Log Tank Service (LTS)
The Organizations service provides Service Control Policies (SCPs) to set access control policies.
SCPs do not actually grant any permissions to a principal. They only set the permissions boundary for the principal. When SCPs are attached to a member account or an organizational unit (OU), they do not directly grant permissions to that member account or OU. Instead, the SCPs just determine what permissions are available for that member account or the member accounts under that OU.
This section describes the elements used by Organizations SCPs. The elements include actions, resources, and conditions.
For details about how to use these elements to create a custom SCP, see Creating an SCP.
Actions
Actions are specific operations that are allowed or denied in an SCP.
- The Access Level column describes how the action is classified (List, Read, or Write). This classification helps you understand the level of access that an action grants when you use it in an SCP.
- The Resource Type column indicates whether the action supports resource-level permissions.
- You can use a wildcard (*) to indicate all resource types. If this column is empty (-), the action does not support resource-level permissions, and you must specify all resources ("*") in your SCP statements.
- If this column includes a resource type, you must specify the URN in the Resource element of your statements.
- Required resources are marked with asterisks (*) in the table. If you specify a resource in a statement using this action, then it must be of this type.
For details about the resource types defined by LTS, see Resources.
- The Condition Key column contains keys that you can specify in the Condition element of an SCP statement.
- If the Resource Type column has values for an action, the condition key takes effect only for the listed resource types.
- If the Resource Type column is empty (-) for an action, the condition key takes effect for all resources that action supports.
- If the Condition Key column is empty (-) for an action, the action does not support any condition keys.
For details about the condition keys defined by LTS, see Conditions.
The following table lists the actions that you can define in SCP statements for LTS.
Action |
Description |
Access Level |
Resource Type (*: required) |
Condition Key |
|---|---|---|---|---|
lts:logGroup:deleteLogGroup |
Grants permission to delete a log group. |
write |
logGroup * |
- |
lts:logGroup:listLogGroup |
Grants permission to query the log group list. |
list |
- |
- |
lts:logGroup:createLogGroup |
Grants permission to create a log group. |
write |
- |
- |
lts:logGroup:updateLogGroup |
Grants permission to modify a log group. |
write |
logGroup * |
- |
lts:logStream:listLogStream |
Grants permission to query the log stream list. |
list |
logGroup * |
- |
lts:logStream:deleteLogStream |
Grants permission to delete a log stream. |
write |
logStream * |
- |
lts:logStream:createLogStream |
Grants permission to create a log stream. |
write |
logGroup * |
- |
lts:logStream:searchLog |
Grants permission to query logs. |
list |
logStream * |
- |
lts:logStream:searchStructLog |
Grants permission to query structured logs. |
list |
logStream * |
- |
lts:logStream:searchLogHistogram |
Grants permission to query the log histogram. |
list |
logStream * |
- |
lts:transfer:createTransfer |
Grants permission to create a log transfer task. |
write |
- |
- |
lts:transfer:deleteTransfer |
Grants permission to delete a log transfer task. |
write |
transfer * |
- |
lts:transfer:listTransfer |
Grants permission to query the log transfer task list. |
list |
- |
- |
lts:transfer:updateTransfer |
Grants permission to modify a log transfer task. |
write |
transfer * |
- |
lts:transfer:registerDmsKafkaInstance |
Grants permission to register a DMS Kafka instance. |
write |
- |
- |
lts:configCenter:updateOverCollectSwitch |
Grants permission to enable or disable log collection beyond free quota. |
write |
- |
- |
lts:structConfig:createStructConfig |
Grants permission to create structuring configurations. |
write |
logStream * |
- |
lts:structConfig:deleteStructConfig |
Grants permission to delete structuring configurations. |
write |
logStream * |
- |
lts:structConfig:getStructConfig |
Grants permission to query structuring configurations. |
read |
logStream * |
- |
lts:structConfig:listStructTemplate |
Grants permission to query the structuring template list. |
list |
- |
- |
lts:structConfig:updateStructConfig |
Grants permission to modify structuring configurations. |
write |
logStream * |
- |
lts:mappingRule:create |
Grants permission to create a mapping rule. |
write |
- |
- |
lts:mappingRule:delete |
Grants permission to delete a mapping rule. |
write |
- |
- |
lts:mappingRule:get |
Grants permission to query mapping rule details. |
read |
- |
- |
lts:mappingRule:list |
Grants permission to query the mapping rule list. |
list |
- |
- |
lts:mappingRule:update |
Grants permission to modify a mapping rule. |
write |
- |
- |
lts:logStream:getHistorySql |
Grants permission to query historical SQL statements of a log stream. |
read |
logStream * |
- |
lts:alarmRule:createSqlAlarmRule |
Grants permission to create a SQL alarm rule. |
write |
- |
- |
lts:alarmRule:deleteSqlAlarmRule |
Grants permission to delete a SQL alarm rule. |
write |
alarmRule * |
- |
lts:alarmRule:updateSqlAlarmRule |
Grants permission to modify a SQL alarm rule. |
write |
alarmRule * |
- |
lts:alarmRule:listSqlAlarmRule |
Grants permission to query SQL alarm rules. |
list |
- |
- |
lts:alarmRule:createWordAlarmRule |
Grants permission to create a keyword alarm rule. |
write |
- |
- |
lts:alarmRule:deleteWordAlarmRule |
Grants permission to delete a keyword alarm rule. |
write |
alarmRule * |
- |
lts:alarmRule:updateWordAlarmRule |
Grants permission to modify a keyword alarm rule. |
write |
alarmRule * |
- |
lts:alarmRule:listWordAlarmRule |
Grants permission to query keyword alarm rules. |
list |
- |
- |
lts:alarm:cleanAlarm |
Grants permission to delete an alarm. |
write |
- |
- |
lts:alarm:listAlarm |
Grants permission to query the alarm list. |
list |
- |
- |
lts:logStream:listChart |
Grants permission to query log stream charts. |
list |
- |
- |
lts:alarmNoticeTemplate:create |
Grants permission to create an alarm notification template. |
write |
- |
- |
lts:alarmNoticeTemplate:update |
Grants permission to modify an alarm notification template. |
write |
- |
- |
lts:alarmNoticeTemplate:delete |
Grants permission to delete an alarm notification template. |
write |
- |
- |
lts:alarmNoticeTemplate:list |
Grants permission to query the alarm notification template list. |
list |
- |
- |
lts:alarmNoticeTemplate:get |
Grants permission to query alarm notification template details. |
read |
- |
- |
lts:hostGroup:create |
Grants permission to create a host group. |
write |
- |
- |
lts:hostGroup:delete |
Grants permission to delete a host group. |
write |
hostGroup * |
- |
lts:host:list |
Grants permission to query the host list. |
list |
- |
- |
lts:hostGroup:list |
Grants permission to query the host group list. |
list |
accessConfig * |
- |
lts:hostGroup:update |
Grants permission to modify a host group. |
write |
hostGroup * |
- |
lts:accessConfig:create |
Grants permission to create a log ingestion configuration. |
write |
logStream * |
- |
lts:accessConfig:delete |
Grants permission to delete a log ingestion configuration. |
write |
accessConfig * |
- |
lts:accessConfig:list |
Grants permission to query log ingestion configurations. |
list |
- |
- |
lts:accessConfig:update |
Grants permission to modify a log ingestion configuration. |
write |
accessConfig * |
- |
hostGroup |
- |
|||
lts:tag:create |
Grants permission to create a tag. |
write |
- |
- |
lts:tag:delete |
Grants permission to delete a tag. |
write |
- |
- |
lts:logStream:createQuickQuery |
Grants permission to create a quick search. |
write |
logStream * |
- |
lts:logStream:deleteQuickQuery |
Grants permission to delete a quick search. |
write |
logStream * |
- |
lts:logStream:listQuickQuery |
Grants permission to query quick searches. |
list |
logGroup * |
- |
lts:logFavorite:create |
Grants permission to add a log to favorites. |
write |
logStream * |
- |
lts:logFavorite:delete |
Grants permission to remove a log from favorites. |
write |
- |
- |
lts:dashboardGroup:create |
Grants permission to create a dashboard group. |
write |
- |
- |
lts:dashboard:create |
Grants permission to create a dashboard. |
write |
- |
- |
lts:trafficStatistic:get |
Grants permission to query resource statistics details. |
read |
- |
- |
lts:tokenizer:get |
Grants permission to query configured delimiters. |
read |
- |
- |
lts:tokenizer:create |
Grants permission to save delimiters. |
write |
- |
- |
lts:tokenizer:preview |
Grants permission to preview delimiters. |
read |
- |
- |
lts:usageAlarm:update |
Grants permission to enable or disable quota alarms. |
write |
- |
- |
lts:csvTable:list |
Grants permission to query the associated data source configuration table. |
list |
- |
- |
lts:csvTable:upload |
Grants permission to upload a CSV file. |
write |
- |
- |
lts:csvTable:get |
Grants permission to preview associated data and query associated data source information. |
read |
- |
- |
lts:csvTable:create |
Grants permission to create an associated data source. |
write |
- |
- |
lts:csvTable:update |
Grants permission to update an associated data source. |
write |
- |
- |
lts:csvTable:delete |
Grants permission to delete an associated data source. |
write |
- |
- |
lts:scheduledSql:create |
Grants permission to create a SQL scheduled job. |
write |
- |
- |
lts:scheduledSql:delete |
Grants permission to delete a SQL scheduled job. |
write |
- |
- |
lts:scheduledSql:update |
Grants permission to modify a SQL scheduled job. |
write |
- |
- |
lts:scheduledSql:list |
Grants permission to query SQL scheduled jobs. |
list |
- |
- |
lts:scheduledSql:get |
Grants permission to query SQL scheduled job details. |
read |
- |
- |
lts:scheduledSql:retry |
Grants permission to re-execute the instance. |
write |
- |
- |
lts:transfer:getDisList |
Grants permission to query DIS streams. |
list |
- |
- |
lts:transfer:listKafkaInstance |
Grants permission to query the Kafka list. |
list |
- |
- |
lts:transfer:updateKafkaInstance |
Grants permission to update Kafka information. |
write |
- |
- |
lts:transfer:deleteKafkaInstance |
Grants permission to delete Kafka information. |
write |
- |
- |
lts:transfer:listKafkaAuthorization |
Grants permission to query the configured Kafka authorization list. |
list |
- |
- |
lts:transfer:createKafkaAuthorization |
Grants permission to add configured Kafka authorization. |
write |
- |
- |
lts:transfer:deleteKafkaAuthorization |
Grants permission to delete configured Kafka authorization. |
write |
- |
- |
lts:transfer:getTransfer |
Grants permission to query transfer task information. |
read |
transfer * |
- |
lts:transfer:getDwsInfo |
Grants permission to query the DWS information of a tenant. |
read |
- |
- |
lts:transfer:registerDwsCluster |
Grants permission to register a DMS cluster. |
write |
- |
- |
lts:hostGroup:getHost |
Grants permission to query all hosts based on query criteria. |
read |
- |
- |
lts:hostGroup:get |
Grants permission to query all configurations of a host group based on query criteria. |
read |
- |
- |
lts:accessConfig:get |
Grants permission to query a collection configuration. |
read |
accessConfig * |
- |
lts:logFavorite:list |
Grants permission to query the favorites list. |
list |
- |
- |
lts:logFavorite:update |
Grants permission to modify favorites. |
write |
logStream * |
- |
lts:logGroup:getLogGroup |
Grants permission to query a log group. |
read |
logGroup * |
- |
lts:IndexConfig:list |
Grants permission to query indexes. |
list |
logGroup * |
- |
lts:IndexConfig:create |
Grants permission to create an index. |
write |
logGroup * |
- |
lts:structConfig:listStructConfig |
Grants permission to query log stream structuring information. |
list |
logStream * |
- |
lts:logStream:updateLogStream |
Grants permission to modify a log stream. |
write |
logStream * |
- |
lts:logStream:getRealtimeLog |
Grants permission to query real-time logs. |
read |
logStream * |
- |
lts:logStream:getLogStream |
Grants permission to query log stream information. |
read |
logStream * |
- |
lts:logStream:createLogFilterRules |
Grants permission to create a log cleaning rule. |
write |
logStream * |
- |
lts:logStream:updateLogFilterRules |
Grants permission to modify a log cleaning rule. |
write |
logStream * |
- |
lts:logStream:deleteLogFilterRules |
Grants permission to delete a log cleaning rule. |
write |
logStream * |
- |
lts:logStream:listLogFilterRules |
Grants permission to query log cleaning rules. |
list |
logStream * |
- |
lts:logStream:getQuickQuery |
Grants permission to query a quick search. |
list |
logStream * |
- |
lts:logStream:updateQuickQuery |
Grants permission to modify a quick search. |
write |
logStream * |
- |
lts:logStream:searchLogContext |
Grants permission to query log context. |
read |
logStream * |
- |
lts:structConfig:getCustomTemplate |
Grants permission to query a custom template. |
read |
- |
- |
lts:structConfig:createCustomTemplate |
Grants permission to create a custom template. |
write |
- |
- |
lts:structConfig:updateCustomTemplate |
Grants permission to modify a custom template. |
write |
- |
- |
lts:structConfig:deleteCustomTemplate |
Grants permission to delete a custom template. |
write |
- |
- |
lts:structConfig:listCustomTemplate |
Grants permission to query the custom template list. |
read |
- |
- |
lts:structConfig:smartExtra |
Grants permission to intelligently extract structured fields. |
write |
- |
- |
lts:logStream:getAggrResult |
Grants permission to query quick analysis results. |
read |
logStream * |
- |
lts:logStream:getAggr |
Grants permission to query a quick analysis aggregator. |
read |
- |
- |
lts:logStream:createAggr |
Grants permission to create a quick analysis aggregator. |
write |
- |
- |
lts:logStream:deleteAggr |
Grants permission to delete a quick analysis aggregator. |
write |
- |
- |
lts:logStream:getQuickAnalysisAggValue |
Grants permission to query quick analysis results of numeric types. |
read |
logStream * |
- |
lts:logStream:getWordFreqConfig |
Grants permission to query the quick analysis fields created by a user. |
read |
logStream * |
- |
lts:logStream:refreshWordFreqConfig |
Grants permission to modify a quick analysis field. |
write |
logStream * |
- |
lts:logCrux:list |
Grants permission to query LogReduce information. |
list |
- |
- |
lts:logCrux:get |
Grants permission to query the LogReduce switch status. |
read |
- |
- |
lts:logCrux:enable |
Grants permission to enable LogReduce. |
write |
- |
- |
lts:logCrux:disable |
Grants permission to disable LogReduce. |
write |
- |
- |
lts:logStream:updateChart |
Grants permission to update a user log dashboard. |
write |
- |
- |
lts:logStream:createChart |
Grants permission to create a user log dashboard. |
write |
- |
- |
lts:logStream:deleteChart |
Grants permission to delete a user log dashboard. |
write |
logStream * |
- |
lts:logStream:getChart |
Grants permission to query a user log dashboard. |
read |
logStream * |
- |
lts:dashboard:deleteChart |
Grants permission to delete a chart. |
write |
dashboard * |
- |
lts:dashboard:listCharts |
Grants permission to display dashboard-level charts. |
list |
- |
- |
lts:dashboard:updateChart |
Grants permission to move a chart. |
write |
dashboard * |
- |
lts:dashboard:getDashboard |
Grants permission to query a user log dashboard. |
read |
- |
- |
lts:dashboardGroup:getDashboardsGroup |
Grants permission to query a user log dashboard group. |
read |
- |
- |
lts:dashboardGroup:updateDashboardsGroup |
Grants permission to modify a user log dashboard group. |
write |
- |
- |
lts:dashboardGroup:deleteDashboardsGroup |
Grants permission to update a user log dashboard group. |
write |
- |
- |
lts:dashboard:CreateDashBoard |
Grants permission to create dashboards in batches based on a log dashboard template. |
write |
- |
- |
lts:dashboard:CreateDashBoardTemplate |
Grants permission to create a user log dashboard template. |
write |
- |
- |
lts:dashboard:getDashBoardTemplate |
Grants permission to query a user log dashboard template. |
read |
- |
- |
lts:dashboard:updateDashBoardTemplate |
Grants permission to modify a user log dashboard template. |
write |
- |
- |
lts:dashboard:deleteDashBoardTemplate |
Grants permission to delete a user log dashboard template. |
write |
- |
- |
lts:dashboardGroup:createLogDashboardTemplateGroup |
Grants permission to create a dashboard template group. |
write |
- |
- |
lts:dashboardGroup:updateLogDashboardTemplateGroup |
Grants permission to modify a dashboard template group. |
write |
- |
- |
lts:dashboardGroup:deleteLogDashboardTemplateGroup |
Grants permission to delete a user log dashboard template group. |
write |
- |
- |
lts:dashboard:listFilter |
Grants permission to query dashboard filters. |
list |
dashboard * |
- |
lts:dashboard:createFilter |
Grants permission to create a dashboard filter. |
write |
dashboard * |
- |
lts:dashboard:updateFilter |
Grants permission to modify a dashboard filter. |
write |
dashboard * |
- |
lts:dashboard:deleteFilter |
Grants permission to delete a dashboard filter. |
write |
dashboard * |
- |
lts:alarmRule:listAlarmRules |
Grants permission to query the alarm rule list. |
list |
- |
- |
lts:alarmRule:getKeywordsAlarmRule |
Grants permission to query a keyword alarm rule. |
read |
alarmRule * |
- |
lts:alarmRule:getSqlAlarmRule |
Grants permission to query a SQL alarm rule. |
read |
alarmRule * |
- |
lts:alarm:listAlarmStatistic |
Grants permission to query SQL alarm data. |
list |
- |
- |
lts:dashboard:update |
Grants permission to modify a user log dashboard. |
write |
- |
- |
lts:dashboard:delete |
Grants permission to delete a user log dashboard. |
write |
- |
- |
lts:logSearch:list |
Grants permission to obtain the cluster, namespace, component, instance, log, node, log file page component, and file lists. |
list |
- |
- |
lts:logSearch:getTime |
Grants permission to query the current time of a backend node. |
read |
- |
- |
lts:logSearch:getLogContext |
Grants permission to obtain log context. |
read |
- |
- |
lts:logSearch:exportLogs |
Grants permission to download logs. |
write |
- |
- |
lts:ageingTime:get |
Grants permission to obtain quota management. |
list |
- |
- |
lts:ageingTime:update |
Grants permission to modify quota management. |
write |
- |
- |
lts:logConfigPath:list |
Grants permission to query VM log path configurations. |
list |
- |
- |
lts:logConfigPath:create |
Grants permission to create a VM log path configuration. |
write |
- |
- |
lts:structRule:get |
Grants permission to obtain a structuring rule. |
read |
- |
- |
lts:structRule:create |
Grants permission to create a structuring rule. |
write |
- |
- |
lts:structRule:delete |
Grants permission to delete a structuring rule. |
write |
- |
- |
lts:structRule:regex |
Grants permission to extract data in a structured manner. |
