Actions Supported by Policy-based Authorization
This section describes the actions supported by ECS in policy-based authorization.
Supported Actions
ECS provides system-defined policies that can be directly used in IAM. You can also create custom policies to supplement system-defined policies for more refined access control. Operations supported by policies are specific to APIs. The following are common concepts related to policies:
- Permissions: statements in a policy that allow or deny certain operations
- APIs: REST APIs that can be called by a user who has been granted specific permissions
- Actions: specific operations that are allowed or denied in a custom policy
- Dependencies: actions which a specific action depends on. When allowing an action for a user, you also need to allow any existing action dependencies for that user.
- IAM projects/Enterprise projects: the authorization scope of a custom policy. A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only. Administrators can check whether an action supports IAM projects or enterprise projects in the action list.
- Lifecycle Management
- ECS Status Management
- Batch Operations
- Network Management
- Image Management
- Security Group Management
- Specifications Query
- NIC Management
- Disk Management
- Metadata Management
- Tenant Quota Management
- SSH Key Management
- Password Management
- Floating IP Address Management
- ECS Group Management
- ECS Management Through Console
- AZ Management
- Tag Management
- Lifecycle Management
- ECS Status Management
- Batch Operations
- Network Management
- Image Management
- Security Group Management
- Specifications Query
- NIC Management
- Disk Management
- Metadata Management
- Tenant Quota Management
- SSH Key Management
- Password Management
- Floating IP Address Management
- ECS Group Management
- ECS Management Through Console
- AZ Management
- Tag Management
- Resource-Level Authorization
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot