このページは、お客様の言語ではご利用いただけません。Huawei Cloudは、より多くの言語バージョンを追加するために懸命に取り組んでいます。ご協力ありがとうございました。
- What's New
- Service Overview
- Billing
- Getting Started
-
User Guide
- GES Overview
- Preparations
- Permissions Management
- Metadata Operations
- Creating Graphs
-
Managing Graphs
- Graph Management Overview
- Viewing a Failed Graph
- Backing Up and Restoring Graphs
- Upgrading a Graph
- Rolling Back a Graph
- Exporting a Graph
- Restarting a Graph
- Resizing a Graph
- Expanding a Graph
- Binding and Unbinding an EIP
- Clearing Data
- Deleting a Graph
- Viewing Monitoring Metrics
- Querying Schema
- Connecting GES to LTS
- Changing a Security Group
- Changing the Security Mode
- Data Migration
-
Accessing and Analyzing Graph Data
- Graph Editor
- Accessing the GES Graph Editor
- Dynamic Graphs
- Graph Exploration
- Multi-Graph Management (Database Edition)
- HyG Graph Management (Database Edition)
- Adding Custom Operations
- Editing Schema
- Visual Query
- Canvas Snapshot
- Gremlin Query
- Cypher Query
- DSL Query
- Analyzing Graphs Using Algorithms
- Analyzing Graphs on the Canvas
- Graph Display in 3D View
- Filter Criteria
- Editing Properties
- Statistics Display
- Check Running Records
- Viewing Query Results
- Viewing Graph Tasks
- Configuring Permissions
- O&M Monitoring and Alarm Reporting
- Package Management
-
Algorithms
- Algorithm List
- PageRank
- PersonalRank
- K-core
- K-hop
- Shortest Path
- All Shortest Paths
- Filtered Shortest Path
- SSSP
- Shortest Path of Vertex Sets
- n-Paths
- Closeness Centrality
- Label Propagation
- Louvain
- Link Prediction
- Node2vec
- Real-time Recommendation
- Common Neighbors
- Connected Component
- Degree Correlation
- Triangle Count
- Clustering Coefficient
- Betweenness Centrality
- Edge Betweenness Centrality
- Origin-Destination Betweenness Centrality
- Circle Detection with a Single Vertex
- Common Neighbors of Vertex Sets
- All Shortest Paths of Vertex Sets
- Filtered Circle Detection
- Subgraph Matching
- Filtered All Pairs Shortest Paths
- Filtered All Shortest Paths
- TopicRank
- Filtered n-Paths
- Temporal Paths
-
Developer Guide
- Overview
- Using the Management Plane SDK
-
Using the Service Plane SDK
- Downloading and Installing the SDK
- Obtaining Initialization Parameters
- Java SDK
- Python SDK
- Using Cypher JDBC Driver to Access GES
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
Management Plane APIs (V2)
- System Management
-
Graph Management
- Listing Graphs (2.1.18)
- Querying Graph Details (1.0.0)
- Creating a Graph (2.2.2)
- Stopping a Graph (1.0.0)
- Starting a Graph (1.0.0)
- Deleting a Graph (1.0.0)
- Incrementally Importing Data to a Graph (2.1.14)
- Exporting a Graph (1.0.5)
- Clearing a Graph(2.1.2)
- Upgrading a Graph (1.0.5)
- Binding an EIP (1.0.6)
- Unbinding an EIP(1.0.6)
- Changing Size (2.2.21)
- Forcibly Restarting a Graph (2.2.21)
- Expanding a Graph (2.2.23)
- Changing the Security Group (2.4.3)
- Backup Management
- Metadata Management
- Task Center
- Plugin Management
-
Service Plane APIs
-
Memory Edition
-
Vertex Operation APIs
- Querying Vertices That Meet Filter Criteria (1.0.0)
- Querying Vertex Details (1.0.0)
- Adding a Vertex (1.0.6)
- Deleting a Vertex (1.0.6)
- Updating Vertex Properties (1.1.6)
- Batch Querying Vertex Data (1.1.9)
- Batch Adding Vertices (2.1.16)
- Batch Deleting Vertices (2.1.9)
- Batch Updating Vertex Properties (2.1.10)
- Adding a Vertex Label (1.1.6)
- Deleting a Vertex Label (1.1.6)
- Exporting Filtered Vertices (2.2.7)
