Customizing Policies
CodeArts Req provides permissions enough for the account administrator to manage all CodeArts projects. You can also customize more fine-grained policies.
You can create custom policies in either of the following ways:
- Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of the policy syntax.
- JSON: Create a policy in JSON format or edit the JSON strings of an existing policy.
For details, see Creating a Custom Policy.
This section provides examples of common CodeArts Req custom policies.
Example Custom Policy
- Example
To grant the permissions for querying projects, creators, and members.
CodeArts Req Fine-grained Operation Permissions
The following table lists all fine-grained operation permissions in CodeArts Req.
Operation |
Description |
Detail |
|---|---|---|
projectmanConfig:template:update |
Set project templates |
Grant this permission to use the function in All Account Settings to edit project templates. |
projectmanConfig:template:delete |
Delete work templates |
Grant this permission to use the function in All Account Settings to delete project templates. |
projectmanConfig:projectCreator:list |
View permitted users who can create projects |
Grant this permission to view the permitted users by choosing . |
projectmanConfig:projectCreator:update |
Set IAM user permissions for creating projects |
Grant this permission to set users who have the permissions for creating projects by choosing All Account Settings > General > Project Creators. |
projectmanConfig:project:list |
View projects under a tenant |
Grant this permission to view all projects by choosing All Account Settings > General > Projects and Members. |
projectmanConfig:member:join |
Join a project under a tenant |
Grant this permission to join any projects by choosing All Account Settings > General > Projects and Members. By default, the role of a newly added member is Project Manager. |
projectmanConfig:project:delete |
Delete projects |
Grant this permission to delete projects by choosing All Account Settings > General > Projects and Members. |
projectmanConfig:memberManagement:list |
View members of all projects |
Grant this permission to view all members by choosing All Account Settings > General > Projects and Members. |
projectmanConfig:memberManagement:delete |
Delete any project member under a tenant |
Grant this permission to remove one or more project members by choosing All Account Settings > General > Projects and Members. |
projectmanConfig:systemSettingField:set |
Set a new work item creator |
Grant this permission to set a user as the work item creator. |
projectmanConfig:enterprise:bind |
Bind an enterprise project |
Grant this permission to bind a CodeArts project to an enterprise project when creating or upgrading enterprise projects. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
