RDS Actions
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Querying the DB engine version |
GET /v3/{projectId}/datastores/{database_name} |
No action required |
√ |
√ |
× |
Querying database specifications |
GET /v3/{project_id}/flavors/{database_name}?version_name={version_name} |
No action required |
√ |
√ |
× |
Querying the storage type |
GET /v3/{project_id}/storage-type/{database_name}?version_name={version_name} |
No action required |
√ |
√ |
× |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Creating a DB instance |
POST /v3/{project_id}/instances |
rds:instance:create (To create an encrypted DB instance, you need to configure the KMS Administrator permission in the project.) |
√ |
√ |
× |
Changing a DB instance name |
PUT https://{Endpoint}/v3/{project_id}/instances/{instance_id}/name |
rds:instance:modify |
√ |
√ |
√ |
Changing a DB instance description |
PUT https://{Endpoint}/v3/{project_id}/instances/{instance_id}/alias |
rds:instance:modify |
√ |
√ |
√ |
Applying for a private domain name |
POST https://{Endpoint}/v3/{project_id}/instances/{instance_id}/create-dns |
rds:instance:createDns |
√ |
√ |
× |
Modifying a private domain name |
PUT https://{Endpoint}/v3/{project_id}/instances/{instance_id}/modify-dns |
rds:instance:modifyDns |
√ |
√ |
√ |
Changing DB instance specifications |
POST /v3/{project_id}/instances/{instance_id}/action |
rds:instance:modifySpec |
√ |
√ |
× |
Scaling up storage space |
POST /v3/{project_id}/instances/{instance_id}/action |
rds:instance:extendSpace |
√ |
√ |
√ |
Changing a DB instance type from single to primary/standby |
POST /v3/{project_id}/instances/{instance_id}/action |
rds:instance:singleToHa (The KMS Administrator permission needs to be configured for the encrypted DB instance in the project.) |
√ |
√ |
√ |
Rebooting a DB instance |
POST /v3/{project_id}/instances/{instance_id}/action |
rds:instance:restart |
√ |
√ |
√ |
Deleting a DB instance |
DELETE /v3/{project_id}/instances/{instance_id} |
rds:instance:delete |
√ |
√ |
√ |
Querying DB instances |
GET /v3/{project_id}/instances |
rds:instance:list |
√ |
√ |
√ |
Querying DB instances for which cross-region backups are created |
GET /v3/{project_id}/backups/offsite-backup-instance |
rds:instance:list |
√ |
√ |
√ |
Binding or unbinding an EIP |
PUT /v3/{project_id}/instances/{instance_id}/public-ip |
rds:instance:modifyPublicAccess |
√ |
√ |
× |
Changing a DB instance password |
PUT /v3/{project_id}/instances/{instance_id}/password |
rds:password:update |
√ |
√ |
√ |
Performing a manual switchover |
PUT /v3/{project_id}/instances/{instance_id}/failover |
rds:instance:switchover |
√ |
√ |
√ |
Changing a failover priority |
PUT /v3/{project_id}/instances/{instance_id}/failover/strategy |
rds:instance:modifyStrategy |
√ |
√ |
√ |
Changing a replication mode |
PUT /v3/{project_id}/instances/{instance_id}/failover/mode |
rds:instance:modifySynchronizeModel |
√ |
√ |
√ |
Changing a maintenance window |
PUT /v3/{project_id}/instances/{instance_id}/ops-window |
rds:instance:modify |
√ |
√ |
√ |
Migrating the standby DB instance to another AZ |
POST /v3/{project_id}/instances/{instance_id}/migrateslave |
rds:instance:create |
√ |
√ |
× |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Configuring SSL |
PUT /v3/{project_id}/instances/{instance_id}/ssl |
rds:instance:modifySSL |
√ |
√ |
√ |
Changing a database port |
PUT /v3/{project_id}/instances/{instance_id}/port |
rds:instance:modifyPort |
√ |
√ |
√ |
Changing a floating IP address |
PUT /v3/{project_id}/instances/{instance_id}/ip |
rds:instance:modifyIp |
√ |
√ |
√ |
Changing a security group |
PUT /v3/{project_id}/instances/{instance_id}/security-group |
rds:instance:modifySecurityGroup |
√ |
√ |
√ |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Obtaining parameter templates |
GET /v3/{project_id}/configurations |
rds:param:list |
√ |
√ |
√ |
Creating a parameter template |
POST /v3/{project_id}/configurations |
rds:param:create |
√ |
√ |
× |
Modifying parameters in a parameter template |
PUT /v3/{project_id}/configurations/{config_id} |
rds:param:modify |
√ |
√ |
√ |
Applying a parameter template |
PUT /v3/{project_id}/configurations/{config_id}/apply |
rds:param:apply |
√ |
√ |
× |
Modifying parameters of a specified DB instance |
PUT /v3/{project_id}/instances/{instance_id}/configurations |
rds:param:modify |
√ |
√ |
√ |
Obtaining the parameter template of a specified DB instance |
GET /v3/{project_id}/instances/{instance_id}/configurations |
rds:param:list |
√ |
√ |
√ |
Obtaining parameters of a specified parameter template |
GET /v3/{project_id}/configurations/{config_id} |
rds:param:list |
√ |
√ |
√ |
Deleting a parameter template |
DELETE /v3/{project_id}/configurations/{config_id} |
rds:param:delete |
√ |
√ |
× |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Configuring an automated backup policy |
PUT /v3/{project_id}/instances/{instance_id}/backups/policy |
rds:instance:modifyBackupPolicy |
√ |
√ |
√ |
Configuring a cross-region backup policy |
PUT /v3/{project_id}/instances/{instance_id}/backups/offsite-policy |
rds:instance:modifyBackupPolicy |
√ |
√ |
√ |
Querying an automated backup policy |
GET /v3/{project_id}/instances/{instance_id}/backups/policy |
rds:instance:list |
√ |
√ |
√ |
Querying a cross-region backup policy |
GET /v3/{project_id}/instances/{instance_id}/backups/offsite-policy |
rds:instance:list |
√ |
√ |
√ |
Creating a manual backup |
POST /v3/{project_id}/backups |
rds:backup:create |
√ |
√ |
× |
Obtaining backups |
GET /v3/{project_id}/backups?instance_id={instance_id} |
rds:backup:list |
√ |
√ |
× |
Querying cross-region backups |
GET /v3/{project_id}/offsite-backups?instance_id={instance_id} |
rds:backup:list |
√ |
√ |
× |
Obtaining the link for downloading a backup |
GET /v3/{project_id}/backup-files?backup_id={backup_id} |
rds:backup:download |
√ |
√ |
× |
Deleting a manual backup |
DELETE /v3/{project_id}/backups/{backup_id} |
rds:backup:delete |
√ |
√ |
× |
Querying the restoration time range |
GET /v3/{project_id}/instances/{instance_id}/restore-time |
rds:instance:list |
√ |
√ |
× |
Querying the restoration time range of a cross-region backup |
GET /v3/{project_id}/instances/{instance_id}/offsite-restore-time |
rds:instance:list |
√ |
√ |
× |
Restoring data to a new DB instance |
POST /v3/{project_id}/instances |
rds:instance:create (The KMS Administrator permission needs to be configured for the encrypted DB instance in the project.) |
√ |
√ |
× |
Restoring data to an existing or original DB instance |
POST /v3/{project_id}/instances/recovery |
rds:instance:restoreInPlace |
√ |
√ |
× |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Querying error logs |
GET /v3/{project_id}/instances/{instance_id}/errorlog?start_date={start_date}&end_date={end_date} |
rds:log:list |
√ |
√ |
√ |
Querying slow query logs |
GET /v3/{project_id}/instances/{instance_id}/slowlog?start_date={start_date}&end_date={end_date} |
rds:log:list |
√ |
√ |
√ |
Setting a policy for audit logs |
PUT /v3/{project_id}/instances/{instance_id}/auditlog-policy |
rds:auditlog:operate |
√ |
√ |
√ |
Querying the policy for audit logs |
GET /v3/{project_id}/instances/{instance_id}/auditlog-policy |
rds:auditlog:list |
√ |
√ |
√ |
Obtaining audit logs |
GET /v3/{project_id}/instances/{instance_id}/auditlog?start_time={start_time}&end_time={end_time}&offset={offset}&limit={limit} |
rds:auditlog:list |
√ |
√ |
√ |
Obtaining the link for downloading an audit log |
POST /v3/{project_id}/instances/{instance_id}/auditlog-links |
rds:auditlog:download |
√ |
√ |
√ |
Obtaining the link for downloading a slow query log |
POST /v3/{project_id}/instances/{instance_id}/slowlog-download |
rds:log:download |
√ |
√ |
√ |
Obtaining the local retention period of binlogs |
GET /v3/{project_id}/instances/{instance_id}/binlog/clear-policy |
rds:binlog:get |
√ |
√ |
√ |
Setting the local retention period of binlogs |
PUT /v3/{project_id}/instances/{instance_id}/binlog/clear-policy |
rds:binlog:setPolicy |
√ |
√ |
√ |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Creating a database |
POST /v3/{project_id}/instances/{instance_id}/database |
rds:database:create |
√ |
√ |
√ |
Querying databases |
GET /v3/{project_id}/instances/{instance_id}/database/detail?page={page}&limit={limit} |
rds:database:list |
√ |
√ |
√ |
Querying authorized databases of a specified account |
GET /v3/{project_id}/instances/{instance_id}/db_user/database?user-name={user-name}&page={page}&limit={limit} |
rds:database:list |
√ |
√ |
√ |
Deleting a database |
DELETE /v3/{project_id}/instances/{instance_id}/database/{db_name} |
rds:database:drop |
√ |
√ |
√ |
Creating a database account |
POST /v3/{project_id}/instances/{instance_id}/db_user |
rds:databaseUser:create |
√ |
√ |
√ |
Querying database users |
GET /v3/{project_id}/instances/{instance_id}/db_user/detail?page={page}&limit={limit} |
rds:databaseUser:list |
√ |
√ |
√ |
Querying authorized users of a specified database |
GET /v3/{project_id}/instances/{instance_id}/database/db_user?db-name={db-name}&page={page}&limit={limit} |
rds:databaseUser:list |
√ |
√ |
√ |
Modifying remarks of a database user |
PUT /v3/{project_id}/instances/{instance_id}/db-users/{user_name}/comment |
rds:databaseUser:update |
√ |
√ |
√ |
Deleting a database account |
DELETE /v3/{project_id}/instances/{instance_id}/db_user/{user_name} |
rds:databaseUser:drop |
√ |
√ |
√ |
Authorizing a database account |
POST /v3/{project_id}/instances/{instance_id}/db_privilege |
rds:databasePrivilege:grant |
√ |
√ |
√ |
Changing the password for a database account |
POST /v3/{project_id}/instances/{instance_id}/db_user/resetpwd |
rds:password:update |
√ |
√ |
√ |
Revoking permissions of a database account |
DELETE /v3/{project_id}/instances/{instance_id}/db_privilege |
rds:databasePrivilege:revoke |
√ |
√ |
√ |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Creating a database |
POST /v3/{project_id}/instances/{instance_id}/database |
rds:database:create |
√ |
√ |
√ |
Creating a database account |
POST /v3/{project_id}/instances/{instance_id}/db_user |
rds:databaseUser:create |
√ |
√ |
√ |
Authorizing a database account |
POST /v3/{project_id}/instances/{instance_id}/db_privilege |
rds:databasePrivilege:grant |
√ |
√ |
√ |
Creating a database schema |
POST /v3/{project_id}/instances/{instance_id}/schema |
rds:database:create |
√ |
√ |
√ |
Querying databases |
GET /v3/{project_id}/instances/{instance_id}/database/detail?page={page}&limit={limit} |
rds:database:list |
√ |
√ |
√ |
Querying database users |
GET /v3/{project_id}/instances/{instance_id}/db_user/detail?page={page}&limit={limit} |
rds:databaseUser:list |
√ |
√ |
√ |
Querying database schemas |
GET /v3/{project_id}/instances/{instance_id}/schema/detail?db_name={name}page={page}&limit={limit} |
rds:database:list |
√ |
√ |
√ |
Modifying remarks of a database user |
PUT /v3/{project_id}/instances/{instance_id}/db-users/{user_name}/comment |
rds:databaseUser:update |
√ |
√ |
√ |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Modifying the recycling policy |
PUT https://{Endpoint}/v3/{project_id}/instances/recycle-policy |
rds:instance:setRecycleBin |
√ |
× |
× |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Adding or deleting tags in batches |
POST /v3/{project_id}/instances/{instance_id}/tags/action |
rds:instance:dealTag |
√ |
√ |
√ |
Querying project tags |
GET /v3/{project_id}/tags |
rds:tag:list |
√ |
√ |
× |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Querying resource quotas |
GET https://{Endpoint}/v3/{project_id}/quotas |
rds:instance:list |
√ |
√ |
√ |
Permission |
API |
Action |
IAM Project |
Enterprise Project |
Authorization by Instance |
---|---|---|---|---|---|
Obtaining task information |
GET /v3/{project_id}/jobs?id={id} |
rds:task:list |
√ |
√ |
× |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot