Help Center/
Distributed Database Middleware/
User Guide/
Permissions Management/
Creating a Custom Policy
Updated on 2023-10-09 GMT+08:00
Creating a Custom Policy
You can create custom policies if system-defined policies cannot meet your permission requirements.
You can create custom policies in either of the following ways:
- Visual editor: Select cloud services, actions, resources, and request conditions. This does not require knowledge of policy syntax.
- JSON: Edit JSON policies from scratch or based on an existing policy.
For details, see Creating a Custom Policy.
This section provides examples of common DDM custom policies.
Example Policies
- Example: Denying DDM instance deletion
A deny policy must be used together with other policies. If the permissions assigned to a user contain both "Allow" and "Deny", the "Deny" permissions take precedence over the "Allow" permissions. The following is an example of a deny policy:
{ "Version": "1.1", "Statement": [ { "Effect": "Deny", "Action": [ "ddm:instance:delete" ] } ] }The following is an example custom policy with both Allow and Deny permissions:{ "Version": "1.1", "Statement": [{ "Effect": "Allow" "Action": [ "*:*:*" ], }, { "Action": [ "ddm:instance:create", ], "Effect": "Deny" } ] }
Parent topic: Permissions Management
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
