策略授权参考
本章节介绍RDS策略授权场景下支持的策略授权项。
支持的授权项
策略包含系统策略和自定义策略,如果系统策略不满足授权要求,管理员可以创建自定义策略,并通过给用户组授予自定义策略来进行精细的访问控制。策略支持的操作与API相对应,授权项列表说明如下:
- 权限:允许或拒绝某项操作。
- 对应API接口:自定义策略实际调用的API接口。
- 授权项:自定义策略中支持的Action,在自定义策略中的Action中写入授权项,可以实现授权项对应的权限功能。
- 依赖的授权项:部分Action存在对其他Action的依赖,需要将依赖的Action同时写入授权项,才能实现对应的权限功能。
- IAM项目(Project)/企业项目(Enterprise Project):自定义策略的授权范围,包括IAM项目与企业项目。授权范围如果同时支持IAM项目和企业项目,表示此授权项对应的自定义策略,可以在IAM和企业管理两个服务中给用户组授权并生效。如果仅支持IAM项目,不支持企业项目,表示仅能在IAM中给用户组授权并生效,如果在企业管理中授权,则该自定义策略不生效。管理员可以在授权项列表中查看授权项是否支持IAM项目或企业项目,“√”表示支持,“×”表示暂不支持。关于IAM项目与企业项目的区别,详情请参见:IAM与企业管理的区别。
RDS的支持自定义策略授权项如下所示:
权限 | 对应API接口 | 授权项(Action) | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询数据库引擎版本 | GET /v3/{projectId}/datastores/{database_name} | rds:instance:listDatabaseVersion | √ | √ |
查询数据库小版本号 | GET /v3/{project_id}/datastores/{database_name}/small-version | rds:instance:list | √ | √ |
查询数据库规格 | GET /v3/{project_id}/flavors/{database_name}?version_name={version_name} | rds:instance:listFlavors | √ | √ |
查询数据库存储规格 | GET /v3/{project_id}/storage-type/{database_name}?version_name={version_name} | rds:instance:listStorageType | √ | √ |
查询版本支持特性(SQL Server) | GET /v3/{project_id}/major-version-feature | rds:instance:listAll | √ | √ |
权限 | 对应API接口 | 授权项(Action) | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
应用参数模板 | PUT /v3.1/{project_id}/configurations/{config_id}/apply | rds:param:apply | √ | √ |
修改指定实例的参数 | PUT https://{Endpoint}/v3.1/{project_id}/instances/{instance_id}/configurations | rds:param:modify | √ | √ |
恢复到已有实例或当前实例 | POST /v3.1/{project_id}/instances/recovery | rds:instance:restoreInPlace | √ | √ |
表级时间点恢复(MySQL) | POST /v3.1/{project_id}/instances/{instance_id}/restore/tables | rds:instance:tableRestore | √ | √ |
删除数据库(SQLServer) | DELETE /v3.1/{project_id}/instances/{instance_id}/database/{db_name} | rds:database:drop | √ | √ |
查询慢日志统计信息 | POST /v3.1/{project_id}/instances/{instance_id}/slow-logs/statistics | rds:log:list | √ | √ |
API功能 | 对应API接口 | 授权项(Action) | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
创建数据库实例 | POST /v3/{project_id}/instances | rds:instance:create (创建加密实例需要在项目上配置KMS Administrator权限。) | √ | √ |
停止实例 | POST /v3/{project_id}/instances/{instance_id}/action/shutdown | rds:instance:operateServer | √ | √ |
开启实例 | POST /v3/{project_id}/instances/{instance_id}/action/startup | rds:instance:operateServer | √ | √ |
修改实例名称 | PUT /v3/{project_id}/instances/{instance_id}/name | rds:instance:modify | √ | √ |
修改实例备注 | PUT /v3/{project_id}/instances/{instance_id}/alias | rds:instance:modify | √ | √ |
申请内网域名 | POST /v3/{project_id}/instances/{instance_id}/create-dns | rds:instance:createDns | √ | √ |
修改内网域名 | PUT /v3/{project_id}/instances/{instance_id}/modify-dns | rds:instance:modifyDns | √ | √ |
查询实例域名 | GET /v3/{project_id}/instances/{instance_id}/dns | rds:instance:list | √ | √ |
查询实例IPv6域名 | GET /v3/{project_id}/instances/{instance_id}/dns-ipv6 | rds:instance:list | √ | √ |
获取实例的复制状态 | GET /v3/{project_id}/instances/{instance_id}/replication/status | rds:instance:list | √ | √ |
变更数据库实例的规格 | POST /v3/{project_id}/instances/{instance_id}/action | rds:instance:modifySpec | √ | √ |
扩容数据库实例的磁盘空间 | POST /v3/{project_id}/instances/{instance_id}/action | rds:instance:extendSpace | √ | √ |
设置自动扩容策略 | PUT /v3/{project_id}/instances/{instance_id}/disk-auto-expansion | rds:instance:extendSpace | √ | √ |
查询自动扩容策略 | GET /v3/{project_id}/instances/{instance_id}/disk-auto-expansion | rds:instance:list | √ | √ |
单机转主备实例 | POST /v3/{project_id}/instances/{instance_id}/action | rds:instance:singleToHa (加密实例需要在项目上配置KMS Administrator权限。) | √ | √ |
重启数据库实例 | POST /v3/{project_id}/instances/{instance_id}/action | rds:instance:restart | √ | √ |
删除数据库实例 | DELETE /v3/{project_id}/instances/{instance_id} | rds:instance:delete | √ | √ |
删除实例选择是否保留自动备份(SQL Server) | POST /v3/{project_id}/instances/{instance_id}/backups/delete-selection | rds:backup:delete | √ | √ |
批量删除数据库实例 | POST /v3/{project_id}/instances/batch-delete | rds:instance:delete | √ | √ |
查询数据库实例列表 | GET /v3/{project_id}/instances | rds:instance:list | √ | √ |
绑定和解绑弹性公网IP | PUT /v3/{project_id}/instances/{instance_id}/public-ip | rds:instance:modifyPublicAccess | √ | √ |
切换主备实例的倒换策略 | PUT /v3/{project_id}/instances/{instance_id}/failover/strategy | rds:instance:modifyStrategy | √ | √ |
手动倒换主备 | PUT /v3/{project_id}/instances/{instance_id}/failover | rds:instance:switchover | √ | √ |
更改主备实例的数据同步方式 | PUT /v3/{project_id}/instances/{instance_id}/failover/mode | rds:instance:modifySynchronizeModel | √ | √ |
设置实例读写状态 | PUT /v3/{project_id}/instances/{instance_id}/readonly-status | rds:instance:openReadonly | √ | √ |
迁移主备实例的备机 | POST /v3/{project_id}/instances/{instance_id}/migrateslave | rds:instance:create | √ | √ |
设置可维护时间段 | PUT /v3/{project_id}/instances/{instance_id}/ops-window | rds:instance:modify | √ | √ |
升级内核小版本 | POST /v3/{project_id}/instances/{instance_id}/db-upgrade | rds:instance:modify | √ | √ |
设置秒级监控策略 | PUT /v3/{project_id}/instances/{instance_id}/second-level-monitor | rds:log:switch | √ | √ |
查询秒级监控策略 | GET /v3/{project_id}/instances/{instance_id}/second-level-monitor | rds:log:list | √ | √ |
备机顶替只读节点 | POST /v3/{project_id}/instances/{instance_id}/replace-node | rds:instance:update | √ | √ |
查询TOP SQL相关信息 | GET /v3/{project_id}/instances/{instance_id}/top-sqls | rds:instance:listAll | √ | √ |
查询自动变配策略 | GET /v3/{project_id}/instances/{instance_id}/auto-scaling/policy | rds:instance:list | √ | √ |
重建从机 | PUT /v3/{project_id}/instances/{instance_id}/rebuild | rds:instance:modify | √ | √ |
查询重建从机状态 | GET /v3/{project_id}/instances/{instance_id}/rebuild | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
配置主实例容灾能力 | POST /v3/{project_id}/instances/{instance_id}/action | rds:instance:buildDrRelation | √ | √ |
配置灾备实例容灾能力 | POST /v3/{project_id}/instances/{instance_id}/action | rds:instance:buildDrRelation | √ | √ |
灾备升主 | POST /v3/{project_id}/instances/{instance_id}/action | rds:instance:modifyDRRole | √ | √ |
查询容灾复制状态 | GET /v3/{project_id}/instances/{instance_id}/disaster-recovery | rds:instance:list | √ | √ |
批量查询容灾实例信息 | GET /v3/{project_id}/instances/disaster-recovery-relation | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项(Action) | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
设置SSL数据加密 | PUT /v3/{project_id}/instances/{instance_id}/ssl | rds:instance:modifySSL | √ | √ |
获取SSL证书下载地址 | GET /v3/{project_id}/instances/{instance_id}/ssl-cert/download-link | rds:instance:modifySSL | √ | √ |
修改数据库端口 | PUT /v3/{project_id}/instances/{instance_id}/port | rds:instance:modifyPort | √ | √ |
修改安全组 | PUT /v3/{project_id}/instances/{instance_id}/security-group | rds:instance:modifySecurityGroup | √ | √ |
修改内网地址 | PUT /v3/{project_id}/instances/{instance_id}/ip | rds:instance:modifyIp | √ | √ |
弱密码校验 | POST /v3/{project_id}/weakpwd | rds:password:verify | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
一键Kill会话 | PUT /v3/{project_id}/instances/{instance_id}/ops/intelligent-kill-session | rds:instance:modify | √ | √ |
查询一键Kill会话历史 | GET /v3/{project_id}/instances/{instance_id}/ops/intelligent-kill-session/history | rds:instance:list | √ | √ |
查询一键kill会话实时统计信息(MySQL) | GET /v3/{project_id}/instances/{instance_id}/ops/intelligent-kill-session/statistic | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
设置自动备份策略 | PUT /v3/{project_id}/instances/{instance_id}/backups/policy | rds:instance:modifyBackupPolicy | √ | √ |
设置跨区域备份策略 | PUT /v3/{project_id}/instances/{instance_id}/backups/offsite-policy | rds:instance:modifyBackupPolicy | √ | √ |
查询自动备份策略 | GET /v3/{project_id}/instances/{instance_id}/backups/policy | rds:instance:list | √ | √ |
查询跨区域备份策略 | GET https://{endpoint}/v3/0483b6b16e954cb88930a360d2c4e663/instances/dsfae23fsfdsae3435in01/backups/offsite-policy | rds:instance:list | √ | √ |
创建手动备份 | POST /v3/{project_id}/backups | rds:backup:create | √ | √ |
获取备份列表 | GET /v3/{project_id}/backups?instance_id={instance_id}&backup_id={backup_id}&backup_type={backup_type}&offset={offset}&limit={limit}&begin_time={begin _time}&end_time={end_time} | rds:backup:list | √ | √ |
查询跨区域备份列表 | GET /v3/{project_id}/offsite-backups?instance_id={instance_id}&backup_id={backup_id}&backup_type={backup_type}&offset={offset}&limit={limit}&begin_time={begin _time}&end_time={end_time} | rds:backup:list | √ | √ |
查询跨区域备份实例列表 | GET /v3/backups/offsite-backup-instance?offset={offset}&limit={limit} | rds:instance:list | √ | √ |
获取备份下载链接 | GET /v3/{project_id}/backup-files?backup_id={backup_id} | rds:backup:download | √ | √ |
删除手动备份 | DELETE /v3/{project_id}/backups/{backup_id} | rds:backup:delete | √ | √ |
查询可恢复时间段 | GET /v3/{project_id}/instances/{instance_id}/restore-time?date=2020-12-26 | rds:instance:list | √ | √ |
查询跨区域备份可恢复时间段 | GET /v3/{project_id}/instances/{instance_id}/offsite-restore-time?date=2020-12-26 | rds:instance:list | √ | √ |
恢复到新实例 | POST /v3/{project_id}/instances | rds:instance:create (加密实例需要在项目上配置KMS Administrator权限。) | √ | √ |
查询实例是否能在库表恢复时使用极速恢复(MySQL) | POST /v3/{project_id}/instances/fast-restore | rds:instance:tableRestore | √ | √ |
查询指定时间点可恢复的库(MySQL) | POST /v3/{project_id}/{engine}/instances/history/databases | rds:backup:list | √ | √ |
库级时间点恢复(MySQL) | POST /v3/{project_id}/instances/batch/restore/databases | rds:instance:tableRestore | √ | √ |
查询Binlog合并下载文件 | GET /v3/{project_id}/instances/{instance_id}/packlog/infos | rds:binlog:get | √ | √ |
查询备份用量总览 | GET /v3/{project_id}/backups/backup-usage | rds:instance:list | √ | √ |
查询实例备份概览列表 | GET /v3/{project_id}/instances/backups/summary | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项(Action) | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询实例可升级的目标版本(PostgreSQL) | GET /v3/{project_id}/instances/{instance_id}/major-version/available-version | rds:instance:list | √ | √ |
大版本升级检查(PostgreSQL) | POST /v3/{project_id}/instances/{instance_id}/major-version/inspection | rds:instance:list | √ | √ |
查询大版本检查状态或升级状态(PostgreSQL) | GET /v3/{project_id}/instances/{instance_id}/major-version/status?action={current_action} | rds:instance:list | √ | √ |
查询实例大版本升级检查历史(PostgreSQL) | GET /v3/{project_id}/instances/{instance_id}/major-version/inspection-histories?offset={offset}&limit={limit}&order={order}&sort_field={sort_field}&target_version={target_version}&is_available={is_available} | rds:instance:list | √ | √ |
大版本升级(PostgreSQL) | POST /v3/{project_id}/instances/{instance_id}/major-version/upgrade | rds:instance:modify | √ | √ |
查询实例大版本升级历史(PostgreSQL) | GET /v3/{project_id}/instances/{instance_id}/major-version/upgrade-histories?offset={offset}&limit={limit}&order={order}&sort_field={sort_field} | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询慢日志 | POST /v3/{project_id}/instances/{instance_id}/slow-logs | rds:log:list | √ | √ |
查询错误日志 | POST /v3/{project_id}/instances/{instance_id}/error-logs | rds:log:list | √ | √ |
开启和关闭慢日志明文显示 | PUT /v3/{project_id}/instances/{instance_id}/slowlog-sensitization/{status} | rds:log:switch | √ | √ |
查询慢日志文件列表(SQLServer) | GET /v3/{project_id}/instances/{instance_id}/slowlog-files | rds:log:list | √ | √ |
查询扩展日志(SQLServer) | GET /v3/{project_id}/instances/{instance_id}/xellog-files | rds:log:list | √ | √ |
生成扩展日志链接(SQLServer) | POST /v3/{project_id}/instances/{instance_id}/xellog-download | rds:log:download | √ | √ |
获取慢日志下载链接 | POST /v3/{project_id}/instances/{instance_id}/slowlog-download | rds:log:download | √ | √ |
设置审计日志策略 | PUT /v3/{project_id}/instances/{instance_id}/auditlog-policy | rds:auditlog:operate | √ | √ |
查询审计日志策略 | GET /v3/{project_id}/instances/{instance_id}/auditlog-policy | rds:auditlog:list | √ | √ |
获取审计日志列表 | GET /v3/{project_id}/instances/{instance_id}/auditlog?start_time={start_time}&end_time={end_time}&offset={offset}&limit={limit} | rds:auditlog:list | √ | √ |
生成审计日志下载链接 | POST /v3/{project_id}/instances/{instance_id}/auditlog-links | rds:auditlog:download | √ | √ |
设置Binlog本地保留时长 | PUT /v3/{project_id}/instances/{instance_id}/binlog/clear-policy | rds:binlog:setPolicy | √ | √ |
获取Binlog本地保留时长 | GET /v3/{project_id}/instances/{instance_id}/binlog/clear-policy | rds:binlog:get | √ | √ |
查询LTS配置列表 | GET /v3/{project_id}/{engine}/instances/logs/lts-configs | rds:instance:listAll | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询当前用户自动告警配置 | GET /v3/{project_id}/auto-ces-alarm | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
获取诊断后的实例数 | GET /v3/{project_id}/instances/diagnosis | rds:instance:list | √ | √ |
获取指定诊断项的诊断结果 | GET /v3/{project_id}/instances/diagnosis/info | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
开启数据库代理 | POST /v3/{project_id}/instances/{instance_id}/proxy/open | rds:instance:modifyProxy | √ | √ |
查询数据库代理信息列表 | GET /v3/{project_id}/instances/{instance_id}/proxy-list | rds:instance:list | √ | √ |
查询数据库代理规格信息 | GET /v3/{project_id}/instances/{instance_id}/proxy/flavors | rds:instance:list | √ | √ |
关闭数据库代理 | DELETE /v3/{project_id}/instances/{instance_id}/proxy/{proxy_id} | rds:instance:modifyProxy | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
创建数据库 | POST /v3/{project_id}/instances/{instance_id}/database | rds:database:create | √ | √ |
查询数据库列表 | GET /v3/{project_id}/instances/{instance_id}/database/detail?page={page}&limit={limit} | rds:database:list | √ | √ |
修改指定实例的数据库备注 | POST /v3/{project_id}/instances/{instance_id}/database/update | rds:database:create | √ | √ |
删除数据库 | DELETE /v3/{project_id}/instances/{instance_id}/database/{db_name} | rds:database:drop | √ | √ |
创建数据库用户 | POST /v3/{project_id}/instances/{instance_id}/db_user | rds:databaseUser:create | √ | √ |
查询数据库用户列表 | GET /v3/{project_id}/instances/{instance_id}/db_user/detail?page={page}&limit={limit} | rds:databaseUser:list | √ | √ |
查询指定数据库的已授权用户 | GET /v3/{project_id}/instances/{instance_id}/database/db_user?db-name={db-name}&page={page}&limit={limit} | rds:databaseUser:list | √ | √ |
修改数据库用户的备注 | PUT /v3/{project_id}/instances/{instance_id}/db-users/{user_name}/comment | rds:databaseUser:update | √ | √ |
删除数据库用户 | DELETE /v3/{project_id}/instances/{instance_id}/db_user/{user_name} | rds:databaseUser:drop | √ | √ |
设置数据库账号密码 | POST /v3/{project_id}/instances/{instance_id}/db_user/resetpwd | rds:password:update | √ | √ |
授权数据库账号 | POST /v3/{project_id}/instances/{instance_id}/db_privilege | rds:databasePrivilege:grant | √ | √ |
解除数据库账号权限 | DELETE /v3/{project_id}/instances/{instance_id}/db_privilege | rds:databasePrivilege:revoke | √ | √ |
重置数据库root账号密码 | POST /v3/{project_id}/instances/{instance_id}/password | rds:password:update | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
创建数据库 | POST /v3/{project_id}/instances/{instance_id}/database | rds:database:create | √ | √ |
创建数据库用户 | POST /v3/{project_id}/instances/{instance_id}/db_user | rds:databaseUser:create | √ | √ |
创建数据库SCHEMA | POST /v3/{project_id}/instances/{instance_id}/schema | rds:database:create | √ | √ |
授权数据库账号的读写权限 | POST /v3/{project_id}/instances/{instance_id}/db_privilege | rds:databasePrivilege:grant | √ | √ |
授权数据库账号的操作权限 | POST /v3/{project_id}/instances/{instance_id}/db-user-privilege | rds:databasePrivilege:grant | √ | √ |
解除数据库账号权限 | DELETE /v3/{project_id}/instances/{instance_id}/db_privilege | rds:databasePrivilege:revoke | √ | √ |
重置数据库账号密码 | POST /v3/{project_id}/instances/{instance_id}/db_user/resetpwd | rds:password:update | √ | √ |
查询数据库列表 | GET /v3/{project_id}/instances/{instance_id}/database/detail?page={page}&limit={limit} | rds:database:list | √ | √ |
查询数据库用户列表 | GET /v3/{project_id}/instances/{instance_id}/db_user/detail?page={page}&limit={limit} | rds:databaseUser:list | √ | √ |
查询数据库SCHEMA列表 | GET /v3/{project_id}/instances/{instance_id}/schema/detail?db_name={name}&page={page}&limit={limit} | rds:database:list | √ | √ |
设置数据库用户权限 | POST /v3/{project_id}/instances/{instance_id}/user-privilege | rds:databasePrivilege:grant | √ | √ |
修改指定实例的数据库备注 | POST /v3/{project_id}/instances/{instance_id}/database/update | rds:database:create | √ | √ |
修改数据库用户的备注 | PUT /v3/{project_id}/instances/{instance_id}/db-users/{user_name}/comment | rds:databaseUser:update | √ | √ |
删除数据库 | DELETE /v3/{project_id}/instances/{instance_id}/database/{db_name} | rds:database:drop | √ | √ |
删除数据库用户 | DELETE /v3/{project_id}/instances/{instance_id}/db_user/{user_name} | rds:databaseUser:drop | √ | √ |
查询实例的pg_hba.conf文件配置 | GET /v3/{project_id}/instances/{instance_id}/hba-info | rds:databaseUser:list | √ | √ |
修改pg_hba.conf文件的单个或多个配置 | PUT /v3/{project_id}/instances/{instance_id}/hba-info | rds:databaseUser:update | √ | √ |
覆盖当前pg_hba.conf文件的配置 | POST /v3/{project_id}/instances/{instance_id}/hba-info | rds:databaseUser:create | √ | √ |
删除pg_hba.conf文件的单个或多个配置 | DELETE /v3/{project_id}/instances/{instance_id}/hba-info | rds:databaseUser:drop | √ | √ |
查询实例的pg_hba.conf文件修改历史 | GET /v3/{project_id}/instances/{instance_id}/hba-info/history | rds:databaseUser:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询SQL Server可用字符集 | GET /v3/{project_id}/collations | rds:database:list | √ | √ |
创建数据库 | POST /v3/{project_id}/instances/{instance_id}/database | rds:database:create | √ | √ |
查询数据库列表 | GET /v3/{project_id}/instances/{instance_id}/database/detail?page={page}&limit={limit}&db-name={db-name}&recover_model={recover_model} | rds:database:list | √ | √ |
创建数据库用户 | POST /v3/{project_id}/instances/{instance_id}/db_user | rds:databaseUser:create | √ | √ |
设置数据库账号密码 | POST /v3/{project_id}/instances/{instance_id}/db_user/resetpwd | rds:password:update | √ | √ |
查询数据库用户列表 | GET /v3/{project_id}/instances/{instance_id}/db_user/detail?page={page}&limit={limit} | rds:databaseUser:list | √ | √ |
查询指定数据库的已授权用户 | GET /v3/{project_id}/instances/{instance_id}/database/db_user?db-name={db-name}&page={page}&limit={limit} | rds:databaseUser:list | √ | √ |
删除数据库用户 | DELETE /v3/{project_id}/instances/{instance_id}/db_user/{user_name} | rds:databaseUser:drop | √ | √ |
授权数据库账号 | POST /v3/{project_id}/instances/{instance_id}/db_privilege | rds:databasePrivilege:grant | √ | √ |
解除数据库账号权限 | DELETE /v3/{project_id}/instances/{instance_id}/db_privilege | rds:databasePrivilege:revoke | √ | √ |
添加MSDTC | POST /v3/{project_id}/instances/{instance_id}/msdtc/host | rds:instance:modify | √ | √ |
查询MSDTC的hosts信息 | GET /v3/{project_id}/instances/{instance_id}/msdtc/hosts?offset={offset}&limit={limit} | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
获取参数模板列表 | GET /v3/{project_id}/configurations | rds:param:list | √ | √ |
创建参数模板 | POST /v3/{project_id}/configurations | rds:param:create | √ | √ |
修改参数模板参数 | PUT /v3/{project_id}/configurations/{config_id} | rds:param:modify | √ | √ |
复制参数模板 | POST /v3/{project_id}/configurations/{config_id}/copy | rds:param:create | √ | √ |
查询实例参数修改历史 | GET /v3/{project_id}/instances/{instance_id}/configuration-histories?offset={offset}&limit={limit}&start_time={start_time}&end_time={end_time}¶m_name={param_name} | rds:param:list | √ | √ |
获取指定实例的参数模板 | GET /v3/{project_id}/instances/{instance_id}/configurations | rds:param:list | √ | √ |
获取指定参数模板的参数 | GET /v3/{project_id}/configurations/{config_id} | rds:param:list | √ | √ |
删除参数模板 | DELETE /v3/{project_id}/configurations/{config_id} | rds:param:delete | √ | √ |
应用参数模板 | PUT /v3/{project_id}/configurations/{config_id}/apply | rds:param:apply | √ | √ |
查询参数模板应用历史 | GET /v3/{project_id}/configurations/{config_id}/apply-histories | rds:param:list | √ | √ |
查询应用参数模板的实例列表 | GET /v3/{project_id}/configurations/{config_id}/query-instances | rds:instance:list | √ | √ |
修改指定实例的参数 | PUT /v3/{project_id}/instances/{instance_id}/configurations | rds:param:modify | √ | √ |
比较参数模板 | PUT /v3/{project_id}/configurations/difference | rds:param:list | √ | √ |
重置自定义参数模板 | PUT /v3/{project_id}/configurations/{config_id}/reset | rds:param:reset | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
创建插件 | POST /v3/{project_id}/instances/{instance_id}/extensions | rds:database:create | √ | √ |
查询插件 | GET /v3/{project_id}/instances/{instance_id}/extensions?database_name={database_name}&offset={offset}&limit={limit} | rds:database:list | √ | √ |
删除插件 | DELETE /v3/{project_id}/instances/{instance_id}/extensions | rds:database:drop | √ | √ |
修改实例指定参数的值 | PUT /v3/{project_id}/instances/{instance_id}/parameter/{name} | rds:param:modify | √ | √ |
获取实例指定参数的值 | GET /v3/{project_id}/instances/{instance_id}/parameter/{name} | rds:param:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询订阅服务器实例列表 | GET /v3/{project_id}/instances/{instance_id}/replication/subscribers | rds:instance:modify | √ | √ |
创建订阅 | POST /v3/{project_id}/instances/{instance_id}/replication/subscriptions | rds:instance:modify | √ | √ |
查询实例发布信息 | GET /v3/{project_id}/instances/{instance_id}/replication/publications | rds:instance:modify | √ | √ |
删除发布 | DELETE /v3/{project_id}/instances/{instance_id}/replication/publications | rds:instance:modify | √ | √ |
查询分发服务器 | GET /v3/{project_id}/instances/{instance_id}/replication/distribution | rds:instance:modify | √ | √ |
修改发布 | PUT /v3/{project_id}/instances/{instance_id}/replication/publications/{publication_id} | rds:instance:modify | √ | √ |
查询分发服务器实例列表 | GET /v3/{project_id}/instances/{instance_id}/replication/distributors | rds:instance:modify | √ | √ |
删除订阅 | DELETE /v3/{project_id}/instances/{instance_id}/replication/subscriptions | rds:instance:modify | √ | √ |
删除分发服务器 | DELETE /v3/{project_id}/instances/{instance_id}/replication/distribution | rds:instance:modify | √ | √ |
查询发布监控信息 | GET /v3/{project_id}/instances/{instance_id}/replication/publications/{publication_id}/monitor | rds:instance:modify | √ | √ |
查询订阅监控信息 | GET /v3/{project_id}/instances/{instance_id}/replication/subscriptions/{subscription_id}/monitor | rds:instance:modify | √ | √ |
登录测试 | POST /v3/{project_id}/instances/{instance_id}/replication/login-test | rds:instance:modify | √ | √ |
查询实例订阅信息 | GET /v3/{project_id}/instances/{instance_id}/replication/subscriptions?offset={offset}&limit={limit}&publication_id={publication_id}&is_cloud={is_cloud}&publication_name={publication_name}&subscription_db_name={subscription_db_name} | rds:instance:modify | √ | √ |
查询发布订阅配置文件列表 | GET /v3/{project_id}/instances/{instance_id}/replication/profiles?offset={offset}&limit={limit}&agent_type={agent_type} | rds:instance:modify | √ | √ |
批量修改订阅 | PUT /v3/{project_id}/instances/{instance_id}/replication/subscriptions | rds:instance:modify | √ | √ |
查询实例可选发布 | POST /v3/{project_id}/instances/{instance_id}/replication/publication-candidates | rds:instance:modify | √ | √ |
查询数据库代理作业列表 | GET /v3/{project_id}/instances/{instance_id}/db-jobs?offset={offset}&limit={limit}&job_type={job_type} | rds:instance:modify | √ | √ |
查询数据库代理作业执行历史 | GET /v3/{project_id}/instances/{instance_id}/db-jobs/{job_id}/histories?offset={offset}&limit={limit}&run_status={run_status} | rds:instance:modify | √ | √ |
重新生成发布快照 | POST /v3/{project_id}/instances/{instance_id}/replication/publications/{publication_id}/reinitialize | rds:instance:modify | √ | √ |
重新生成订阅 | POST /v3/{project_id}/instances/{instance_id}/replication/subscriptions/{subscription_id}/reinitialize | rds:instance:modify | √ | √ |
同步发布订阅元数据 | POST /v3/{project_id}/instances/{instance_id}/replication/metadata/sync | rds:instance:modify | √ | √ |
查询数据库代理作业执行历史步骤 | GET /v3/{project_id}/instances/{instance_id}/db-jobs/histories/{history_id}/steps?offset={offset}&limit={limit} | rds:instance:modify | √ | √ |
修改数据库代理作业 | PUT /v3/{project_id}/instances/{instance_id}/db-jobs/{job_id} | rds:instance:modify | √ | √ |
重启数据库代理作业 | POST /v3/{project_id}/instances/{instance_id}/db-jobs/{job_id}/restart | rds:instance:modify | √ | √ |
禁用启动切换数据库代理作业 | POST /v3/{project_id}/instances/{instance_id}/db-jobs/{job_id}/switch | rds:instance:modify | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
设置回收站策略 | PUT /v3/{project_id}/instances/recycle-policy | rds:instance:setRecycleBin | √ | √ |
查询回收站策略 | GET /v3/{project_id}/instances/recycle-policy | rds:instance:list | √ | √ |
查询回收站实例信息 | GET /v3/{project_id}/recycle-instances?offset={offset}&limit={limit} | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
批量添加标签 | POST /v3/{project_id}/instances/{instance_id}/tags/action | rds:instance:dealTag | √ | √ |
批量删除标签 | POST /v3/{project_id}/instances/{instance_id}/tags/action | rds:instance:dealTag | √ | √ |
查询项目标签 | GET /v3/{project_id}/tags | rds:tag:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询配额 | GET /v3/{project_id}/quotas | rds:instance:list | √ | √ |
API功能 | 对应API接口 | 授权项 | IAM项目(Project) | 企业项目(Enterprise Project) |
|---|---|---|---|---|
查询定时任务列表 | GET /v3/{project_id}/schedule-tasks | rds:task:listAll | √ | √ |
查询即时任务列表 | GET /v3/{project_id}/tasklist | rds:task:listAll | √ | √ |
获取指定ID的任务信息 | GET /v3/{project_id}/jobs?id={id} | rds:task:list | √ | √ |
获取指定实例和时间范围的任务信息(SQLServer) | GET /v3/{project_id}/instances/{instance_id}/tasklist/detail?start_time={start_time}&end_time={end_time} | rds:task:list | √ | √ |
删除即时任务 | DELETE /v3/{project_id}/jobs | rds:task:delete | √ | √ |