write |
- |
- |
lts:logPail:list |
Grants permission to query log buckets, logs in buckets, and log bar charts. |
list |
- |
- |
lts:structSql:list |
Grants permission to query structured logs. |
list |
- |
- |
lts:logPail:create |
Grants permission to add a log bucket. |
write |
- |
- |
lts:logPail:update |
Grants permission to modify a log bucket. |
list |
- |
- |
lts:logPail:delete |
Grants permission to delete a log bucket. |
write |
- |
- |
lts:storageRelation:list |
Grants permission to query transfer relationships of the current tenant. |
list |
- |
- |
lts:storageRelation:delete |
Grants permission to delete transfer relationships of the current tenant. |
write |
- |
- |
lts:storage:batchAction |
Grants permission to periodically start and stop tasks in batches. |
write |
- |
- |
lts:logPailDump:create |
Grants permission to add a log transfer task. |
write |
- |
- |
lts:statisticsRule:list |
Grants permission to query a statistical rule. |
list |
- |
- |
lts:statisticsRule:create |
Grants permission to create a statistical rule. |
write |
- |
- |
lts:statisticsRule:update |
Grants permission to modify a statistical rule. |
write |
- |
- |
lts:statisticsRule:delete |
Grants permission to delete a statistical rule. |
write |
- |
- |
lts:transfer:listKafkaInstanceTopic |
Grants permission to query all topics of a Kafka instance. |
list |
- |
- |
lts:logPackage:create |
Grants permission to purchase resource packages. |
write |
- |
- |
lts:consumerGroup:create |
Grants permission to create a consumer group. |
write |
- |
- |
lts:consumerGroup:delete |
Grants permission to delete a consumer group. |
write |
- |
- |
lts:consumerGroup:list |
Grants permission to query the consumer group list. |
list |
- |
- |
lts:consumerGroup:get |
Grants permission to query the consumer group details. |
read |
- |
- |
lts:consumerGroup:update |
Grants permission to modify a consumer group. |
write |
- |
- |
lts:logStream:get |
Grants permission to obtain log stream details. |
read |
- |
- |
lts:agency:listGroupAndStream |
Grants permission to obtain the log stream list of the delegator's log group. |
list |
- |
- |
lts:agency:listEps |
Grants permission to obtain the EPS list of the delegator. |
list |
- |
- |
lts:agency:listStructConfig |
Grants permission to obtain the structuring configurations of the delegator. |
list |
- |
- |
lts:logConverge:get |
Grants permission to obtain the multi-account log center configurations. |
read |
- |
- |
lts:logConverge:update |
Grants permission to update the multi-account log center configurations. |
write |
- |
- |
lts:logManager:createAggr |
Grants permission to create a quick analysis aggregator. |
write |
logStream * |
- |
lts:logManager:createAggrs |
Grants permission to create quick analysis aggregators in batches. |
write |
logStream * |
- |
lts:logManager:deleteAggr |
Grants permission to delete a quick analysis aggregator. |
write |
logStream * |
- |
lts:logManager:deleteAggrs |
Grants permission to delete quick analysis aggregators in batches. |
write |
logStream * |
- |
lts:logmanager:createLogFilter |
Grants permission to create a log cleaning rule. |
write |
logStream * |
- |
lts:logmanager:listLogFilters |
Grants permission to query log cleaning rules. |
read |
logStream * |
- |
lts:logmanager:updateLogFilters |
Grants permission to modify a log cleaning rule. |
write |
logStream * |
- |
lts:logmanager:deleteLogFilters |
Grants permission to delete a log cleaning rule. |
write |
logStream * |
- |
lts:structConfig:regex |
Grants permission to structure the example log using regular expressions. |
write |
- |
- |
Each API of LTS usually supports one or more actions. Table 2 lists the supported actions and dependencies.
API |
Action |
Dependencies |
|---|---|---|
POST /v2/{project_id}/groups |
lts:logGroup:createLogGroup |
- |
DELETE /v2/{project_id}/groups/{log_group_id} |
lts:logGroup:deleteLogGroup |
- |
GET /v2/{project_id}/groups |
lts:logGroup:listLogGroup |
- |
POST /v2/{project_id}/groups/{log_group_id} |
lts:logGroup:updateLogGroup |
- |
POST /v2/{project_id}/groups/{log_group_id}/streams |
lts:logStream:createLogStream |
- |
PUT /v2/{project_id}/groups/{log_group_id}/streams-ttl/{log_stream_id} |
lts:logStream:updateLogStream |
- |
DELETE /v2/{project_id}/groups/{log_group_id}/streams/{log_stream_id} |
lts:logStream:deleteLogStream |
- |
GET /v2/{project_id}/groups/{log_group_id}/streams |
lts:logStream:listLogStream |
- |
GET /v2/{project_id}/log-streams |
lts:logStream:listLogStream |
- |
POST /v2/{project_id}/lts/keyword-count |
lts:logStream:searchLogHistogram |
- |
POST /v2/{project_id}/groups/{log_group_id}/streams/{log_stream_id}/content/query |
lts:logStream:searchLog |
- |
POST /v2/{project_id}/groups/{log_group_id}/streams/{log_stream_id}/struct-content/query |
lts:logStream:searchStructLog |
- |
POST /v2/{project_id}/streams/{log_stream_id}/struct-content/query |
lts:logStream:searchStructLog |
- |
POST /v2/{project_id}/log-dump/obs |
lts:transfer:createTransfer |
|
POST /v2/{project_id}/transfers |
lts:transfer:createTransfer |
|
DELETE /v2/{project_id}/transfers |
lts:transfer:deleteTransfer |
- |
GET /v2/{project_id}/transfers |
lts:transfer:listTransfer |
- |
POST /v2/{project_id}/lts/dms/kafka-instance |
lts:transfer:registerDmsKafkaInstance |
dms:instance:list |
PUT /v2/{project_id}/transfers |
lts:transfer:updateTransfer |
|
POST /v2/{project_id}/collection/disable |
lts:configCenter:updateOverCollectSwitch |
- |
POST /v2/{project_id}/collection/enable |
lts:configCenter:updateOverCollectSwitch |
- |
POST /v3/{project_id}/lts/struct/template |
lts:structConfig:createStructConfig |
- |
POST /v2/{project_id}/lts/struct/template |
lts:structConfig:createStructConfig |
- |
DELETE /v2/{project_id}/lts/struct/template |
lts:structConfig:deleteStructConfig |
- |
GET /v3/{project_id}/lts/struct/customtemplate/list |
lts:structConfig:listStructTemplate |
- |
GET /v3/{project_id}/lts/struct/customtemplate |
lts:structConfig:listStructTemplate |
- |
GET /v2/{project_id}/lts/struct/template |
lts:structConfig:getStructConfig |
- |
PUT /v3/{project_id}/lts/struct/template |
lts:structConfig:updateStructConfig |
- |
PUT /v2/{project_id}/lts/struct/template |
lts:structConfig:updateStructConfig |
- |
POST /v2/{project_id}/lts/aom-mapping |
lts:mappingRule:create |
- |
DELETE /v2/{project_id}/lts/aom-mapping |
lts:mappingRule:delete |
- |
GET /v2/{project_id}/lts/aom-mapping/{rule_id} |
lts:mappingRule:get |
- |
GET /v2/{project_id}/lts/aom-mapping |
lts:mappingRule:list |
- |
PUT /v2/{project_id}/lts/aom-mapping |
lts:mappingRule:update |
- |
GET /v2/{project_id}/lts/notifications/topics |
lts:alarmNoticeTemplate:list |
smn:topic:list |
POST /v2/{project_id}/lts/alarms/sql-alarm-rule |
lts:alarmRule:createSqlAlarmRule |
- |
DELETE /v2/{project_id}/lts/alarms/sql-alarm-rule/{sql_alarm_rule_id} |
lts:alarmRule:deleteSqlAlarmRule |
- |
GET /v2/{project_id}/lts/alarms/sql-alarm-rule |
lts:alarmRule:listSqlAlarmRule |
- |
PUT /v2/{project_id}/lts/alarms/status |
lts:alarmRule:updateSqlAlarmRule |
- |
PUT /v2/{project_id}/lts/alarms/sql-alarm-rule |
lts:alarmRule:updateSqlAlarmRule |
- |
POST /v2/{project_id}/lts/alarms/keywords-alarm-rule |
lts:alarmRule:createWordAlarmRule |
- |
DELETE /v2/{project_id}/lts/alarms/keywords-alarm-rule/{keywords_alarm_rule_id} |
lts:alarmRule:deleteWordAlarmRule |
- |
GET /v2/{project_id}/lts/alarms/keywords-alarm-rule |
lts:alarmRule:listWordAlarmRule |
- |
PUT /v2/{project_id}/lts/alarms/keywords-alarm-rule |
lts:alarmRule:updateWordAlarmRule |
- |
POST /v2/{project_id}/{domain_id}/lts/alarms/sql-alarm/clear |
lts:alarm:cleanAlarm |
- |
POST /v2/{project_id}/{domain_id}/lts/alarms/sql-alarm/query |
lts:alarm:listAlarm |
- |
GET /v2/{project_id}/groups/{log_group_id}/streams/{log_stream_id}/charts |
lts:logStream:listChart |
- |
POST /v2/{project_id}/{domain_id}/lts/events/notification/templates |
lts:alarmNoticeTemplate:create |
- |
DELETE /v2/{project_id}/{domain_id}/lts/events/notification/templates |
lts:alarmNoticeTemplate:delete |
- |
POST /v2/{project_id}/{domain_id}/lts/events/notification/templates/view |
lts:alarmNoticeTemplate:list |
- |
GET /v2/{project_id}/{domain_id}/lts/events/notification/templates |
lts:alarmNoticeTemplate:list |
- |
GET /v2/{project_id}/{domain_id}/lts/events/notification/template/{template_name} |
lts:alarmNoticeTemplate:get |
- |
PUT /v2/{project_id}/{domain_id}/lts/events/notification/templates |
lts:alarmNoticeTemplate:update |
- |
POST /v3/{project_id}/lts/host-group |
lts:hostGroup:create |
- |
DELETE /v3/{project_id}/lts/host-group |
lts:hostGroup:delete |
- |
POST /v3/{project_id}/lts/host-list |
lts:host:list |
|
POST /v3/{project_id}/lts/host-group-list |
lts:hostGroup:list |
- |
PUT /v3/{project_id}/lts/host-group |
lts:hostGroup:update |
- |
POST /v3/{project_id}/lts/access-config |
lts:accessConfig:create |
- |
DELETE /v3/{project_id}/lts/access-config |
lts:accessConfig:delete |
- |
POST /v3/{project_id}/lts/access-config-list |
lts:accessConfig:list |
- |
PUT /v3/{project_id}/lts/access-config |
lts:accessConfig:update |
- |
POST /v1/{project_id}/{resource_type}/{resource_id}/tags/action |
lts:tag:create |
- |
POST /v1.0/{project_id}/groups/{group_id}/topics/{topic_id}/search-criterias |
lts:logStream:createQuickQuery |
- |
DELETE /v1.0/{project_id}/groups/{group_id}/topics/{topic_id}/search-criterias |
lts:logStream:deleteQuickQuery |
- |
GET /v1.0/{project_id}/groups/{group_id}/topics/{topic_id}/search-criterias |
lts:logStream:listQuickQuery |
- |
GET /v2/{project_id}/lts/history-sql |
lts:logStream:getHistorySql |
- |
GET /v1.0/{project_id}/lts/groups/{group_id}/search-criterias |
lts:logStream:listQuickQuery |
- |
POST /v1.0/{project_id}/lts/favorite |
lts:logFavorite:create |
- |
DELETE /v1.0/{project_id}/lts/favorite/{fav_res_id} |
lts:logFavorite:delete |
- |
POST /v2/{project_id}/dashboard |
lts:dashboard:create |
- |
POST /v2/{project_id}/lts/dashboard-group |
lts:dashboardGroup:create |
- |
POST /v2/{project_id}/lts/timeline-traffic-statistics |
lts:trafficStatistic:get |
- |
POST /v2/{project_id}/lts/topn-traffic-statistics |
lts:trafficStatistic:get |
- |
Resources
A resource type indicates the resources that an SCP applies to. If you specify a resource type for any action in Table 3, the resource URN must be specified in the SCP statements using that action, and the SCP applies only to resources of this type. If no resource type is specified, the Resource element is marked with an asterisk (*) and the SCP applies to all resources. You can also set condition keys in an SCP to define resource types.
The following table lists the resource types that you can define in SCP statements for LTS.
Resource Type |
URN |
|---|---|
logStream |
lts:<region>:<account-id>:logStream:<group_id>/<stream_id> |
logGroup |
lts:<region>:<account-id>:logGroup:<group_id> |
dashboard |
lts:<region>:<account-id>:dashboard:<dashboard_id> |
accessConfig |
lts:<region>:<account-id>:accessConfig:<config_id> |
alarmRule |
lts:<region>:<account-id>:alarmRule:<alarm_rule_id> |
transfer |
lts:<region>:<account-id>:transfer:<transfer_id> |
hostGroup |
lts:<region>:<account-id>:hostGroup:<host_group_id> |
Conditions
LTS does not support service-specific condition keys in SCPs. It can only use global condition keys applicable to all services. For details, see Global Condition Keys.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