- Deleting Filtered Vertices (2.2.7)
-
Edge Operation APIs
- Querying Edges That Meet Filter Criteria (1.0.0)
- Querying Edge Details (1.0.0)
- Adding an Edge (2.1.2)
- Deleting an Edge (1.0.6)
- Updating Edge Properties (1.1.6)
- Batch Querying Edge Data (1.1.6)
- Batch Adding Edges (2.1.16)
- Batch Deleting Edges (2.1.9)
- Batch Updating Edge Properties (2.1.10)
- Exporting Filtered Edges (2.2.7)
- Deleting Filtered Edges (2.2.7)
- Metadata Operation APIs
- Index Operation APIs
- Gremlin Operation APIs
-
Algorithm APIs
- Running Algorithms (1.0.0)
-
Algorithm API Parameter References
- Common Algorithm Parameters
- PageRank (1.0.0)
- PersonalRank (1.0.0)
- K-core (1.0.0)
- K-hop (1.0.0)
- Common Neighbors (1.0.0)
- Common Neighbors of Vertex Sets (2.2.13)
- Link Prediction (1.0.0)
- Shortest Path (2.1.5)
- All Shortest Paths (1.0.12)
- Filtered Shortest Path (2.2.4)
- SSSP (1.0.0)
- Shortest Path of Vertex Sets (2.1.5)
- n-Paths (1.1.2)
- Filtered n-Paths (2.2.22)
- Filtered All Pairs Shortest Paths (2.2.17)
- All Shortest Paths of Vertex Sets (2.2.15)
- Filtered All Shortest Paths (2.2.17)
- Connected Component (1.0.0)
- Label Propagation (2.1.8)
- Louvain (2.2.1)
- Node2vec (1.0.5)
- Real-time Recommendation (2.2.21)
- Degree Correlation (1.0.0)
- Triangle Count (1.0.0)
- Cluster Coefficient (1.0.0)
- Closeness Centrality (1.0.0)
- Betweenness Centrality (2.2.4)
- Edge Betweenness Centrality (2.2.4)
- Origin-Destination Betweenness Centrality (2.2.4)
- Circle Detection with a Single Vertex (2.2.4)
- Filtered Circle Detection (2.2.15)
- Subgraph Matching (2.2.16)
- Topicrank (2.2.20)
- Temporal Graph APIs
- Path APIs
- Graph Statistics APIs
- Graph Operation APIs
- Subgraph Operation APIs
- Job Management APIs
- Custom Operations APIs
- Cypher Queries (2.2.16)
- Filtered Query (2.2.13)
- Filtered Query V2 (2.3.6)
- Domain-Specific Language (DSL) Query APIs (2.3.14)
- Updating Specified Properties of Vertices and Edges by Importing a File (2.2.13)
- Deleting Vertices and Edges by Files (2.2.15)
- O&M Monitoring APIs
-
Vertex Operation APIs
-
Database Edition
- Specification Description
- Vertex Operation APIs
- Edge Operation APIs
- Metadata Operation APIs
- Index Operation APIs
- HyG Graph Management APIs
-
HyG Algorithm APIs
- Running Algorithms
-
Algorithm API Parameter Reference
- Common Algorithm Parameters
- PageRank
- PersonalRank
- K-core
- K-Hop
- Common Neighbors of Vertex Sets
- Shortest Path
- All Shortest Paths
- All Pairs Shortest Paths
- SSSP
- Shortest Path of Vertex Sets
- All Shortest Paths of Vertex Sets
- Connected Component
- Triangle Count
- Closeness Centrality
- Betweenness Centrality
- Edge Betweenness Centrality
- Origin-Destination Betweenness Centrality
- Circle Detection with a Single Vertex
- TopicRank
- Louvain
- Bigclam
- Cesna
- Infomap
- Label Propagation
- Subgraph Matching
- Link Prediction
- n Paths
- Cluster Coefficient
- Algorithm Results in TXT Format
- Executing the DSL Algorithm
- DSL Syntax
- HyG Job Management APIs
- Native Algorithm APIs
- Graph Statistics APIs
- Graph Operation APIs
- Job Management APIs
- Cypher Operation APIs
- Interactive Transaction APIs
-
Memory Edition
- Application Examples
- Permissions Policies and Supported Actions
- GES Metrics on Cloud Eye
-
Out-of-Date APIs
-
Management Plane APIs (V1)
- System Management APIs
-
Graph Management APIs
- Querying the Graph List (2.1.18)
- Querying Graph Details (1.0.0)
- Creating a Graph (2.2.2)
- Stopping a Graph (1.0.0)
- Starting a Graph (1.0.0)
- Deleting a Graph (1.0.0)
- Incrementally Importing Data to Graphs (2.1.14)
- Exporting a Graph (1.0.5)
- Clearing a Graph(2.1.2)
- Upgrading a Graph (1.0.5)
- Binding an EIP (1.0.6)
- Unbinding an EIP(1.0.6)
- Resizing a Graph (2.2.21)
- Forcibly Restarting a Graph (2.2.21)
- Expanding a Graph (2.2.23)
- Backup Management APIs
- Metadata Management APIs
- Task Center APIs
- Service Plane APIs
-
Management Plane APIs (V1)
- Appendix
-
FAQs
- Customer Consultation
-
API Use
- How Do I Import Data to GES?
- When Binding an EIP to an Existing Instance or an Instance Being Created, What Should I Do to Deal with Insufficient Permissions for Creating Agencies?
- When Binding an EIP to an Existing Instance or an Instance Being Created, What Should I Do to Deal with Insufficient Quotas for Creating Agencies?
- Can I Run Several Gremlin/Cypher Commands At a Time?
- If a Vertex Is Deleted, What Will Happen to Edges Formed Based on the Vertex?
- What Do I Do If an Error Message Indicating a Vertex Does Not Exist Is Displayed When Properties of the Vertex Whose ID Contains Chinese Characters Are Modified?
- GUI
- Others
-
More Documents
-
User Guide (ME-Abu Dhabi Region)
- GES Overview
- Permissions Management
- Importing Metadata
- Creating Graphs
- Managing Graphs
-
Accessing and Analyzing Graph Data
- Graph Editor
- Accessing the GES Graph Editor
- Exploring Graphs
- Adding Custom Operations
- Editing Schema
- Gremlin Query
- Cypher Query
- Analyzing Graphs Using Algorithms
- Analyzing Graphs on the Canvas
- Graph Display in 3D View
- Filtering Conditions
- Editing Properties
- Statistics Display
- View Running Records
- Viewing Query Results
- Viewing Graph Tasks
- Configuring Permissions
-
Algorithms
- Algorithm List
- PageRank
- PersonalRank
- K-core
- K-hop
- Shortest Path
- All Shortest Paths
- SSSP
- Shortest Path of Vertex Sets
- n-Paths
- Closeness Centrality
- Label Propagation
- Louvain
- Link Prediction
- Node2vec
- Real-time Recommendation
- Common Neighbors
- Connected Component
- Degree Correlation
- Triangle Count
- Clustering Coefficient
- Common Neighbors of Vertex Sets
- Subgraph Matching
- Filtered All Pairs Shortest Paths
- Filtered All Shortest Paths
- TopicRank
- Filtered n-Paths
-
API Reference (ME-Abu Dhabi Region)
- Before You Start
- Calling APIs
- Management Plane APIs
-
Service Plane APIs
-
Vertex Operation APIs
- Querying Vertices That Meet Filter Criteria
- Querying Vertex Details
- Adding a Vertex
- Deleting a Vertex
- Updating Vertex Properties
- Querying Vertex Data in Batches
- Adding Vertices in Batches
- Deleting Vertices in Batches
- Updating Vertex Properties in Batches
- Adding a Vertex Label
- Deleting a Vertex Label
- Exporting Filtered Vertices
- Deleting Filtered Vertices
- Edge Operation APIs
- Metadata Operation APIs
- Index Operation APIs
- Gremlin Operation APIs
-
Algorithm APIs
- Running Algorithms
-
Algorithm API Parameter References
- Common Algorithm Parameters
- PageRank
- PersonalRank
- K-core
- K-hop
- Shortest Path
- All Shortest Paths
- Filtered Shortest Path
- SSSP
- Shortest Path of Vertex Sets
- n-Paths
- Closeness Centrality
- Label Propagation
- Louvain
- Link Prediction
- Node2vec
- Real-time Recommendation
- Common Neighbors
- Connected Component
- Degree Correlation
- Triangle Count
- Cluster Coefficient
- Common Neighbors of Vertex Sets
- All Shortest Paths of Vertex Sets
- Filtered Circle Detection
- Subgraph Matching
- Filtered All Pairs Shortest paths
- Filtered All Shortest Paths
- TopicRank
- Filtered n-Paths (2.2.22)
- Path APIs
- Graph Statistics APIs
- Subgraph Operation APIs
- Job Management APIs
- Querying K Hop Vertices or Edges Using a Filter
- Updating Specified Properties of Vertices and Edges by Importing a File
- Deleting Vertices and Edges by Files
- Cypher Operation API
- Granular Permission Control APIs
-
Vertex Operation APIs
- GES Metrics
- Appendix
-
User Guide (Kuala Lumpur Region)
- GES Overview
- Permissions Management
- Importing Metadata
- Creating Graphs
- Managing Graphs
-
Accessing and Analyzing Graph Data
- Graph Editor
- Accessing the GES Graph Editor
- Exploring Graphs
- Adding Custom Operations
- Editing Schema
- Gremlin Query
- Cypher Query
- Analyzing Graphs Using Algorithms
- Analyzing Graphs on the Canvas
- Graph Display in 3D View
- Filtering Conditions
- Editing Properties
- Statistics Display
- View Running Records
- Viewing Query Results
- Viewing Graph Tasks
- Configuring Permissions
-
Algorithms
- Algorithm List
- PageRank
- PersonalRank
- K-core
- K-hop
- Shortest Path
- All Shortest Paths
- SSSP
- Shortest Path of Vertex Sets
- n-Paths
- Closeness Centrality
- Label Propagation
- Louvain
- Link Prediction
- Node2vec
- Real-time Recommendation
- Common Neighbors
- Connected Component
- Degree Correlation
- Triangle Count
- Clustering Coefficient
- Common Neighbors of Vertex Sets
- Subgraph Matching
- Filtered All Pairs Shortest Paths
- Filtered All Shortest Paths
- TopicRank
- Filtered n-Paths
-
API Reference (Kuala Lumpur Region)
- Before You Start
- Calling APIs
- Management Plane APIs
-
Service Plane APIs
-
Vertex Operation APIs
- Querying Vertices That Meet Filter Criteria
- Querying Vertex Details
- Adding a Vertex
- Deleting a Vertex
- Updating Vertex Properties
- Querying Vertex Data in Batches
- Adding Vertices in Batches
- Deleting Vertices in Batches
- Updating Vertex Properties in Batches
- Adding a Vertex Label
- Deleting a Vertex Label
- Exporting Filtered Vertices
- Deleting Filtered Vertices
- Edge Operation APIs
-
Metadata Operation APIs
- Adding a Label
- Updating a Label
- Query Labels (for 100-billion-edge graphs only)
- Querying Graph Metadata Details
- Changing Property Names in Batches
- Deleting a Label
- Adding Labels in Batches
- Adding Properties (for 100-billion-edge graphs only)
- Query Properties (for 100-billion-edge graphs only)
- Querying the Property List (for 100-billion-edge graphs only)
- Querying Schema Structure
- Generating a Schema Structure
- Index Operation APIs
- Gremlin Operation APIs
-
Algorithm APIs
- Running Algorithms
-
Algorithm API Parameter References
- Common Algorithm Parameters
- PageRank
- PersonalRank
- K-core
- K-hop
- Shortest Path
- All Shortest Paths
- Filtered Shortest Path
- SSSP
- Shortest Path of Vertex Sets
- n-Paths
- Closeness Centrality
- Label Propagation
- Louvain
- Link Prediction
- Node2vec
- Real-time Recommendation
- Common Neighbors
- Connected Component
- Degree Correlation
- Triangle Count
- Cluster Coefficient
- Common Neighbors of Vertex Sets
- All Shortest Paths of Vertex Sets
- Filtered Circle Detection (2.2.15)
- Subgraph Matching (2.2.16)
- Filtered All Pairs Shortest Paths (2.2.17)
- Filtered All Shortest Paths (2.2.17)
- Topicrank (2.2.20)
- Filtered n-Paths (2.2.22)
- Path APIs
- Graph Statistics APIs
- Subgraph Operation APIs
- Job Management APIs
- Querying K Hop Vertices or Edges Using a Filter
- Updating Specified Properties of Vertices and Edges by Importing a File
- Deleting Vertices and Edges by Files
- Performing Cypher Queries
- Granular Permission Control APIs
-
Vertex Operation APIs
- GES Metrics
- Appendix
-
User Guide (ME-Abu Dhabi Region)
- General Reference
Show all
Copied.
Permissions Policies and Supported Actions
This chapter describes fine-grained permissions management for your GES. If your Huawei Cloud account does not need individual IAM users, then you may skip over this chapter.
By default, new IAM users do not have permissions assigned. You need to add the users to one or more groups, and attach permissions policies or roles to these groups. The users then inherit permissions from the groups to which they are added. After authorization, the users can perform specified operations on GES based on the permissions. For more information about policy syntax and example policies, see see Permissions Management.
- Roles: A type of coarse-grained authorization mechanism that defines permissions related to user responsibilities. This mechanism provides only a limited number of service-level roles for authorization. When using roles to grant permissions, you need to also assign other roles on which the permissions depend to take effect. However, roles are not an ideal choice for fine-grained authorization and secure access control.
- Policies: A type of fine-grained authorization mechanism that defines permissions required to perform operations on specific cloud resources under certain conditions. This mechanism allows for more flexible policy-based authorization, meeting requirements for secure access control. For example, you can grant GES users only the permissions for managing a certain type of cloud servers.
- If you want to allow or deny the access to an API, fine-grained authorization is a good choice.
- Because of the cache, it takes about 13 minutes for an OBS role to take effect after being granted to users and user groups. After a policy is granted, it takes about 5 minutes to take effect.
An account has full API permissions, but IAM users within the account need to be granted the necessary permissions to call the APIs. The permissions required for calling an API are determined by the actions supported by the API. Only users who have been granted permissions allowing the actions can call the API successfully. For example, if an IAM user queries a graph using an API, the user must have been granted permissions that allow the ges:graph:list action.
Supported Actions
Operations supported by policies are specific to APIs. The following are common concepts related to policies:
- Permissions: defined by actions in a custom policy.
- APIs: RESTful APIs that can be called in a custom policy.
- Actions: added to a custom policy to control permissions for specific operations.
- Related actions: Actions on which a specific action depends to take effect. When assigning permissions for the action to a user, you also need to assign permissions for the related actions.
- IAM or enterprise projects: Type of projects for which an action will take effect. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management. Policies that only contain actions supporting IAM projects can be assigned to user groups and only take effect in IAM. Such policies will not take effect if they are assigned to user groups in Enterprise Management. For details about the differences between IAM and enterprise projects, see Differences Between IAM and Enterprise Management.
The check mark (√) indicates that an action takes effect. The cross mark (x) indicates that an action does not take effect.
GES supports the following actions that can be defined in custom policies:
Permission |
API |
Action |
Related Action |
IAM Project (Project) |
Enterprise Project |
---|---|---|---|---|---|
Listing graphs |
GET /v1.0/{project_id}/graphs?offset={offset}&limit={limit} |
ges:graph:list |
Project-level service VPC vpc:publicIps:get |
√ |
√ |
Querying graph details |
GET /v1.0/{project_id}/graphs/{graph_id} |
ges:graph:getDetail |
- |
√ |
√ |
Creating a graph |
POST /v1.0/{project_id}/graphs |
ges:graph:create |
Project-level service ECS ecs:cloudServerFlavors:get ecs:cloudServerNics:update Project-level service EVS evs:types:get Project-level service VPC vpc:ports:create vpc:ports:update vpc:securityGroups:get vpc:publicIps:list vpc:ports:get vpc:subnets:get vpc:vpcs:list |
√ |
√ |
Stopping a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=stop |
ges:graph:operate |
- |
√ |
√ |
Starting a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=start |
ges:graph:operate |
- |
√ |
√ |
Deleting a graph |
DELETE /v1.0/{project_id}/graphs/{graph_id} |
ges:graph:delete |
Project-level service VPC vpc:publicIps:get vpc:ports:delete vpc:ports:get |
√ |
√ |
Incrementally importing data into a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=import-graph |
ges:graph:operate |
- |
√ |
√ |
Exporting a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=export-graph |
ges:graph:operate |
- |
√ |
√ |
Clearing a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=clear-graph |
ges:graph:operate |
- |
√ |
√ |
Upgrading a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=upgrade |
ges:graph:operate |
- |
√ |
√ |
Restarting a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/action |
ges:graph:operate |
- |
√ |
√ |
Resizing a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/resize |
ges:graph:resize |
- |
√ |
√ |
Expanding a graph |
POST /v1.0/{project_id}/graphs/{graph_id}/expand |
ges:graph:expand |
Project-level service ECS ecs:cloudServerFlavors:get ecs:cloudServerNics:update Project-level service EVS evs:types:get Project-level service VPC vpc:ports:create vpc:ports:update vpc:securityGroups:get vpc:publicIps:list vpc:ports:get vpc:subnets:get vpc:vpcs:list |
√ |
√ |
Binding an EIP |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=bindEip |
ges:graph:operate |
- |
√ |
√ |
Unbinding an EIP |
POST /v1.0/{project_id}/graphs/{graph_id}/action?action_id=unbindEip |
ges:graph:operate |
- |
√ |
√ |
Checking the list of all backups |
GET /v1.0/{project_id}/graphs/backups?offset={offset}&limit={limit} |
ges:backup:list |
- |
√ |
√ |
Checking the backup list of a graph |
GET /v1.0/{project_id}/graphs/{graph_id}/backups?offset={offset}&limit={limit} |
ges:backup:list |
- |
√ |
√ |
Creating a backup |
POST /v1.0/{project_id}/graphs/{graph_id}/backups |
ges:backup:create |
- |
√ |
√ |
Deleting a backup |
DELETE /v1.0/{project_id}/graphs/{graph_id}/backups/{backup_id} |
ges:backup:delete |
- |
√ |
√ |
Listing metadata files |
GET /v1.0/{project_id}/graphs/metadatas?offset={offset}&limit={limit} |
ges:metadata:list |
- |
√ |
√ |
Querying metadata |
GET /v1.0/{project_id}/graphs/metadatas/{metadata_id} |
ges:metadata:list |
- |
√ |
√ |
Verifying metadata |
POST /v1.0/{project_id}/graphs/action?action_id=check-schema |
ges:metadata:operate |
- |
√ |
√ |
Adding metadata |
POST /v1.0/{project_id}/graphs/metadatas |
ges:metadata:create |
- |
√ |
√ |
Deleting metadata |
DELETE /v1.0/{project_id}/graphs/metadatas/{metadata_id} |
ges:metadata:delete |
- |
√ |
√ |
Querying task status |
GET /v1.0/{project_id}/graphs/{graph_id}/jobs/{job_id}/status |
ges:jobs:getDetail |
- |
√ |
√ |
Listing tasks |
GET /v1.0/{project_id}/graphs/jobs?offset={offset}&limit={limit} |
ges:jobs:list |
- |
√ |
√ |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot