Actions Supported by Policy-based Authorization
This section describes the actions supported by TaurusDB in policy-based authorization.
Supported Actions
TaurusDB provides system-defined policies that can be directly used in IAM. You can also create custom policies to supplement system-defined policies for more refined access control. Operations supported by policies are specific to APIs. The following are common concepts related to policies:
- Permissions: statements in a policy that allow or deny certain operations
- APIs: REST APIs that can be called by a user who has been granted specific permissions
- Actions: specific operations that are allowed or denied in a custom policy
- Dependencies: actions which a specific action depends on. When allowing an action for a user, you also need to allow any existing action dependencies for that user.
- IAM projects/Enterprise projects: the authorization scope of a custom policy. A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only. Administrators can check whether an action supports IAM projects or enterprise projects in the action list. For details about the differences between IAM and enterprise management, see Differences Between IAM and Enterprise Management.
TaurusDB supports the following actions in custom policies.
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Querying the DB engine version | GET /v3/{project_id}/datastores/{database_name} | gaussdb:instance:list | √ | √ |
| Querying database specifications | GET /v3/{project_id}/flavors/{database_name} | gaussdb:instance:list | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Creating a DB instance | POST /v3/{project_id}/instances | gaussdb:instance:create | √ | √ |
| Rebooting a DB instance | POST /v3/{project_id}/instances/{instance_id}/restart | gaussdb:instance:restart | √ | √ |
| Deleting or unsubscribing from a DB instance | DELETE /v3/{project_id}/instances/{instance_id} | gaussdb:instance:delete | √ | √ |
| Creating a read replica | POST /v3/{project_id}/instances/{instance_id}/nodes/enlarge | gaussdb:instance:addNodes | √ | √ |
| Deleting or unsubscribing from a read replica | DELETE /v3/{project_id}/instances/{instance_id}/nodes/{node_id} | gaussdb:instance:deleteNodes | √ | √ |
| Scaling up storage of a yearly/monthly DB instance | POST /v3/{project_id}/instances/{instance_id}/volume/extend | gaussdb:instance:modifyStorageSize | √ | √ |
| Changing a DB instance name | PUT /v3/{project_id}/instances/{instance_id}/name | gaussdb:instance:rename | √ | √ |
| Resetting a database password | POST /v3/{project_id}/instances/{instance_id}/password | gaussdb:instance:modifyPassword | √ | √ |
| Changing DB instance specifications | POST /v3/{project_id}/instances/{instance_id}/action | gaussdb:instance:modifySpec | √ | √ |
| Querying dedicated resource pools | GET /v3/{project_id}/dedicated-resources | gaussdb:instance:list | √ | √ |
| Querying dedicated resources | GET /v3/{project_id}/dedicated-resource/{dedicated_resource_id} | gaussdb:instance:list | √ | √ |
| Configuring the Monitoring By Seconds function | PUT /v3/{project_id}/instances/{instance_id}/monitor-policy | gaussdb:instance:modify gaussdb:instance:modifyMonitorPolicy | √ | √ |
| Querying the configuration of Monitoring by Seconds | GET /v3/{project_id}/instances/{instance_id}/monitor-policy | gaussdb:instance:list | √ | √ |
| Rebooting a node | POST /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/restart | gaussdb:instance:restart | √ | √ |
| Upgrading the kernel version of a DB instance | POST /v3/{project_id}/instances/{instance_id}/db-upgrade | gaussdb:instance:upgrade | √ | √ |
| Enabling or Disabling SSL | PUT /v3/{project_id}/instances/{instance_id}/ssl-option | gaussdb:instance:modifySSL | √ | √ |
| Binding an EIP | PUT /v3/{project_id}/instances/{instance_id}/public-ips/bind | gaussdb:instance:bindPublicIp | √ | √ |
| Unbinding an EIP | PUT /v3/{project_id}/instances/{instance_id}/public-ips/unbind | gaussdb:instance:unbindPublicIp | √ | √ |
| Promoting a read replica to primary | PUT /v3/{project_id}/instances/{instance_id}/switchover | gaussdb:instance:switchover | √ | √ |
| Changing a maintenance window | PUT /v3/{project_id}/instances/{instance_id}/ops-window | gaussdb:instance:modifyMaintenanceWindow | √ | √ |
| Changing a security group | PUT /v3/{project_id}/instances/{instance_id}/security-group | gaussdb:instance:modifySecurityGroup | √ | √ |
| Changing a private IP address | PUT /v3/{project_id}/instances/{instance_id}/internal-ip | gaussdb:instance:modifyIp | √ | √ |
| Changing a database port | PUT /v3/{project_id}/instances/{instance_id}/port | gaussdb:instance:modifyPort | √ | √ |
| Changing a DB instance description | PUT /v3/{project_id}/instances/{instance_id}/alias | gaussdb:instance:modify | √ | √ |
| Applying for a private domain name | POST /v3/{project_id}/instances/{instance_id}/dns | gaussdb:instance:createDns | √ | √ |
| Changing a private domain name | PUT /v3/{project_id}/instances/{instance_id}/dns | gaussdb:instance:modifyDns | √ | √ |
| Querying the kernel version | GET /v3/{project_id}/instances/{instance_id}/database-version | gaussdb:instance:list | √ | √ |
| Configuring an auto scaling policy | PUT /v3/{project_id}/instances/{instance_id}/auto-scaling/policy | gaussdb:autoscaling:createPolicy | √ | √ |
| Querying an auto scaling policy | GET /v3/{project_id}/instances/{instance_id}/auto-scaling/policy | gaussdb:autoscaling:list | √ | √ |
| Pre-checking resources | POST /v3/{project_id}/resource-check | gaussdb:instance:list | √ | √ |
| Querying DB instances | GET /v3/{project_id}/instances | gaussdb:instance:list | √ | √ |
| Querying details of a DB instance | GET /v3/{project_id}/instances/{instance_id} | gaussdb:instance:list | √ | √ |
| Querying details of DB instances in batches | GET /v3/{project_id}/instances/details | gaussdb:instance:list | √ | √ |
| Configuring a recycling policy | PUT /v3/{project_id}/instances/recycle-policy | gaussdb:instance:modify | √ | √ |
| Querying a recycling policy | GET /v3/{project_id}/instances/recycle-policy | gaussdb:instance:modify | √ | √ |
| Querying instances in the recycle bin | GET /v3/{project_id}/instances/recycle-info | gaussdb:instance:list | √ | √ |
| Changing node names in batches | PUT /v3/{project_id}/instances/{instance_id}/nodes/name | gaussdb:instance:modify | √ | √ |
| Querying historical records of auto scaling | GET /v3/{project_id}/instances/{instance_id}/auto-scaling/history | gaussdb:autoscaling:list | √ | √ |
| Setting a policy for a serverless DB instance | PUT /v3/{project_id}/instances/{instance_id}/serverless/policy | gaussdb:serverless:modifyPolicy | √ | √ |
| Changing the failover priority of a read replica | PUT /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/priority | gaussdb:instance:modify | √ | √ |
| Querying an EIP | GET /v3/{project_id}/instances/{instance_id}/eip | gaussdb:instance:list | √ | √ |
| Querying a storage autoscaling policy | GET /v3/{project_id}/instances/{instance_id}/storage/auto-expand-policy | gaussdb:instance:list | √ | √ |
| Modifying a storage autoscaling policy | PUT /v3/{project_id}/instances/{instance_id}/storage/auto-expand-policy | gaussdb:instance:modify | √ | √ |
| Querying database and table information of an instance | GET /v3/{project_id}/instances/{instance_id}/table-info | gaussdb:instance:list | √ | √ |
| Querying a serverless compute policy | GET /v3/{project_id}/instances/{instance_id}/serverless/policy | gaussdb:serverless:getComputeAbilityPolicy | √ | √ |
| Querying custom scale-up policies of a serverless instance | GET /v3/{project_id}/instances/{instance_id}/serverless/scaling-policy | gaussdb:serverless:getScalingPolicy | √ | √ |
| Configuring a serverless compute policy | PUT /v3.1/{project_id}/instances/{instance_id}/serverless/policy | gaussdb:serverless:updateComputeAbilityPolicy | √ | √ |
| Configuring custom scale-up policies for a serverless instance | PUT /v3/{project_id}/instances/{instance_id}/serverless/scaling-policy | gaussdb:serverless:updateScalingPolicy | √ | √ |
| Querying a dynamic serverless compute policy | GET /v3/{project_id}/instances/{instance_id}/serverless/dynamic-policy | gaussdb:serverless:getDynamicPolicy | √ | √ |
| Configuring a dynamic serverless compute policy | POST /v3/{project_id}/instances/{instance_id}/serverless/dynamic-policy | gaussdb:serverless:updateDynamicPolicy | √ | √ |
| Deleting a dynamic serverless compute policy | DELETE /v3/{project_id}/instances/{instance_id}/serverless/dynamic-policy | gaussdb:serverless:deleteDynamicPolicy | √ | √ |
| Batch changing instance specifications | POST /v3/{project_id}/instances/batch/flavor | gaussdb:instance:modifySpec | √ | √ |
| Querying whether an instance has scheduled tasks of the same type | POST /v3/{project_id}/instances/{instance_id}/schedule-tasks/exist | gaussdb:instance:list | √ | √ |
| Upgrading minor versions of instances in batches | POST /v3/{project_id}/instances/database-version/upgrade | gaussdb:instance:upgrade | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Configuring a same-region backup policy | PUT /v3/{project_id}/instances/{instance_id}/backups/policy/update | gaussdb:instance:modifyBackupPolicy | √ | √ |
| Creating a manual backup | POST /v3/{project_id}/backups/create | gaussdb:backup:create | √ | √ |
| Querying full backups | GET /v3/{project_id}/backups | gaussdb:backup:list | √ | √ |
| Querying an automated backup policy | GET /v3/{project_id}/instances/{instance_id}/backups/policy | gaussdb:backup:list | √ | √ |
| Deleting a manual backup | DELETE /v3/{project_id}/backups/{backup_id} | gaussdb:backup:delete | √ | √ |
| Restoring data to the original instance or an existing instance | POST /v3/{project_id}/instances/restore | gaussdb:instance:restoreInPlace | √ | √ |
| Querying the restoration time range | GET /v3/{project_id}/instances/{instance_id}/restore-time | gaussdb:backup:list | √ | √ |
| Enabling or disabling encrypted backup | POST /v3/{project_id}/instances/{instance_id}/backups/encryption | gaussdb:backup:encrypt | √ | √ |
| Checking whether encrypted backup is enabled | GET /v3/{project_id}/instances/{instance_id}/backups/encryption | gaussdb:backup:list | √ | √ |
| Querying the incremental backups of a specified instance | GET /v3/{project_id}/instances/{instance_id}/incremental-backups | gaussdb:instance:list | √ | √ |
| Configuring a cross-region backup policy | PUT /v3/{project_id}/instances/{instance_id}/backups/offsite-policy | gaussdb:instance:modifyBackupPolicy | √ | √ |
| Restoring tables to a specified point in time | POST /v3/{project_id}/instances/{instance_id}/backups/restore/tables | gaussdb:instance:tableRestore | √ | √ |
| Querying available tables for table-level PITR | GET /v3.1/{project_id}/instances/{instance_id}/backups/restore/tables | gaussdb:instance:list | √ | √ |
| Querying the backups of a specified instance | GET /v3/{project_id}/instances/{instance_id}/backups | gaussdb:backup:list | √ | √ |
| Deleting manual backups in batches | DELETE /v3/{project_id}/backups | gaussdb:backup:delete | √ | √ |
| Querying the backups of a specified instance | GET /v3/{project_id}/instances/{instance_id}/backups | gaussdb:backup:list | √ | √ |
| Querying backup resource package specifications | GET /v3/{project_id}/backups/resource-package/flavors | gaussdb:backup:listResourcePackageFlavor | √ | √ |
| Creating a backup resource package | POST /v3/{project_id}/backups/resource-package | gaussdb:backup:createResourcePackage | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Querying parameter templates | GET /v3/{project_id}/configurations | gaussdb:param:list | √ | √ |
| Creating a parameter template | POST /v3/{project_id}/configurations | gaussdb:param:create | √ | √ |
| Deleting a parameter template | DELETE /v3/{project_id}/configurations/{configuration_id} | gaussdb:param:delete | √ | √ |
| Obtaining details about a parameter template | GET /v3/{project_id}/configurations/{configuration_id} | gaussdb:param:list | √ | √ |
| Modifying parameters in a parameter template | PUT /v3/{project_id}/configurations/{configuration_id} | gaussdb:param:modify | √ | √ |
| Applying a parameter template | PUT /v3/{project_id}/configurations/{configuration_id}/apply | gaussdb:param:apply | √ | √ |
| Replicating a parameter template | POST /v3/{project_id}/configurations/{configuration_id}/copy | gaussdb:param:create | √ | √ |
| Comparing parameter templates | POST /v3/{project_id}/configurations/comparison | gaussdb:param:list | √ | √ |
| Querying instances that a parameter template can be applied to | GET /v3/{project_id}/configurations/{configuration_id}/applicable-instances | gaussdb:param:list | √ | √ |
| Viewing parameter change history | GET /v3/{project_id}/configurations/{configuration_id}/modify-history | gaussdb:param:list | √ | √ |
| Obtaining parameter information of a specified DB instance | GET /v3/{project_id}/instances/{instance_id}/configurations | gaussdb:param:list | √ | √ |
| Modifying parameters of a specified DB instance | PUT /v3/{project_id}/instances/{instance_id}/configurations | gaussdb:param:modify | √ | √ |
| Replicating the parameter template of a DB instance | POST /v3/{project_id}/instances/{instance_id}/configurations/{configuration_id}/copy | gaussdb:param:modify | √ | √ |
| Querying application records of a parameter template | GET /v3/{project_id}/configurations/{config_id}/apply-history | gaussdb:param:list | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Querying the instance quotas of a tenant | GET /v3/{project_id}/project-quotas | gaussdb:instance:list | √ | √ |
| Querying enterprise project resource quotas of a tenant | GET /v3/{project_id}/quotas | gaussdb:instance:list | √ | √ |
| Configuring enterprise project resource quotas for a tenant | POST /v3/{project_id}/quotas | gaussdb:quota:modify | √ | √ |
| Modifying enterprise project resource quotas of a tenant | PUT /v3/{project_id}/quotas | gaussdb:quota:modify | √ | √ |
| Querying enterprise projects | GET /v3/{project_id}/enterprise-projects | gaussdb:instance:list | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Creating a proxy instance | POST /v3/{project_id}/instances/{instance_id}/proxy | gaussdb:proxy:create | √ | √ |
| Deleting a proxy instance | DELETE /v3/{project_id}/instances/{instance_id}/proxy | gaussdb:proxy:delete | √ | √ |
| Querying proxy instances | GET /v3/{project_id}/instances/{instance_id}/proxies | gaussdb:proxy:list | √ | √ |
| Querying proxy instance specifications | GET /v3/{project_id}/instances/{instance_id}/proxy/flavors | gaussdb:proxy:list | √ | √ |
| Adding proxy nodes | POST /v3/{project_id}/instances/{instance_id}/proxy/enlarge | gaussdb:proxy:addNodes | √ | √ |
| Deleting proxy nodes | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/reduce | gaussdb:instance:modifyProxy | √ | √ |
| Changing specifications of a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/flavor | gaussdb:proxy:modifySpec | √ | √ |
| Assigning read weights | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/weight | gaussdb:proxy:modifyWeight | √ | √ |
| Changing the routing policy of a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/route-mode | gaussdb:proxy:modifyRouteMode | √ | √ |
| Enabling or disabling transaction splitting for a proxy instance | POST /v3/{project_id}/instances/{instance_id}/proxy/transaction-split | gaussdb:proxy:modifyTransactionSplit | √ | √ |
| Changing session consistency of a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/session-consistence | gaussdb:proxy:modifyConsistency | √ | √ |
| Changing the connection pool type of a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/connection-pool-type | gaussdb:proxy:switchConnectionPoolType | √ | √ |
| Changing the port of a proxy instance | POST /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/port | gaussdb:proxy:modifyPort | √ | √ |
| Upgrading the kernel version of a proxy instance | POST /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/upgrade-version | gaussdb:proxy:upgrade | √ | √ |
| Changing the name of a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/rename | gaussdb:instance:modifyProxy | √ | √ |
| Querying access control settings of a proxy instance | GET /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/ipgroup | gaussdb:instance:modifyProxy | √ | √ |
| Querying the minor version of a proxy instance | GET /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/{engine_name}/proxy-version | gaussdb:instance:list | √ | √ |
| Modifying parameters of a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/configurations | gaussdb:instance:modifyProxy | √ | √ |
| Querying kernel parameters of a proxy instance | GET /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/configurations | gaussdb:proxy:queryConfigurations | √ | √ |
| Enabling or disabling access control | POST /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/access-control-switch | gaussdb:instance:modifyProxy | √ | √ |
| Configuring access control rules | POST /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/access-control | gaussdb:instance:modifyProxy | √ | √ |
| Enabling or disabling SSL for a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/ssl | gaussdb:proxy:modifySSL | √ | √ |
| Rebooting a proxy instance | POST /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/restart | gaussdb:instance:modifyProxy | √ | √ |
| Querying proxy instance specifications by AZ | GET /v3/{project_id}/proxy/flavors | gaussdb:instance:list | √ | √ |
| Applying for a private domain name for a proxy instance | POST /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/dns | gaussdb:instance:modifyProxy | √ | √ |
| Changing the private domain name of a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/dns | gaussdb:proxy:modifyDns | √ | √ |
| Deleting the private domain name of a proxy instance | DELETE /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/dns | gaussdb:proxy:deleteDns | √ | √ |
| Binding an EIP to or unbinding an EIP from a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/bind | gaussdb:proxy:bindEip | √ | √ |
| Enabling or disabling ALT for a proxy instance | PUT /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id}/alt | gaussdb:proxy:modifyAlt | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Enabling or disabling SQL Explorer | POST /v3/{project_id}/instance/{instance_id}/audit-log/switch | gaussdb:instance:modifyTraceSQLPolicy | √ | √ |
| Querying whether SQL Explorer is enabled | GET /v3/{project_id}/instance/{instance_id}/audit-log/switch-status | gaussdb:instance:list | √ | √ |
| Querying slow query logs | POST /v3.1/{project_id}/instances/{instance_id}/slow-logs | gaussdb:log:list | √ | √ |
| Querying error logs | POST /v3.1/{project_id}/instances/{instance_id}/error-logs | gaussdb:log:list | √ | √ |
| Obtaining the temporary link for downloading full SQL | GET /v3/{project_id}/instance/{instance_id}/auditlog/download-link | gaussdb:instance:list | √ | √ |
| Querying LTS configurations of an instance | GET /v3/{project_id}/logs/lts-configs | gaussdb:log:listLtsConfig | √ | √ |
| Deleting LTS configurations in batches | POST /v3/{project_id}/logs/lts-configs | gaussdb:log:createLtsConfig | √ | √ |
| Creating LTS configurations in batches | DELETE /v3/{project_id}/logs/lts-configs | gaussdb:log:deleteLtsConfig | √ | √ |
| Querying whether Show Original Log is enabled | GET /v3/{project_id}/instances/{instance_id}/slowlog/query | gaussdb:log:list | √ | √ |
| Enabling or disabling Show Original Log | POST /v3/{project_id}/instances/{instance_id}/slowlog/modify | gaussdb:instance:modify | √ | √ |
| Querying slow query log statistics | POST /v3/{project_id}/instances/{instance_id}/slow-logs/statistics | gaussdb:log:list | √ | √ |
| Obtaining links for downloading slow query logs | POST /v3/{project_id}/instances/{instance_id}/{node_id}/slowlog-download | gaussdb:log:list | √ | √ |
| Downloading an error log | POST /v3/{project_id}/instances/{instance_id}/{node_id}/errorlog-download | gaussdb:log:list | √ | √ |
| Obtaining audit logs | GET /v3/{project_id}/instances/{instance_id}/audit-logs | gaussdb:instance:list | √ | √ |
| Setting SQL audit | PUT /v3/{project_id}/instances/{instance_id}/audit-log-policy | gaussdb:instance:modify | √ | √ |
| Querying the policy for SQL audit logs | GET /v3/{project_id}/instances/{instance_id}/audit-log-policy | gaussdb:instance:list | √ | √ |
| Obtaining the links for downloading audit logs | POST /v3/{project_id}/instances/{instance_id}/audit-log-link | gaussdb:instance:list | √ | √ |
| Configuring a DDL log download policy | PUT /v3/{project_id}/instances/{instance_id}/ddl-log | gaussdb:log:setPolicy | √ | √ |
| Obtaining links for downloading DDL logs | POST /v3/{project_id}/instances/{instance_id}/ddl-log/download | gaussdb:log:download | √ | √ |
| Querying DDL logs that can be downloaded | GET /v3/{project_id}/instances/{instance_id}/ddl-log | gaussdb:log:list | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Querying resource tags | GET /v3/{project_id}/instances/{instance_id}/tags | gaussdb:tag:list | √ | √ |
| Querying project tags | GET /v3/{project_id}/tags | gaussdb:tag:list | √ | √ |
| Adding or deleting tags in batches | POST /v3/{project_id}/instances/{instance_id}/tags/action | gaussdb:instance:dealTag | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Creating a database account | POST /v3/{project_id}/instances/{instance_id}/db-users | gaussdb:user:create | √ | √ |
| Querying database users | GET /v3/{project_id}/instances/{instance_id}/db-users | gaussdb:user:list | √ | √ |
| Deleting a database user | DELETE /v3/{project_id}/instances/{instance_id}/db-users | gaussdb:user:delete | √ | √ |
| Modifying the description of a database user | PUT /v3/{project_id}/instances/{instance_id}/db-users/comment | gaussdb:database:modify | √ | √ |
| Changing the password of a database user | PUT /v3/{project_id}/instances/{instance_id}/db-users/password | gaussdb:user:modify | √ | √ |
| Authorizing permissions to a database user | POST /v3/{project_id}/instances/{instance_id}/db-users/privilege | gaussdb:user:grantPrivilege | √ | √ |
| Deleting permissions of a database user | DELETE /v3/{project_id}/instances/{instance_id}/db-users/privilege | gaussdb:user:revokePrivilege | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Querying available database character sets | GET /v3/{project_id}/instances/{instance_id}/databases/charsets | gaussdb:database:list | √ | √ |
| Creating a database | POST /v3/{project_id}/instances/{instance_id}/databases | gaussdb:database:create | √ | √ |
| Querying databases | GET /v3/{project_id}/instances/{instance_id}/databases | gaussdb:database:list | √ | √ |
| Deleting a database | DELETE /v3/{project_id}/instances/{instance_id}/databases | gaussdb:database:delete | √ | √ |
| Modifying the description of a database | PUT /v3/{project_id}/instances/{instance_id}/databases/comment | gaussdb:user:modify | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Enabling or disabling SQL throttling | POST /v3/{project_id}/instances/{instance_id}/sql-filter/switch | gaussdb:param:modify | √ | √ |
| Querying whether SQL throttling is enabled | GET /v3/{project_id}/instances/{instance_id}/sql-filter/switch | gaussdb:param:list | √ | √ |
| Configuring SQL throttling rules | PUT /v3/{project_id}/instances/{instance_id}/sql-filter/rules | gaussdb:param:modify | √ | √ |
| Querying SQL throttling rules | GET /v3/{project_id}/instances/{instance_id}/sql-filter/rules | gaussdb:param:list | √ | √ |
| Deleting SQL throttling rules | DELETE /v3/{project_id}/instances/{instance_id}/sql-filter/rules | gaussdb:param:modify | √ | √ |
| Querying user session threads on a node | GET /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/processes | gaussdb:instance:listProcesses | √ | √ |
| Terminating user session threads on a node | DELETE /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/processes | gaussdb:instance:deleteProcesses | √ | √ |
| Querying historical SQL throttling rules | GET /v3/{project_id}/instances/{instance_id}/sql-filter/history-rules | gaussdb:param:list | √ | √ |
| Enabling auto throttling | PUT /v3/{project_id}/instances/{instance_id}/auto-sql-limiting | gaussdb:param:modify | √ | √ |
| Disabling auto throttling | DELETE /v3/{project_id}/instances/{instance_id}/auto-sql-limiting | gaussdb:param:modify | √ | √ |
| Querying auto throttling rules | POST /v3/{project_id}/instances/{instance_id}/auto-sql-limiting | gaussdb:param:list | √ | √ |
| Querying auto throttling records | GET /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/auto-sql-limiting/log | gaussdb:param:list | √ | √ |
| Querying lock wait sessions | GET /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/process/lock-wait | gaussdb:instance:listProcesses | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Obtaining information about a task with a specified ID | GET /v3/{project_id}/jobs | gaussdb:instance:list | √ | √ |
| Obtaining instant tasks | GET /v3/{project_id}/immediate-jobs | gaussdb:instance:list | √ | √ |
| Obtaining scheduled tasks | GET /v3/{project_id}/scheduled-jobs | gaussdb:instance:list | √ | √ |
| Canceling a scheduled task | DELETE /v3/{project_id}/scheduled-jobs | gaussdb:instance:delete | √ | √ |
| Deleting a task record | DELETE /v3/{project_id}/jobs/{job_id} | gaussdb:instance:delete | √ | √ |
| Deleting a scheduled task record | DELETE /v3/{project_id}/instance/{instance_id}/scheduled-jobs | gaussdb:instance:delete | √ | √ |
| Querying details about an asynchronous task | GET /v3/{project_id}/instances/{instance_id}/task-center-detail | gaussdb:instance:list | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Querying abnormal instances by each metric | GET /v3/{project_id}/instances/diagnosis-instance-count | gaussdb:instance:list | √ | √ |
| Querying abnormal instance information by a specific metric | GET /v3/{project_id}/instances/diagnosis-instance-infos | gaussdb:instance:list | √ | √ |
| Querying intelligently killed sessions | GET /v3/{project_id}/instances/{instance_id}/intelligent-kill-session/history | gaussdb:instance:showIntelligentKillSession | √ | √ |
| Intelligently killing sessions | POST /v3/{project_id}/instances/{instance_id}/intelligent-kill-session | gaussdb:instance:executeIntelligentKillSession | √ | √ |
| Showing intelligently killed sessions | GET /v3/{project_id}/instances/{instance_id}/intelligent-kill-session/statistic | gaussdb:instance:showIntelligentKillSession | √ | √ |
| Collecting all real-time session information | POST /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/realtime-session | gaussdb:instance:getRealtimeSession | √ | √ |
| Checking the status of the task for collecting all real-time session information | GET /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/realtime-session-task | gaussdb:instance:getRealtimeSession | √ | √ |
| Downloading all real-time session information | GET /v3/{project_id}/instances/{instance_id}/nodes/{node_id}/realtime-session-result | gaussdb:instance:getRealtimeSession | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Restoring a data synchronization task for a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication/resume | gaussdb:htapInstance:modifyDataSync | √ | √ |
| Querying tables of a primary HTAP instance | POST /v3/{project_id}/instances/{instance_id}/htap/tables | gaussdb:htapInstance:list | √ | √ |
| Stopping a data synchronization task for a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication/pause | gaussdb:htapInstance:modifyDataSync | √ | √ |
| Checking table configurations for HTAP data synchronization | POST /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication/table-config-check | gaussdb:htapInstance:list | √ | √ |
| Creating a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks | gaussdb:htapInstance:create | √ | √ |
| Querying a StarRocks instance | GET /v3/{project_id}/instances/{instance_id}/starrocks/{starrocks_instance_id} | gaussdb:htapInstance:list | √ | √ |
| Deleting a StarRocks instance | DELETE /v3/{project_id}/instances/{instance_id}/starrocks/{starrocks_instance_id} | gaussdb:htapInstance:delete | √ | √ |
| Rebooting a StarRocks instance | PUT /v3/{project_id}/instances/{starrocks_instance_id}/starrocks/restart | gaussdb:htapInstance:restart | √ | √ |
| Rebooting a StarRocks node | PUT /v3/{project_id}/instances/{starrocks_instance_id}/starrocks/{starrocks_node_id}/restart | gaussdb:htapInstance:restart | √ | √ |
| Checking StarRocks resources | POST /v3/{project_id}/starrocks/resource-check | gaussdb:instance:list | √ | √ |
| Querying HTAP engine resources | GET /v3/{project_id}/htap/datastores/{engine_name} | gaussdb:instance:list | √ | √ |
| Obtaining the storage type of an HTAP instance | GET /v3/{project_id}/htap/storage-type/{database} | gaussdb:htapInstance:list | √ | √ |
| Querying specifications of an HTAP instance | GET /v3/{project_id}/htap/flavors/{engine_name} | gaussdb:instance:list | √ | √ |
| Querying HTAP instances | GET /v3/{project_id}/instances/{instance_id}/htap | gaussdb:htapInstance:list | √ | √ |
| Creating a data synchronization task for a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication | gaussdb:htapInstance:createDataSync | √ | √ |
| Deleting a data synchronization task for a StarRocks instance | DELETE /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication | gaussdb:htapInstance:deleteDataSync | √ | √ |
| Querying data synchronization tasks of a StarRocks instance | GET /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication | gaussdb:htapInstance:list | √ | √ |
| Modifying StarRocks data synchronization configurations | PUT /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication | gaussdb:htapInstance:modifyDataSync | √ | √ |
| Checking database configurations for HTAP data synchronization | POST /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication/database-config-check | gaussdb:htapInstance:list | √ | √ |
| Querying configurations of a StarRocks data synchronization task | GET /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication/configuration | gaussdb:htapInstance:list | √ | √ |
| Querying database parameter settings for StarRocks data synchronization | GET /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication/database-parameters | gaussdb:htapInstance:list | √ | √ |
| Querying databases of a StarRocks instance | GET /v3/{project_id}/instances/{instance_id}/starrocks/databases | gaussdb:htapInstance:list | √ | √ |
| Querying database accounts of a StarRocks instance | GET /v3/{project_id}/instances/{instance_id}/starrocks/users | gaussdb:htapInstance:list | √ | √ |
| Creating a database account for a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/users | gaussdb:instance:modify | √ | √ |
| Deleting a database account of a StarRocks instance | DELETE /v3/{project_id}/instances/{instance_id}/starrocks/users | gaussdb:user:delete | √ | √ |
| Changing the password of a database account for a StarRocks instance | PUT /v3/{project_id}/instances/{instance_id}/starrocks/users/password | gaussdb:htapInstance:modifyPassword | √ | √ |
| Changing permissions of a database account for a StarRocks instance | PUT /v3/{project_id}/instances/{instance_id}/starrocks/users/permission | gaussdb:user:grantPrivilege | √ | √ |
| Changing the specifications of a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/resize-flavor | gaussdb:htapInstance:modifySpec | √ | √ |
| Querying StarRocks parameters | GET /v3/{project_id}/instances/{instance_id}/starrocks/configurations | gaussdb:param:list | √ | √ |
| Modifying StarRocks parameters | PUT /v3/{project_id}/instances/{instance_id}/starrocks/configurations | gaussdb:param:modify | √ | √ |
| Enabling Assign Requests to Row and Column Store Nodes for a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/users/sync | gaussdb:user:create | √ | √ |
| Comparing HTAP parameters | POST /v3/{project_id}/configurations/starrocks/comparison | gaussdb:param:list | √ | √ |
| Upgrading the kernel version of a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/db-upgrade | gaussdb:instance:modify | √ | √ |
| Querying databases of a primary HTAP instance | POST /v3/{project_id}/instances/{instance_id}/htap/databases | gaussdb:htapInstance:list | √ | √ |
| Querying error logs | POST /v3/{project_id}/instances/{instance_id}/starrocks/error-logs | gaussdb:log:list | √ | √ |
| Changing the security group of a StarRocks instance | PUT /v3/{project_id}/instances/{instance_id}/starrocks/security-group | gaussdb:instance:modify | √ | √ |
| Querying LTS configurations of an HTAP instance | GET /v3/{project_id}/starrocks/instances/logs/lts-configs | gaussdb:log:listLtsConfig | √ | √ |
| Querying HTAP node information | GET /v3/{project_id}/instances/{instance_id}/starrocks/nodes | gaussdb:log:list | √ | √ |
| Downloading an HTAP data synchronization template | GET /v3/{project_id}/instances/{instance_id}/htap/template | - | - | - |
| Querying StarRocks data synchronization configurations by destination database | GET /v3/{project_id}/instances/{instance_id}/starrocks/databases/replication/configuration/{database} | gaussdb:htapInstance:list | √ | √ |
| Setting thresholds for the current query queue | PUT /v3/{project_id}/instances/{instance_id}/query-queue/rules | gaussdb:param:modify | √ | √ |
| Querying the switch status and thresholds of the current query queue | GET /v3/{project_id}/instances/{instance_id}/query-queue/rules | gaussdb:param:list | √ | √ |
| Enabling or disabling the query queue function | POST /v3/{project_id}/instances/{instance_id}/htap/query-queue/switch | gaussdb:param:modify | √ | √ |
| Importing and verifying HTAP databases and tables | POST /v3/{project_id}/instances/{instance_id}/htap/template | gaussdb:htapInstance:list | √ | √ |
| Querying kernel slow query logs of a StarRocks instance | POST /v3/{project_id}/instances/{instance_id}/starrocks/slow-logs | gaussdb:log:list | √ | √ |
| Querying whether Show Original Log is enabled for a StarRocks instance | GET /v3/{project_id}/instances/{instance_id}/starrocks/slowlog-sensitive | gaussdb:log:list | √ | √ |
| Enabling or disabling Show Original Log for a StarRocks instance | PUT /v3/{project_id}/instances/{instance_id}/starrocks/slowlog-sensitive | gaussdb:instance:modify | √ | √ |
| Deleting sessions of an HTAP instance | DELETE /v3/{project_id}/instances/{instance_id}/htap/process | gaussdb:instance:modify | √ | √ |
| Querying the current sessions of an HTAP instance | GET /v3/{project_id}/instances/{instance_id}/htap/process | gaussdb:instance:list | √ | √ |
| Creating LTS configurations in batches | POST /v3/{project_id}/starrocks/instances/logs/lts-configs | gaussdb:log:createLtsConfig | √ | √ |
| Deleting LTS configurations in batches | DELETE /v3/{project_id}/starrocks/instances/logs/lts-configs | gaussdb:log:deleteLtsConfig | √ | √ |
| Permission | API | Action | IAM Project | Enterprise Project |
|---|---|---|---|---|
| Querying the status of multi-tenancy | GET /v3/{project_id}/instances/{instance_id}/multi-tenant | gaussdb:instance:list | √ | √ |
| Enabling or disabling multi-tenancy | PUT /v3/{project_id}/instances/{instance_id}/multi-tenant | gaussdb:instance:modify | √ | √ |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot