relational Database Service (RDS) |
rds:DescribeDBClusters |
AmazonRDSReadOnlyAccess |
rds:DescribeDBInstances |
|||
ec2:DescribeSecurityGroups |
|||
Middleware |
ElastiCache |
elasticache:DescribeCacheClusters |
AmazonElastiCacheReadOnlyAccess |
elasticache:DescribeReplicationGroups |
|||
cloudwatch:GetMetricStatistics |
|||
Managed Streaming for Apache Kafka (MSK) |
kafka:ListClustersV2 |
AmazonMSKReadOnlyAccess |
|
cloudwatch:GetMetricStatistics |
|||
Containers |
Elastic Kubernetes Service (EKS) |
eks:DescribeCluster |
No corresponding permission policy is available. You need to create one. |
eks:ListClusters |
|||
ec2:DescribeInstances |
|||
ec2:DescribeSubnets |
|||
cloudwatch:GetMetricStatistics |
|||
Big data clusters |
Elastic MapReduce (EMR) |
elasticmapreduce:DescribeCluster |
AmazonEMRReadOnlyAccessPolicy_v2 |
elasticmapreduce:ListClusters |
|||
elasticmapreduce:ListInstanceGroups |
|||
elasticmapreduce:ListInstances |
|||
ec2:DescribeInstances |
AmazonEC2ReadOnlyAccess |
||
Networks |
Elastic IP (EIP) |
ec2:DescribeAddresses |
AmazonEC2ReadOnlyAccess |
Elastic Load Balancing (ELB) |
elasticloadbalancing:DescribeLoadBalancers |
ElasticLoadBalancingReadOnly |
|
NAT Gateway |
ec2:DescribeNatGateways |
AmazonEC2ReadOnlyAccess |
|
Route53(PublicDomain) |
route53:ListHostedZones |
AmazonRoute53ReadOnlyAccess |
|
route53:ListResourceRecordSets |
|||
RouteTable |
ec2:DescribeRouteTables |
AmazonEC2ReadOnlyAccess |
|
SecurityGroup |
ec2:DescribeSecurityGroups |
AmazonEC2ReadOnlyAccess |
|
ec2:DescribeSecurityGroupRules |
|||
Route53(VpcDomain) |
route53:GetHostedZone |
AmazonRoute53ReadOnlyAccess |
|
route53:ListHostedZones |
|||
route53:ListResourceRecordSets |
|||
Virtual Private Cloud (VPC) |
ec2:DescribeSubnets |
AmazonEC2ReadOnlyAccess |
|
ec2:DescribeVpcs |
Tencent Cloud Data Collection
The following table lists the permissions required for collecting data of Tencent Cloud resources.
Resource Type |
Cloud Service |
Action |
Minimum Permission Policy |
---|---|---|---|
Servers |
CVM |
cvm: DescribeInstances cvm: DescribeImages cvm:DescribeSecurityGroups cbs: DescribeDisks vpc: DescribeAddresses vpc: DescribeNetworkInterfaces vpc: DescribeSubnets monitor:GetMonitorData |
QcloudCVMReadOnlyAccess |
Databases |
CDB |
cdb:DescribeDBInstances |
QcloudCDBReadOnlyAccess |
PostgreSQL |
postgres:DescribeDBInstances |
QcloudPostgreSQLReadOnlyAccess |
|
MongoDB |
mongodb:DescribeDBInstances mongodb:DescribeDBInstanceNodeProperty |
QcloudMongoDBReadOnlyAccess |
|
SQLServer |
sqlserver:DescribeDBInstances sqlserver:DescribeReadOnlyGroupList |
QcloudSQLServerReadOnlyAccess |
|
Storage |
COS |
cos:GetService cos:GetBucketACL cos:GetBucketLifecycle cos:GetBucketVersioning monitor:GetMonitorData |
QcloudCOSReadOnlyAccess |
CFS |
cfs:DescribeCfsFileSystems cfs:DescribeMountTargets |
QcloudCFSReadOnlyAccess |
|
Networks |
DNSPod |
dnspod:DescribeDomainList dnspod:DescribeRecordList |
QcloudDNSPodReadOnlyAccess |
WAF |
waf:DescribeDomains waf:DescribeInstances |
QcloudWAFReadOnlyAccess |
|
CLB |
clb:DescribeLoadBalancersDetail clb:DescribeTargets cvm: DescribeInstances |
QcloudCLBReadOnlyAccess QcloudCVMReadOnlyAccess |
Azure Data Collection
The following table lists the permissions required for collecting data from Azure resources.
Resource Type |
Cloud Service |
Service |
Minimum Permission Policy |
---|---|---|---|
Servers |
Virtual Machines (VMs) |
Microsoft Classic Compute |
Microsoft.ClassicCompute/virtualMachines/read |
Microsoft Azure Monitor |
Microsoft.Insights/MetricDefinitions/Read |
||
Microsoft Network |
Microsoft.Network/networkInterfaces/read |
||
Storage |
Storage Accounts |
Microsoft Azure Monitor |
Microsoft.Insights/MetricDefinitions/Read |
Microsoft Classic Storage |
Microsoft.ClassicStorage/storageAccounts/read |
||
Databases |
Azure Database for PostgreSQL - Flexible Server |
Microsoft Management |
Microsoft.Management/getEntities/action |
Azure Database for PostgreSQL |
Microsoft Management |
Microsoft.Management/getEntities/action |
|
Azure Database for MySQL |
Microsoft Management |
Microsoft.Management/getEntities/action |
|
Azure Database for MySQL - Flexible Server |
Microsoft Management |
Microsoft.Management/getEntities/action |
|
SQL servers |
Microsoft Azure Arc Data |
Microsoft.AzureArcData/sqlServerInstances/read |
|
Microsoft Management |
Microsoft.Management/getEntities/action |
||
Middleware |
Azure Cache for Redis |
Microsoft Management |
Microsoft.Management/getEntities/action |
Event Hubs |
Microsoft Management |
Microsoft.Management/getEntities/action |
|
Containers |
Kubernetes services |
Microsoft Classic Compute |
Microsoft.ClassicCompute/virtualMachines/read |
Microsoft Azure Monitor |
Microsoft.Insights/MetricDefinitions/Read |
||
Microsoft Management |
Microsoft.Management/getEntities/action |
||
Networks |
Public IP addresses |
Microsoft Management |
Microsoft.Management/getEntities/action |
Load Balancer |
Microsoft Management |
Microsoft.Management/getEntities/action |
|
NAT gateways |
Microsoft Management |
Microsoft.Management/getEntities/action |
|
Route tables |
Microsoft Network |
Microsoft.Network/networkInterfaces/read |
|
Network security groups |
Microsoft Network |
Microsoft.Network/networkInterfaces/read |
|
Virtual networks |
Microsoft Network |
Microsoft.Network/networkInterfaces/read |
Qiniu Cloud Data Collection
The following table lists the permissions required for collecting data of Qiniu Cloud resources.
Resource Type |
Cloud Service |
Action |
Minimum Permission Policy |
---|---|---|---|
Storage |
Object storage (KODO) |
kodo:buckets |
QiniuKodoReadOnlyAccess |
Kingsoft Cloud Data Collection
The following table lists the permissions required for collecting data of Kingsoft Cloud resources.
Resource Type |
Cloud Service |
Action |
Minimum Permission Policy |
---|---|---|---|
Storage |
Kingsoft Cloud Standard Storage Service (KS3) |
ks3:ListBuckets |
KS3ReadOnlyAccess |
Google Cloud Data Collection
The following table lists the permissions required for collecting data of Google Cloud resources.
Resource Type |
Cloud Service |
Permission |
Role (Role ID) |
---|---|---|---|
Servers |
Compute Engine |
compute.instances.list |
Compute Viewer(roles/compute.viewer) |
compute.machineTypes.get |
|||
compute.disks.get |
|||
compute.networks.get |
|||
compute.regions.get |
|||
Storage |
Cloud Storage |
storage.buckets.list |
Storage Admin (roles/storage.admin) or Viewer (roles/viewer) |
storage.objects.list |
Storage Object Viewer (roles/storage.objectViewer) or Storage Admin (roles/storage.admin) |
||
Compute Engine(obs) |
compute.regions.get |
Compute Viewer(roles/compute.viewer) |
|
compute.networks.list |
|||
Cloud Filestore |
file.instances.list |
Cloud Filestore Viewer(roles/file.viewer) |
|
Databases |
Cloud SQL |
cloudsql.instances.list |
Cloud SQL Viewer(roles/cloudsql.viewer) |
cloudsql.databases.list |
|||
cloudsql.tiers.list |
No role is required. |
||
Middleware |
Memorystore Redis |
redisService.instances.list |
Cloud Memorystore Redis Viewer(roles/redis.viewer) |
redisService.clusters.list |
|||
Containers |
Kubernetes Engine |
container.clusters.list |
Kubernetes Engine Cluster Viewer(roles/container.clusterViewer) |
Compute Engine(k8s) |
compute.regions.get |
Compute Viewer(roles/compute.viewer) |
|
compute.networks.list |
|||
compute.subnetworks.list |
|||
Networks |
Compute Engine(clb) |
compute.firewalls.list |
Compute Viewer(roles/compute.viewer) |
compute.forwardingRules.list |
|||
compute.globalForwardingRules.list |
|||
compute.backendServices.get |
|||
compute.networks.list |
|||
compute.subnetworks.list |
|||
Compute Engine(eip) |
compute.addresses.list |
||
compute.globalAddresses.list |
|||
compute.regions.get |
|||
compute.instances.list |
|||
Compute Engine(route table) |
compute.routes.list |
||
compute.networks.list |
|||
compute.subnetworks.list |
|||
Compute Engine(vpc) |
compute.networks.list |
||
compute.subnetworks.list |
|||
Compute Engine(security group) |
compute.firewalls.list |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot