网络
虚拟私有云 VPC
弹性公网IP EIP
弹性负载均衡 ELB
NAT网关 NAT
云专线 DC
虚拟专用网络 VPN
云连接 CC
VPC终端节点 VPCEP
企业路由器 ER
企业交换机 ESW
全球加速 GA
企业连接 EC
云原生应用网络 ANC
安全与合规
安全技术与应用
Web应用防火墙 WAF
企业主机安全 HSS
云防火墙 CFW
安全云脑 SecMaster
DDoS防护 AAD
数据加密服务 DEW
数据库安全服务 DBSS
云堡垒机 CBH
数据安全中心 DSC
云证书管理服务 CCM
威胁检测服务 MTD
态势感知 SA
认证测试中心 CTC
边缘安全 EdgeSec
应用中间件
微服务引擎 CSE
分布式消息服务Kafka版
分布式消息服务RabbitMQ版
分布式消息服务RocketMQ版
API网关 APIG
分布式缓存服务 DCS
多活高可用服务 MAS
事件网格 EG
管理与监管
统一身份认证服务 IAM
消息通知服务 SMN
云监控服务 CES
应用运维管理 AOM
应用性能管理 APM
云日志服务 LTS
云审计服务 CTS
标签管理服务 TMS
配置审计 Config
应用身份管理服务 OneAccess
资源访问管理 RAM
组织 Organizations
资源编排服务 RFS
优化顾问 OA
IAM 身份中心
云运维中心 COC
资源治理中心 RGC
解决方案
高性能计算 HPC
SAP
混合云灾备
开天工业工作台 MIW
Haydn解决方案工厂
数字化诊断治理专家服务
云生态
云商店
合作伙伴中心
华为云开发者学堂
华为云慧通差旅
开发与运维
软件开发生产线 CodeArts
需求管理 CodeArts Req
流水线 CodeArts Pipeline
代码检查 CodeArts Check
编译构建 CodeArts Build
部署 CodeArts Deploy
测试计划 CodeArts TestPlan
制品仓库 CodeArts Artifact
移动应用测试 MobileAPPTest
CodeArts IDE Online
开源镜像站 Mirrors
性能测试 CodeArts PerfTest
应用管理与运维平台 ServiceStage
云应用引擎 CAE
开源治理服务 CodeArts Governance
华为云Astro轻应用
CodeArts IDE
Astro工作流 AstroFlow
代码托管 CodeArts Repo
漏洞管理服务 CodeArts Inspector
联接 CodeArtsLink
软件建模 CodeArts Modeling
Astro企业应用 AstroPro
CodeArts盘古助手
华为云Astro大屏应用
计算
弹性云服务器 ECS
Flexus云服务
裸金属服务器 BMS
云手机服务器 CPH
专属主机 DeH
弹性伸缩 AS
镜像服务 IMS
函数工作流 FunctionGraph
云耀云服务器(旧版)
VR云渲游平台 CVR
Huawei Cloud EulerOS
云化数据中心 CloudDC
网络
虚拟私有云 VPC
弹性公网IP EIP
弹性负载均衡 ELB
NAT网关 NAT
云专线 DC
虚拟专用网络 VPN
云连接 CC
VPC终端节点 VPCEP
企业路由器 ER
企业交换机 ESW
全球加速 GA
企业连接 EC
云原生应用网络 ANC
CDN与智能边缘
内容分发网络 CDN
智能边缘云 IEC
智能边缘平台 IEF
CloudPond云服务
安全与合规
安全技术与应用
Web应用防火墙 WAF
企业主机安全 HSS
云防火墙 CFW
安全云脑 SecMaster
DDoS防护 AAD
数据加密服务 DEW
数据库安全服务 DBSS
云堡垒机 CBH
数据安全中心 DSC
云证书管理服务 CCM
威胁检测服务 MTD
态势感知 SA
认证测试中心 CTC
边缘安全 EdgeSec
大数据
MapReduce服务 MRS
数据湖探索 DLI
表格存储服务 CloudTable
可信智能计算服务 TICS
推荐系统 RES
云搜索服务 CSS
数据可视化 DLV
数据接入服务 DIS
数据仓库服务 GaussDB(DWS)
数据治理中心 DataArts Studio
湖仓构建 LakeFormation
智能数据洞察 DataArts Insight
应用中间件
微服务引擎 CSE
分布式消息服务Kafka版
分布式消息服务RabbitMQ版
分布式消息服务RocketMQ版
API网关 APIG
分布式缓存服务 DCS
多活高可用服务 MAS
事件网格 EG
开天aPaaS
应用平台 AppStage
开天企业工作台 MSSE
开天集成工作台 MSSI
API中心 API Hub
云消息服务 KooMessage
交换数据空间 EDS
云地图服务 KooMap
云手机服务 KooPhone
组织成员账号 OrgID
云空间服务 KooDrive
管理与监管
统一身份认证服务 IAM
消息通知服务 SMN
云监控服务 CES
应用运维管理 AOM
应用性能管理 APM
云日志服务 LTS
云审计服务 CTS
标签管理服务 TMS
配置审计 Config
应用身份管理服务 OneAccess
资源访问管理 RAM
组织 Organizations
资源编排服务 RFS
优化顾问 OA
IAM 身份中心
云运维中心 COC
资源治理中心 RGC
区块链
区块链服务 BCS
数字资产链 DAC
华为云区块链引擎服务 HBS
解决方案
高性能计算 HPC
SAP
混合云灾备
开天工业工作台 MIW
Haydn解决方案工厂
数字化诊断治理专家服务
价格
成本优化最佳实践
专属云商业逻辑
云生态
云商店
合作伙伴中心
华为云开发者学堂
华为云慧通差旅
其他
管理控制台
消息中心
产品价格详情
系统权限
客户关联华为云合作伙伴须知
公共问题
宽限期保留期
奖励推广计划
活动
云服务信任体系能力说明
开发与运维
软件开发生产线 CodeArts
需求管理 CodeArts Req
流水线 CodeArts Pipeline
代码检查 CodeArts Check
编译构建 CodeArts Build
部署 CodeArts Deploy
测试计划 CodeArts TestPlan
制品仓库 CodeArts Artifact
移动应用测试 MobileAPPTest
CodeArts IDE Online
开源镜像站 Mirrors
性能测试 CodeArts PerfTest
应用管理与运维平台 ServiceStage
云应用引擎 CAE
开源治理服务 CodeArts Governance
华为云Astro轻应用
CodeArts IDE
Astro工作流 AstroFlow
代码托管 CodeArts Repo
漏洞管理服务 CodeArts Inspector
联接 CodeArtsLink
软件建模 CodeArts Modeling
Astro企业应用 AstroPro
CodeArts盘古助手
华为云Astro大屏应用
存储
对象存储服务 OBS
云硬盘 EVS
云备份 CBR
高性能弹性文件服务 SFS Turbo
弹性文件服务 SFS
存储容灾服务 SDRS
云硬盘备份 VBS
云服务器备份 CSBS
数据快递服务 DES
云存储网关 CSG
专属分布式存储服务 DSS
数据工坊 DWR
地图数据 MapDS
键值存储服务 KVS
容器
云容器引擎 CCE
云容器实例 CCI
容器镜像服务 SWR
云原生服务中心 OSC
应用服务网格 ASM
华为云UCS
数据库
云数据库 RDS
数据复制服务 DRS
文档数据库服务 DDS
分布式数据库中间件 DDM
云数据库 GaussDB
云数据库 GeminiDB
数据管理服务 DAS
数据库和应用迁移 UGO
云数据库 TaurusDB
人工智能
AI开发平台ModelArts
华为HiLens
图引擎服务 GES
图像识别 Image
文字识别 OCR
自然语言处理 NLP
内容审核 Moderation
图像搜索 ImageSearch
医疗智能体 EIHealth
企业级AI应用开发专业套件 ModelArts Pro
人脸识别服务 FRS
对话机器人服务 CBS
语音交互服务 SIS
人证核身服务 IVS
视频智能分析服务 VIAS
城市智能体
自动驾驶云服务 Octopus
盘古大模型 PanguLargeModels
IoT物联网
设备接入 IoTDA
全球SIM联接 GSL
IoT数据分析 IoTA
路网数字化服务 DRIS
IoT边缘 IoTEdge
设备发放 IoTDP
企业应用
域名注册服务 Domains
云解析服务 DNS
企业门户 EWP
ICP备案
商标注册
华为云WeLink
华为云会议 Meeting
隐私保护通话 PrivateNumber
语音通话 VoiceCall
消息&短信 MSGSMS
云管理网络
SD-WAN 云服务
边缘数据中心管理 EDCM
云桌面 Workspace
应用与数据集成平台 ROMA Connect
ROMA资产中心 ROMA Exchange
API全生命周期管理 ROMA API
政企自服务管理 ESM
视频
实时音视频 SparkRTC
视频直播 Live
视频点播 VOD
媒体处理 MPC
视频接入服务 VIS
数字内容生产线 MetaStudio
迁移
主机迁移服务 SMS
对象存储迁移服务 OMS
云数据迁移 CDM
迁移中心 MGC
专属云
专属计算集群 DCC
开发者工具
SDK开发指南
API签名指南
DevStar
华为云命令行工具服务 KooCLI
Huawei Cloud Toolkit
CodeArts API
云化转型
云架构中心
云采用框架
用户服务
账号中心
费用中心
成本中心
资源中心
企业管理
工单管理
客户运营能力
国际站常见问题
支持计划
专业服务
合作伙伴支持计划
我的凭证
华为云公共事业服务云平台
工业软件
工业数字模型驱动引擎
硬件开发工具链平台云服务
工业数据转换引擎云服务
更新时间:2025-01-08 GMT+08:00
分享

云桌面 Workspace

Organizations服务中的服务控制策略(Service Control Policy,以下简称SCP)可以使用以下授权项元素设置访问控制策略。

SCP不直接进行授权,只划定权限边界。将SCP绑定到组织单元或者成员账号时,并没有直接对组织单元或成员账号授予操作权限,而是规定了成员账号或组织单元包含的成员账号的授权范围。

本章节介绍组织服务中SCP使用的元素,这些元素包含了操作(Action)、资源(Resource)和条件(Condition)。

如何使用这些元素编辑SCP自定义策略,请参考创建SCP

操作(Action)

操作(Action)即为SCP中支持的授权项。

  • “访问级别”列描述如何对操作进行分类(list、read和write等)。此分类可帮助您了解在SCP中相应操作对应的访问级别。
  • “资源类型”列指每个操作是否支持资源级权限。
    • 资源类型支持通配符号*表示所有。如果此列没有值(-),则必须在SCP语句的Resource元素中指定所有资源类型(“*”)。
    • 如果该列包含资源类型,则必须在具有该操作的语句中指定该资源的URN。
    • 资源类型列中必需资源在表中用星号(*)标识,表示使用此操作必须指定该资源类型。

    关于云桌面定义的资源类型的详细信息请参见资源类型(Resource)

  • “条件键”列包括了可以在SCP语句的Condition元素中支持指定的键值。
    • 如果该授权项资源类型列存在值,则表示条件键仅对列举的资源类型生效。
    • 如果该授权项资源类型列没有值(-),则表示条件键对整个授权项生效。
    • 如果此列条件键没有值(-),表示此操作不支持指定条件键。

    关于云桌面Workspace定义的条件键的详细信息请参见条件(Condition)

您可以在SCP语句的Action元素中指定以下云桌面Workspace的相关操作。

表1 workspace支持的授权项

授权项

描述

访问级别

资源类型(*为必须)

条件键

workspace:authConfigs:get

授予查询认证登录方式配置信息的权限。

read

-

-

workspace:authConfigs:update

授予更新认证策略配置信息的权限。

write

-

-

workspace:assistAuthConfigs:get

授予查询辅助认证的配置信息的权限。

read

-

-

workspace:assistAuthConfigs:update

授予更新辅助认证配置的权限。

write

-

-

workspace:jobs:retry

授予重试任务的权限。

write

-

-

workspace:quotas:get

授予查询租户配额的权限。

read

-

-

workspace:tenants:getRoles

授予查询租户角色的权限。

read

-

-

workspace:tenants:ListConfig

授予查询租户个性配置列表的权限。

list

-

-

workspace:tenants:updateConfig

授予修改租户个性配置的权限。

write

-

-

workspace:natMappings:getConfig

授予查询租户的NAT映射配置项的权限。

read

-

-

workspace:natMappings:updateConfig

授予修改租户的NAT映射配置项的权限。

write

-

-

workspace:tenants:get

授予查询云办公服务详情的权限。

read

-

-

workspace:tenants:open

授予开通云办公服务的权限。

write

-

workspace:AccessMode

workspace:tenants:delete

授予注销云办公服务的权限。

write

-

-

workspace:tenants:update

授予修改云办公服务属性的权限。

write

-

workspace:AccessMode

workspace:tenants:getLockStatus

授予查询云办公服务是否被锁定的权限。

read

-

-

workspace:tenants:unlock

授予解除云办公服务锁定状态的权限。

write

-

-

workspace:agencies:create

授予创建委托的权限。

write

-

-

workspace:agencies:get

授予查询委托的权限。

read

-

-

workspace:desktops:createAiAccelerateJob

授予创建渲染加速任务的权限。

write

-

-

workspace:desktops:getAiAccelerateJob

授予查询渲染加速任务的权限。

read

-

-

workspace:desktops:getSysPrepInfo

授予查询sysprep详情的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:checkBatchChangeImage

授予校验批量切换镜像的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:tenants:listDesktopNamePolicies

授予查询桌面名称策略列表的权限。

list

-

-

workspace:tenants:createDesktopNamePolicy

授予创建桌面名称策略的权限。

write

-

-

workspace:tenants:updateDesktopNamePolicy

授予更新桌面名称策略的权限。

write

-

-

workspace:tenants:batchDeleteDesktopNamePolicies

授予批量删除桌面名称策略的权限。

write

-

-

workspace:desktopPools:create

授予创建桌面池的权限。

write

desktopPool *

-

user

-

userGroup

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktopPools:list

授予查询桌面池列表的权限。

list

desktopPool *

-

workspace:desktopPools:update

授予修改桌面池属性的权限。

write

desktopPool *

-

workspace:desktopPools:delete

授予删除桌面池的权限。

write

desktopPool *

-

workspace:desktopPools:get

授予查询桌面池详情的权限。

read

desktopPool *

-

workspace:desktopPools:expand

授予扩容桌面池的权限。

write

desktopPool *

-

workspace:desktopPools:resize

授予桌面池变更规格的权限。

write

desktopPool *

-

workspace:desktopPools:rebuild

授予桌面池重建系统盘的权限。

write

desktopPool *

-

workspace:desktopPools:batchAddVolumes

授予桌面池批量添加磁盘的权限。

write

desktopPool *

-

workspace:desktopPools:batchDeleteVolumes

授予桌面池批量删除磁盘的权限。

write

desktopPool *

-

workspace:desktopPools:batchExpandVolumes

授予桌面池批量扩容磁盘的权限。

write

desktopPool *

-

workspace:desktopPools:operate

授予操作桌面池的权限。

write

desktopPool *

-

workspace:desktopPools:listUsers

授予查询桌面池授权的用户、用户组的权限。

list

desktopPool *

-

workspace:desktopPools:authorizeUsers

授予桌面池授权用户、用户组的权限。

write

desktopPool *

-

user

-

userGroup

-

workspace:desktopPools:listDesktops

授予查询桌面池桌面信息的权限。

list

desktopPool *

-

workspace:desktopPools:listScriptTasks

授予查询桌面池的脚本执行任务列表的权限。

list

desktopPool *

-

workspace:desktopPools:executeScripts

授予桌面池批量执行脚本的权限。

write

desktopPool *

-

script

-

workspace:desktopPools:sendNotifications

授予发送消息通知的权限。

write

desktopPool *

-

workspace:desktops:export

授予导出桌面列表的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:create

授予创建桌面的权限。

write

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId
  • workspace:AssociatePublicIp
  • workspace:AccessMode

workspace:desktops:list

授予查询桌面列表的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:update

授予更新桌面信息的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:delete

授予删除桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:get

授予查询桌面详情的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchDelete

授予批量删除桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:logoff

授予批量注销桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listDetail

授予查询桌面详情列表的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:operate

授予操作桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:resize

授予变更规格的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getConnectStatus

授予查询桌面登录状态统计数据的权限。

read

-

-

workspace:desktops:ListStatus

授予查询桌面登录状态的权限。

list

-

-

workspace:desktops:rebuild

授予重建桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getActions

授予查询桌面开关机信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createConsole

授予获取远程登录控制台地址的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:updateSids

授予更新桌面SID的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:rejoinDomain

授予重新加入AD域的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createImage

授予桌面转镜像的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchDetach

授予批量解绑用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:detach

授予解绑用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:attach

授予分配用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getNetwork

授予查询桌面网络信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:changeNetwork

授予切换桌面网络的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:exclusiveHosts:listDesktops

授予查询专享桌面详情列表的权限。

list

exclusiveHost *

-

-

g:EnterpriseProjectId

workspace:desktops:listAll

授予查询普通桌面和渲染桌面列表的权限。

list

desktop *

-

workspace:desktopAssociate:listDiscoverVmInfo

授予查询可纳管的虚拟机列表的权限。

list

-

-

workspace:desktopAssociate:startTask

授予启动纳管虚拟机任务的权限。

write

-

-

workspace:desktopAssociate:switchScanTask

授予开启纳管扫描任务的权限。

write

-

-

workspace:desktopAssociate:getScanTaskSwitch

授予查询纳管扫描任务开关的权限。

read

-

-

workspace:desktops:setMaintenanceMode

授予批量设置桌面管理员维护模式的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:prepAttachUsers

授予预批量分配用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchAttachUsers

授予批量分配用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:changeUsername

授予在Windows AD场景下,修改与桌面关联的用户名的权限。

write

-

-

workspace:desktops:sendNotifications

授予发送消息通知的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:migrate

授予迁移桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listAgents

授予查询桌面安装agent列表的权限。

list

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchInstallAgents

授予批量为桌面安装agent的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listTags

授予查询桌面标签的权限。

list

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:tag

授予创建桌面标签的权限。

tagging

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:desktops:untag

授予删除桌面标签的权限。

tagging

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:desktops:listProjectTags

授予查询项目标签的权限。

list

-

-

workspace:desktops:operateTags

授予批量添加删除标签的权限。

tagging

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:desktops:listByTags

授予使用标签过滤桌面的权限。

list

-

-

workspace:exclusiveHosts:create

授予创建专享主机的权限。

write

exclusiveHost *

-

-

g:EnterpriseProjectId

workspace:exclusiveHosts:list

授予查询专享主机列表的权限。

list

exclusiveHost *

-

-

g:EnterpriseProjectId

workspace:exclusiveHosts:check

授予校验是否能创建专享主机的权限。

write

-

-

workspace:exclusiveHosts:get

授予查询专享主机详情的权限。

read

exclusiveHost *

g:EnterpriseProjectId

workspace:exclusiveHosts:update

授予更新专享主机信息的权限。

write

exclusiveHost *

g:EnterpriseProjectId

workspace:exclusiveHosts:delete

授予删除专享主机的权限。

write

exclusiveHost *

g:EnterpriseProjectId

workspace:mkp:listImages

授予查询云市场镜像列表的权限。

list

-

-

workspace:mkp:listCommodityInfos

授予查询云市场商品信息的权限。

list

-

-

workspace:mkp:createOrder

授予创建云市场产品订单的权限。

write

-

-

workspace:mkp:listListProductReserve

授予查询云市场库存信息的权限。

list

-

-

workspace:mkp:listCommodityDetails

授予查询云市场商品详情的权限。

list

-

-

workspace:mkp:listRelationCommodityDetails

授予查询商品的关联商品的权限。

list

-

-

workspace:mkp:listCommodityAgreements

授予查询云市场商品协议的权限。

list

-

-

workspace:networks:listEips

授予查询EIP列表的权限。

list

-

-

workspace:networks:createEips

授予创建EIP的权限。

write

-

-

workspace:networks:bindEips

授予绑定EIP的权限。

write

-

-

workspace:networks:unbindEips

授予解绑EIP的权限。

write

-

-

workspace:networks:getEipQuota

授予查询EIP配额的权限。

read

-

-

workspace:networks:ListNatGateways

授予查询Nat网关列表的权限。

list

-

-

workspace:orders:create

授予包周期下单的权限。

write

-

  • workspace:CreateOrderType
  • workspace:AssociatePublicIp
  • workspace:AccessMode

workspace:orders:change

授予创建变更订单的权限。

write

-

workspace:ChangeOrderType

workspace:orders:batchInquiry

授予批量询价的权限。

write

-

-

workspace:quotas:check

授予校验配额的权限。

write

-

-

workspace:renderDesktops:create

授予创建渲染桌面的权限。

write

-

-

workspace:renderDesktops:delete

授予删除渲染桌面的权限。

write

-

-

workspace:renderDesktops:list

授予查询渲染桌面列表的权限。

list

-

-

workspace:renderDesktops:action

授予操作渲染桌面的权限。

write

-

-

workspace:scheduledTasks:list

授予查询定时任务列表的权限。

list

scheduledTask *

-

workspace:scheduledTasks:create

授予创建定时任务的权限。

write

scheduledTask *

-

desktop

-

desktopPool

-

server

-

serverGroup

-

workspace:scheduledTasks:get

授予查询定时任务详情的权限。

read

scheduledTask *

-

workspace:scheduledTasks:update

授予更新定时任务的权限。

write

scheduledTask *

-

desktop

-

desktopPool

-

server

-

serverGroup

-

workspace:scheduledTasks:delete

授予删除定时任务的权限。

write

scheduledTask *

-

workspace:scheduledTasks:getFuture

授予查询定时任务未来执行时间的权限。

read

-

-

workspace:scheduledTasks:batchDelete

授予批量删除定时任务的权限。

write

scheduledTask *

-

workspace:scheduledTasks:listRecords

授予查询定时任务执行记录的权限。

list

scheduledTask *

-

workspace:scheduledTasks:getRecord

授予查询定时任务执行记录详情的权限。

read

scheduledTask *

-

workspace:scheduledTasks:exportRecords

授予导出定时任务记录及执行详情的权限。

list

scheduledTask *

-

workspace:users:subscribeSharer

授予订阅协同资源的权限。

write

user *

-

workspace:desktops:addSubResources

授予购买桌面附属资源的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:deleteSubResources

授予删除桌面附属资源的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createSnapshots

授予创建桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getSnapshots

授予查询桌面快照的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:deleteSnapshots

授予删除桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:restoreBySnapshot

授予使用桌面快照恢复桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:statistics:listDesktopStatus

授予统计桌面状态的权限。

list

-

-

workspace:statistics:getUnused

授予查询在指定时间段未使用的桌面的权限。

read

-

-

workspace:statistics:getUsed

授予查询使用桌面的时长的权限。

read

-

-

workspace:bindingPolicies:export

授予导出终端与桌面绑定配置excel的权限。

list

-

-

workspace:bindingPolicies:getConfig

授予查询终端与桌面绑定的开关配置信息的权限。

read

-

-

workspace:bindingPolicies:createConfig

授予设置终端与桌面绑定的开关配置的权限。

write

-

-

workspace:bindingPolicies:get

授予查询终端与桌面绑定配置列表的权限。

read

-

-

workspace:bindingPolicies:add

授予增加终端与桌面绑定配置的权限。

write

-

-

workspace:bindingPolicies:update

授予修改终端与桌面绑定配置的权限。

write

-

-

workspace:bindingPolicies:delete

授予删除终端与桌面绑定配置的权限。

write

-

-

workspace:volumes:delete

授予删除桌面数据盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:batchAdd

授予增加桌面磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:batchExpand

授予扩容桌面磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:wdh:getType

授予查询云办公主机类型的权限。

read

wdh *

g:EnterpriseProjectId

workspace:wdh:get

授予查询云办公主机列表的权限。

read

wdh *

g:EnterpriseProjectId

workspace:desktops:getRemoteAssistance

授予查询远程协助信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createRemoteAssistance

授予创建远程协助的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:cancelRemoteAssistance

授予取消远程协助的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:add

授予单个桌面增加磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:expand

授予扩容磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:listDssPoolsDetail

授予获取专属分布式存储池详情列表的权限。

list

-

-

workspace:common:listTimezones

授予查询时区配置的权限。

list

-

-

workspace:connections:securityExport

授予导出连接记录的权限。

list

-

-

workspace:images:list

授予查询支持的镜像列表的权限。

list

-

-

workspace:policyGroups:import

授予导入策略组的权限。

write

-

-

workspace:accessPolicies:create

授予创建接入策略的权限。

write

-

-

workspace:accessPolicies:get

授予查询接入策略的权限。

read

-

-

workspace:accessPolicies:delete

授予删除指定接入策略的权限。

write

-

-

workspace:accessPolicies:getTarget

授予查询指定接入策略的应用对象的权限。

read

-

-

workspace:accessPolicies:updateTarget

授予更新指定接入策略的应用对象的权限。

write

-

-

workspace:products:listDesktopProducts

授予查询支持的产品套餐列表的权限。

list

-

-

workspace:products:listSharerProducts

授予查询协同套餐列表的权限。

list

-

-

workspace:products:listInternetProducts

授予查询上网套餐列表的权限。

list

-

-

workspace:availabilityZones:list

授予查询支持的可用分区列表的权限。

list

-

-

workspace:userGroups:export

授予导出用户组的权限。

list

userGroup *

-

workspace:users:export

授予导出用户的权限。

list

user *

-

workspace:users:import

授予导入用户的权限。

write

user *

-

workspace:userGroups:exportUsers

授予导出用户组用户的权限。

list

userGroup *

-

workspace:users:operate

授予操作用户(锁定、解锁和重置密码)的权限。

write

user *

-

workspace:users:randomPassword

授予给用户重置随机密码的权限。

write

user *

-

workspace:users:deleteOtps

授予解绑OTP设备的权限。

write

user *

-

workspace:users:resendEmail

授予重新发送邮件的权限。

write

user *

-

workspace:connections:securityList

授予查询连接信息的权限。

list

-

-

workspace:connections:listOnlineUsers

授予查询登录人数的权限。

list

-

-

workspace:userGroups:list

授予查询用户组列表的权限。

list

userGroup *

-

workspace:userGroups:create

授予创建用户组的权限。

write

userGroup *

-

workspace:userGroups:batchDelete

授予批量删除用户组的权限。

write

userGroup *

-

workspace:userGroups:delete

授予删除桌面用户组的权限。

write

userGroup *

-

workspace:userGroups:update

授予修改用户组信息的权限。

write

userGroup *

-

workspace:userGroups:operate

授予操作用户组的权限。

write

userGroup *

-

user *

-

workspace:userGroups:getUsers

授予查询用户组中的用户的权限。

list

userGroup *

-

workspace:jobs:listSubJobs

授予查询子任务列表的权限。

list

-

-

workspace:jobs:deleteSubJobRecords

授予删除子任务记录的权限。

write

-

-

workspace:ou:get

授予查询OU信息的权限。

list

-

-

workspace:ou:create

授予新增OU信息的权限。

write

-

-

workspace:ou:delete

授予删除OU信息的权限。

write

-

-

workspace:ou:update

授予更新OU信息的权限。

write

-

-

workspace:policyGroups:list

授予查询策略组列表的权限。

list

policyGroup *

-

workspace:policyGroups:create

授予新增策略组的权限。

write

policyGroup *

-

desktop

-

desktopPool

-

user

-

userGroup

-

appGroup

-

workspace:policyGroups:delete

授予删除策略组的权限。

write

policyGroup *

-

workspace:policyGroups:get

授予查询策略组的权限。

read

policyGroup *

-

workspace:policyGroups:update

授予修改策略组的权限。

write

policyGroup *

-

user

-

userGroup

-

appGroup

-

workspace:policyGroups:export

授予导出策略组的权限。

list

policyGroup *

-

workspace:policyGroups:listPolicies

授予查询策略组中的策略项的权限。

list

policyGroup *

-

workspace:policyGroups:updatePolicies

授予修改策略组中的策略项的权限。

write

policyGroup *

-

workspace:policyGroups:listTargets

授予查询策略组应用对象的权限。

list

policyGroup *

-

workspace:policyGroups:updateTargets

授予修改策略组应用对象的权限。

write

policyGroup *

-

desktop

-

desktopPool

-

user

-

userGroup

-

appGroup

-

workspace:policyGroups:listDetail

授予查询策略组详情列表的权限。

list

policyGroup *

-

workspace:policyGroups:getOriginalPolicies

授予查询初始策略项的权限。

read

policyGroup *

-

workspace:users:list

授予查询用户列表的权限。

list

user *

-

workspace:users:create

授予创建用户的权限。

write

user *

-

workspace:users:delete

授予删除指定用户的权限。

write

user *

-

workspace:users:get

授予查询用户详情信息的权限。

read

user *

-

workspace:users:update

授予修改用户信息的权限。

write

user *

-

workspace:users:batchDelete

授予批量删除用户的权限。

write

user *

-

workspace:users:resetPassword

授予重置用户密码的权限。

write

user *

-

workspace:users:checkResetPasswordToken

授予校验重置域用户密码Token的权限。

write

user *

-

workspace:users:getTemplate

授予用户模板下载的权限。

read

-

-

workspace:users:checkExist

授予校验用户是否存在的权限。

write

user *

-

workspace:users:listOtps

授予查询OTP设备的权限。

list

user *

-

workspace:users:getImportTemplate

授予创建用户模板下载的权限。

read

-

-

workspace:users:batchCreate

授予批量创建用户的权限。

write

user *

-

workspace:products:listVolumeProducts

授予查询磁盘产品列表的权限。

list

-

-

workspace:tenants:listExportTasks

授予查询导出任务列表的权限。

list

-

-

workspace:tenants:deleteExportTasks

授予批量删除导出任务记录的权限。

write

-

-

workspace:tenants:exportData

授予下载导出的文件的权限。

read

-

-

workspace:statistics:listAlarm

授予查询告警列表的权限。

list

-

-

workspace:statistics:getAlarm

授予查询告警数的权限。

read

-

-

workspace:statistics:getGrowthRate

授予查询指标环比值的权限。

read

-

-

workspace:statistics:getMetric

授予查询指标的权限。

read

-

-

workspace:statistics:getMetricTrend

授予查询指标趋势的权限。

read

-

-

workspace:statistics:updateNotificationRules

授予更新指标的通知规则的权限。

write

-

-

workspace:statistics:deleteNotificationRules

授予删除指标的通知规则的权限。

write

-

-

workspace:statistics:createNotifyRules

授予新增指标的通知规则的权限。

write

-

-

workspace:statistics:listNotificationRules

授予查询指标的通知规则的权限。

list

-

-

workspace:statistics:listNotificationRecords

授予查询指标通知记录的权限。

list

-

-

workspace:statistics:listDesktopMetrics

授予查询桌面使用统计信息的权限。

list

-

-

workspace:statistics:exportDesktopMetrics

授予导出桌面使用统计信息的权限。

list

-

-

workspace:statistics:listUserMetrics

授予查询用户使用统计信息的权限。

list

-

-

workspace:statistics:exportUserMetrics

授予导出用户使用统计信息;的权限。

list

-

-

workspace:appcenter:createBucketCredential

授予生成OBS桶凭证信息信息的权限。

write

-

-

workspace:appcenter:createAndAuthorizeBucket

授予添加并授权默认OBS桶的权限。

write

-

-

workspace:appcenter:listApps

授予按照名称分页查询应用的权限。

list

-

-

workspace:appcenter:createApp

授予上传应用的权限。

write

-

-

workspace:appcenter:updateApp

授予修改应用的权限。

write

-

-

workspace:appcenter:deleteApp

授予删除应用的权限。

write

-

-

workspace:appcenter:installApp

授予自动安装应用的权限。

write

-

-

workspace:appcenter:listAppAuthorizations

授予查询应用授权信息的权限。

list

-

-

workspace:appcenter:batchUpdateAppAuthorizations

授予设置应用授权的权限。

write

-

-

workspace:appcenter:batchDeleteApps

授予批量删除应用的权限。

write

-

-

workspace:appcenter:batchDisableApps

授予批量设置应用不可见的权限。

write

-

-

workspace:appcenter:batchEnableApps

授予批量设置应用可见的权限。

write

-

-

workspace:appcenter:batchInstallApps

授予批量自动安装安装应用的权限。

write

-

-

workspace:appcenter:listAppCatalogs

授予查询应用分类信息的权限。

list

-

-

workspace:appcenter:listJobs

授予查询应用安装job信息的权限。

list

-

-

workspace:appcenter:batchDeleteJobs

授予批量删除job的权限。

write

-

-

workspace:appcenter:retryJobs

授予重试失败job的权限。

write

-

-

workspace:appcenter:createAppRule

授予创建应用规则的权限。

write

-

-

workspace:appcenter:listAppRule

授予查询应用规则的权限。

list

-

-

workspace:appcenter:updateAppRule

授予修改应用规则的权限。

write

-

-

workspace:appcenter:deleteAppRule

授予删除应用规则的权限。

write

-

-

workspace:appcenter:batchDeleteAppRules

授予批量删除应用规则的权限。

write

-

-

workspace:appcenter:enableRuleRestriction

授予启用规则管控的权限。

write

-

-

workspace:appcenter:disableRuleRestriction

授予禁用规则管控的权限。

write

-

-

workspace:appcenter:addRestrictedRule

授予增加管控规则的权限。

write

-

-

workspace:appcenter:listRestrictedRule

授予查询管控规则列表的权限。

list

-

-

workspace:appcenter:deleteRestrictedRule

授予批量删除管控规则列表的权限。

write

-

-

workspace:appcenter:updateTenantProfile

授予启禁用租户功能的权限。

write

-

-

workspace:appcenter:listTenantProfiles

授予查询租户功能状态的权限。

list

-

-

workspace:scripts:create

授予创建脚本的权限。

write

script *

-

workspace:scripts:list

授予查询脚本列表的权限。

list

script *

-

workspace:scripts:get

授予查询脚本详情的权限。

read

script *

-

workspace:scripts:put

授予更新脚本的权限。

write

script *

-

workspace:scripts:delete

授予删除脚本的权限。

write

script *

-

workspace:scripts:execute

授予批量执行脚本或命令的权限。

write

script *

-

desktop *

-

workspace:scripts:getRecordDetail

授予查询脚本或命令执行记录详情的权限。

read

script *

-

workspace:scripts:listRecords

授予查询脚本执行记录列表的权限。

list

script *

-

workspace:scripts:listTasks

授予查询脚本任务列表的权限。

list

script *

-

workspace:scripts:retry

授予重试脚本的权限。

write

script *

-

workspace:scripts:stop

授予停止脚本或命令执行任务的权限。

write

script *

-

workspace:scripts:download

授予下载脚本输出记录的权限。

write

script *

-

workspace:tenants:getShareSpaceConfig

授予查询协同配置的权限。

read

-

-

workspace:tenants:updateShareSpaceConfig

授予修改协同配置的权限。

write

-

-

workspace:authConfigs:getStatus

授予查询认证状态的权限。

read

-

-

workspace:privacystatements:sign

授予签署隐私声明的权限。

write

-

-

workspace:sites:get

授予查询站点信息的权限。

read

-

-

workspace:sites:add

授予新增站点的权限。

write

-

workspace:AccessMode

workspace:sites:delete

授予删除站点的权限。

write

-

-

workspace:sites:updateAccessMode

授予修改站点接入方式的权限。

write

-

workspace:AccessMode

workspace:sites:updateSubnets

授予修改站点业务子网的权限。

write

-

-

workspace:tenants:checkEnterpriseIds

授予检查企业ID是否已被使用的权限。

write

-

-

workspace:tenants:updateEnterpriseId

授予修改企业ID的权限。

write

-

-

workspace:bandwidth:create

授予开通云办公带宽的权限。

write

-

-

workspace:bandwidth:list

授予查询云办公带宽列表的权限。

list

-

-

workspace:bandwidth:update

授予修改云办公带宽的权限。

write

-

-

workspace:bandwidth:delete

授予取消云办公带宽的权限。

write

-

-

workspace:bandwidth:getControlConfig

授予查询云办公带宽的控制配置的权限。

read

-

-

workspace:bandwidth:updateControlConfig

授予修改云办公带宽的控制配置的权限。

write

-

-

workspace:bandwidth:createChangeOrder

授予创建云办公带宽变更订单的权限。

write

-

-

workspace:desktops:batchCreateSnapshots

授予批量创建桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchDeleteSnapshots

授予批量删除桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchRestoreSnapshots

授予批量恢复桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listSnapshots

授予查询桌面快照列表的权限。

list

-

-

workspace:desktops:verifyDesktopName

授予校验桌面名称的权限。

write

-

-

workspace:networks:getAvailableIp

授予根据子网id查询该子网下可用的ip的权限。

read

-

-

workspace:desktops:getAdStatus

授予查询AD网络状态的权限。

read

-

-

workspace:networks:checkIpIfExist

授予检查IP是否存在的权限。

write

-

-

workspace:images:checkIfExist

授予检查镜像是否存在的权限。

write

-

-

workspace:wdh:listDesktops

授予查询云办公主机包含桌面信息的权限。

list

wdh *

-

-

g:EnterpriseProjectId

workspace:wdh:update

授予更新云办公主机信息的权限。

write

wdh *

g:EnterpriseProjectId

workspace:bindingPolicies:getTemplate

授予下载终端与桌面绑定模板的权限。

read

-

-

workspace:bindingPolicies:import

授予批量导入终端与桌面绑定的权限。

write

-

-

workspace:statistics:getRunState

授予运行状态统计的权限。

read

-

-

workspace:statistics:getLoginState

授予登录状态统计的权限。

read

-

-

workspace:networks:getUsingSubnets

授予查询正在被使用的子网列表的权限。

read

-

-

workspace:networks:listPorts

授予查询端口列表的权限。

list

-

-

workspace:renderDesktops:createConsole

授予获取远程登录控制台地址的权限。

write

-

-

workspace:renderDesktops:resize

授予变更渲染桌面规格的权限。

write

-

-

workspace:exclusiveHosts:resizeLites

授予变更专享主机规格的权限。

write

exclusiveHost *

g:EnterpriseProjectId

workspace:desktops:getMonitor

授予查询桌面监控信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listDetachInfo

授予查询桌面历史解绑用户信息的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:getSysprepVersion

授予查询sysprep版本信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:networks:createNat

授予开通NAT网关上网功能的权限。

write

-

-

workspace:networks:listNats

授予查询NAT网关上网功能的权限。

list

-

-

workspace:networks:listSubnets

授予查询子网列表的权限。

list

-

-

workspace:networks:listVpcs

授予查询查询vpc的权限。

list

-

-

workspace:policyGroups:createTemplate

授予创建策略模板的权限。

write

-

-

workspace:policyGroups:listTemplate

授予查询策略模板列表的权限。

list

-

-

workspace:policyGroups:updateTemplate

授予更新策略模板的权限。

write

-

-

workspace:networks:listSecurityGroups

授予查询安全组列表的权限。

list

-

-

workspace:availabilityZones:getSummary

授予查询可用分区列表概要的权限。

read

-

-

workspace:availabilityZones:get

授予查询可用分区详情的权限。

read

-

-

workspace:users:importUser

授予导入用户列表的权限。

write

user *

-

workspace:users:uploadTemplate

授予导入桌面用户列表的权限。

write

user *

-

workspace:accessPolicies:update

授予更新指定接入策略的权限。

write

-

-

workspace:desktops:verifySource

授予校验桌面来源的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listDesktopNetworks

授予批量查询桌面网络信息的权限。

list

desktop *

-

workspace:desktops:batchChangeNetwork

授予批量切换桌面网络的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:jobs:get

授予查询任务详情的权限。

read

-

-

workspace:accessPolicies:importIp

授予导入IP列表的权限。

write

-

-

workspace:accessPolicies:getIpImportTemplate

授予下载IP导入模板的权限。

read

-

-

workspace:sites:listEdgeSites

授予查询边缘站点的权限。

list

-

-

workspace:sites:checkEdgeSiteResources

授予校验边缘站点资源的权限。

write

-

-

workspace:ou:listAdOus

授予查询AD域下OU信息的权限。

list

-

-

workspace:ou:listOuUsers

授予查询OU下用户信息的权限。

list

-

-

workspace:ou:importUsersByOU

授予导入OU用户的权限。

write

-

-

workspace:appGroup:list

授予查询应用组的权限。

list

appGroup *

-

workspace:appGroup:create

授予创建应用组的权限。

write

appGroup *

-

serverGroup

-

workspace:appGroup:delete

授予应用组删除的权限。

write

appGroup *

-

workspace:appGroup:get

授予查询应用组详情的权限。

read

appGroup *

-

workspace:appGroup:update

授予修改应用组的权限。

write

appGroup *

-

serverGroup

-

workspace:app:listPublishedApp

授予查询已发布应用的权限。

list

app *

-

appGroup *

-

workspace:app:publish

授予发布应用的权限。

write

app *

-

appGroup *

-

workspace:app:get

授予查询应用详细信息的权限。

read

app *

-

appGroup *

-

workspace:app:update

授予修改应用信息的权限。

write

app *

-

appGroup *

-

workspace:app:deleteIcon

授予删除自定义应用图标的权限。

write

app *

-

appGroup *

-

workspace:app:uploadIcon

授予修改自定义应用图标的权限。

write

app *

-

appGroup *

-

workspace:app:check

授予校验应用的权限。

write

app *

-

appGroup *

-

workspace:app:batchDisable

授予批量禁用应用的权限。

write

app *

-

appGroup *

-

workspace:app:batchEnable

授予批量启用应用的权限。

write

app *

-

appGroup *

-

workspace:app:unpublish

授予批量取消应用发布的权限。

write

app *

-

appGroup *

-

workspace:appGroup:listPublishableApp

授予可发布应用列表的权限。

list

appGroup *

-

workspace:appGroup:batchDeleteAuthorization

授予移除应用组授权的权限。

write

appGroup *

-

user

-

userGroup

-

workspace:appGroup:disassociate

授予解除服务组关联的所有应用组的权限。

write

-

-

workspace:appGroup:listAuthorization

授予查询应用组授权记录的权限。

list

appGroup *

-

workspace:appGroup:addAuthorization

授予增加应用组授权的权限。

write

appGroup *

-

user

-

userGroup

-

workspace:appGroup:batchDelete

授予批量删除应用组的权限。

write

appGroup *

-

workspace:appGroup:check

授予校验应用组的权限。

write

-

-

workspace:serverGroup:list

授予查询服务器组列表的权限。

list

serverGroup *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:serverGroup:create

授予创建服务器组的权限。

write

serverGroup *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:serverGroup:delete

授予删除服务器组的权限。

write

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:get

授予查询指定服务器组的权限。

read

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:update

授予修改服务器组的权限。

write

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:getServerState

授予查询指定服务器组内服务器状态的权限。

read

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:listDetail

授予查询租户服务器组基础信息列表的权限。

list

serverGroup *

-

workspace:serverGroup:getRestrict

授予指定租户服务器组限制查询的权限。

read

serverGroup *

-

workspace:serverGroup:validate

授予校验服务器组的权限。

write

serverGroup *

-

workspace:serverGroup:tagResource

授予服务器组添加标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:serverGroup:unTagResource

授予服务器组删除标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:serverGroup:listTagsForResource

授予查询服务器组标签的权限。

list

serverGroup *

-

-

g:EnterpriseProjectId

workspace:serverGroup:listTags

授予查询租户所有服务器上标签的权限。

list

serverGroup *

-

workspace:serverGroup:batchCreateTags

授予批量添加服务器组标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:serverGroup:batchDeleteTags

授予批量删除服务器组标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:server:list

授予查询服务器列表的权限。

list

server *

-

workspace:server:delete

授予删除服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:get

授予查询指定服务器的权限。

read

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:update

授予修改服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:changeImage

授予修改服务器的镜像的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:reinstall

授予重装服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:getVncUrl

授予获取VNC远程登录地址的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:accessAgent:list

授予查询租户的所有HDA最新版本的权限。

list

-

-

workspace:accessAgent:batchUpgrade

授予批量升级服务器HDA版本的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:accessAgent:listLatestVersion

授予查询租户的HDA最新版本的权限。

list

-

-

workspace:server:listAccessAgentDetails

授予查询服务器的HDA相关信息的权限。

list

server *

-

workspace:accessAgent:getUpgradeFlag

授予查询HDA升级提醒标识的权限。

read

-

-

workspace:accessAgent:updateUpgradeFlag

授予更新HDA升级通知标识的权限。

write

-

-

workspace:accessAgent:listUpgradeRecords

授予查询服务器的HDA升级跟踪记录的权限。

list

-

-

workspace:server:batchDelete

授予批量删除服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchChangeMaintainMode

授予标记服务器维护状态的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchReboot

授予重启服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchRejoinDomain

授予批量服务器重新加域的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchStart

授予启动服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchStop

授予关闭服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchUpdateTsvi

授予批量更新服务器虚拟会话IP配置的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:create

授予创建应用服务器的权限。

write

server *

-

serverGroup *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:server:batchMigrateHosts

授予迁移云办公主机下面的服务器到目标云办公主机的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

wdh *

-

workspace:server:getMetricData

授予查询云应用服务器监控信息的权限。

read

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:jobs:batchDeleteSubJobs

授予批量删除子任务的权限。

write

-

-

workspace:jobs:countSubJobs

授予子任务数量查询的权限。

list

-

-

workspace:appWarehouse:authorizeObs

授予获取上传至OBS桶的ak/sk的权限。

write

-

-

workspace:appWarehouse:batchDeleteApp

授予批量删除应用仓库中的指定应用的权限。

write

-

-

workspace:appWarehouse:ListWarehouseApps

授予查询租户应用仓库中的应用列表的权限。

list

-

-

workspace:appWarehouse:createApp

授予在应用仓库中新增应用的权限。

write

-

-

workspace:appWarehouse:deleteApp

授予删除应用仓库中的指定应用的权限。

write

-

-

workspace:appWarehouse:uploadAppIcon

授予在应用仓库中上传图标文件的权限。

write

-

-

workspace:appWarehouse:createBucketOrAcl

授予添加桶或者桶授权的权限。

write

-

-

workspace:images:listImageJobs

授予查询租户的任务列表的权限。

list

-

-

workspace:images:getImageJob

授予查询任务详情的权限。

read

-

-

workspace:imageServer:list

授予查询镜像实例列表的权限。

list

imageServer *

-

-

g:EnterpriseProjectId

workspace:imageServer:create

授予创建镜像实例的权限。

write

imageServer *

-

-

g:EnterpriseProjectId

workspace:imageServer:get

授予查询指定镜像实例的权限。

read

imageServer *

g:EnterpriseProjectId

workspace:imageServer:update

授予修改镜像实例的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:attachApp

授予分发软件信息至镜像实例的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:listLatestAttachedApp

授予查询最近一次分发软件信息列表的权限。

list

imageServer *

-

workspace:imageServer:recreate

授予构建云应用镜像的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:batchDelete

授予批量删除镜像实例的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:listImageSubJobs

授予子任务查询的权限。

list

-

-

workspace:imageServer:batchDeleteImageSubJobs

授予批量删除子任务的权限。

write

-

-

workspace:imageServer:countImageSubJobs

授予子任务数量查询的权限。

read

-

-

workspace:appGroup:listMailRecord

授予查询应用组授权邮件发送记录的权限。

list

-

-

workspace:appGroup:resendMail

授予重发应用组授权邮件(根据授权邮件记录)的权限。

write

-

-

workspace:storage:listPersistentStorage

授予查询WKS存储的权限。

list

storage *

-

workspace:storage:createPersistentStorage

授予创建WKS存储的权限。

write

storage *

-

workspace:storage:deletePersistentStorage

授予删除WKS存储的权限。

write

storage *

-

workspace:storage:updateUserFolderAssignment

授予创建个人存储目录的权限。

write

storage *

-

workspace:storage:updateShareFolderAssignment

授予修改共享目录成员的权限。

write

storage *

-

workspace:storage:createShareFolder

授予创建共享存储目录的权限。

write

storage *

-

workspace:storage:deleteStorageClaim

授予删除共享目录的权限。

write

storage *

-

workspace:storage:deleteUserStorageAttachment

授予删除个人存储目录的权限。

write

storage *

-

workspace:storage:batchDeletePersistentStorage

授予批量删除WKS存储的权限。

write

storage *

-

workspace:storage:listStorageAssignment

授予查询个人存储目录的权限。

list

storage *

-

workspace:storage:listShareFolder

授予查询共享存储目录的权限。

list

storage *

-

workspace:policyGroups:deleteTemplate

授予删除策略模板的权限。

write

-

-

workspace:privacystatements:get

授予查询最新版本的隐私声明的权限。

read

-

-

workspace:scalingPolicy:delete

授予删除弹性伸缩策略的权限。

write

-

-

workspace:scalingPolicy:list

授予查询服务器组弹性伸缩策略的权限。

read

-

-

workspace:scalingPolicy:create

授予新增/修改弹性伸缩策略的权限。

write

-

-

workspace:session:listAppConnection

授予查询应用使用记录的权限。

write

-

-

workspace:session:logoffUserSession

授予用户会话注销的权限。

write

-

-

workspace:session:listUserConnection

授予查询用户登录记录的权限。

write

-

-

workspace:session:listSessionByUserName

授予根据用户名查询当前会话的权限。

list

-

-

workspace:storagePolicy:create

授予新增或更新存储目录访问权限自定义策略的权限。

write

storage *

-

workspace:storagePolicy:list

授予查询存储目录访问权限策略的权限。

list

storage *

-

workspace:storage:listSfs3Storage

授予查询SFS3.0存储的权限。

list

storage *

-

workspace:baseResource:list

授予查询可用分区列表的权限。

list

-

-

workspace:tenants:listConfigInfo

授予查询企业系统配置的权限。

list

-

-

workspace:tenants:active

授予租户服务激活、初始化的权限。

write

-

-

workspace:tenants:listTenantProfile

授予查询租户信息的权限。

list

-

-

workspace:server:listServerMetricData

授予查询服务器的监控数据的权限。

list

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:session:listSessions

授予查询企业会话列表的权限。

list

-

-

workspace:appWarehouse:updateApp

授予更新应用仓库中的应用的权限。

write

-

-

workspace:server:batchChangeImage

授予批量切换服务器镜像的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchReinstall

授予批量重装服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:authConfigs:get

授予查询认证登录方式配置信息的权限。

read

-

-

workspace:authConfigs:update

授予更新认证策略配置信息的权限。

write

-

-

workspace:assistAuthConfigs:get

授予查询辅助认证的配置信息的权限。

read

-

-

workspace:assistAuthConfigs:update

授予更新辅助认证配置的权限。

write

-

-

workspace:jobs:retry

授予重试任务的权限。

write

-

-

workspace:quotas:get

授予查询租户配额的权限。

read

-

-

workspace:tenants:getRoles

授予查询租户角色的权限。

read

-

-

workspace:tenants:ListConfig

授予查询租户个性配置列表的权限。

list

-

-

workspace:tenants:updateConfig

授予修改租户个性配置的权限。

write

-

-

workspace:natMappings:getConfig

授予查询租户的NAT映射配置项的权限。

read

-

-

workspace:natMappings:updateConfig

授予修改租户的NAT映射配置项的权限。

write

-

-

workspace:tenants:get

授予查询云办公服务详情的权限。

read

-

-

workspace:tenants:open

授予开通云办公服务的权限。

write

-

workspace:AccessMode

workspace:tenants:delete

授予注销云办公服务的权限。

write

-

-

workspace:tenants:update

授予修改云办公服务属性的权限。

write

-

workspace:AccessMode

workspace:tenants:getLockStatus

授予查询云办公服务是否被锁定的权限。

read

-

-

workspace:tenants:unlock

授予解除云办公服务锁定状态的权限。

write

-

-

workspace:agencies:create

授予创建委托的权限。

write

-

-

workspace:agencies:get

授予查询委托的权限。

read

-

-

workspace:desktops:commitAiAccelerateJob

授予创建渲染加速任务的权限。

write

-

-

workspace:desktops:getAiAccelerateJob

授予查询渲染加速任务的权限。

read

-

-

workspace:desktops:getSysPrepInfo

授予查询sysprep详情的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:checkBatchChangeImage

授予校验批量切换镜像的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:tenants:listDesktopNamePolicies

授予查询桌面名称策略列表的权限。

list

-

-

workspace:tenants:createDesktopNamePolicy

授予创建桌面名称策略的权限。

write

-

-

workspace:tenants:updateDesktopNamePolicy

授予更新桌面名称策略的权限。

write

-

-

workspace:tenants:batchDeleteDesktopNamePolicies

授予批量删除桌面名称策略的权限。

write

-

-

workspace:desktopPools:create

授予创建桌面池的权限。

write

desktopPool *

-

user

-

userGroup

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktopPools:list

授予查询桌面池列表的权限。

list

desktopPool *

-

workspace:desktopPools:update

授予修改桌面池属性的权限。

write

desktopPool *

-

workspace:desktopPools:delete

授予删除桌面池的权限。

write

desktopPool *

-

workspace:desktopPools:get

授予查询桌面池详情的权限。

read

desktopPool *

-

workspace:desktopPools:expand

授予扩容桌面池的权限。

write

desktopPool *

-

workspace:desktopPools:resize

授予桌面池变更规格的权限。

write

desktopPool *

-

workspace:desktopPools:rebuild

授予桌面池重建系统盘的权限。

write

desktopPool *

-

workspace:desktopPools:batchAddVolumes

授予桌面池批量添加磁盘的权限。

write

desktopPool *

-

workspace:desktopPools:batchDeleteVolumes

授予桌面池批量删除磁盘的权限。

write

desktopPool *

-

workspace:desktopPools:batchExpandVolumes

授予桌面池批量扩容磁盘的权限。

write

desktopPool *

-

workspace:desktopPools:operate

授予操作桌面池的权限。

write

desktopPool *

-

workspace:desktopPools:listUsers

授予查询桌面池授权的用户、用户组的权限。

list

desktopPool *

-

workspace:desktopPools:authorizeUsers

授予桌面池授权用户、用户组的权限。

write

desktopPool *

-

user

-

userGroup

-

workspace:desktopPools:listDesktops

授予查询桌面池桌面信息的权限。

list

desktopPool *

-

workspace:desktopPools:listScriptTasks

授予查询桌面池的脚本执行任务列表的权限。

list

desktopPool *

-

workspace:desktopPools:executeScripts

授予桌面池批量执行脚本的权限。

write

desktopPool *

-

script

-

workspace:desktopPools:sendNotifications

授予发送消息通知的权限。

write

desktopPool *

-

workspace:desktops:export

授予导出桌面列表的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:create

授予创建桌面的权限。

write

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId
  • workspace:AssociatePublicIp
  • workspace:AccessMode

workspace:desktops:list

授予查询桌面列表的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:update

授予更新桌面信息的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:delete

授予删除桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:get

授予查询桌面详情的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchDelete

授予批量删除桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:logoff

授予批量注销桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listDetail

授予查询桌面详情列表的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:operate

授予操作桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:resize

授予变更规格的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getConnectStatus

授予查询桌面登录状态统计数据的权限。

read

-

-

workspace:desktops:ListStatus

授予查询桌面登录状态的权限。

list

-

-

workspace:desktops:rebuild

授予重建桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getActions

授予查询桌面开关机信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createConsole

授予获取远程登录控制台地址的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:updateSids

授予更新桌面SID的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:rejoinDomain

授予重新加入AD域的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createImage

授予桌面转镜像的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchDetach

授予批量解绑用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:detach

授予解绑用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:attach

授予分配用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getNetwork

授予查询桌面网络信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:changeNetwork

授予切换桌面网络的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:exclusiveHosts:listDesktops

授予查询专享桌面详情列表的权限。

list

exclusiveHost *

-

-

g:EnterpriseProjectId

workspace:desktops:listAll

授予查询普通桌面和渲染桌面列表的权限。

list

desktop *

-

workspace:desktopAssociate:listDiscoverVmInfo

授予查询可纳管的虚拟机列表的权限。

list

-

-

workspace:desktopAssociate:startTask

授予启动纳管虚拟机任务的权限。

write

-

-

workspace:desktopAssociate:switchScanTask

授予开启纳管扫描任务的权限。

write

-

-

workspace:desktopAssociate:getScanTaskSwitch

授予查询纳管扫描任务开关的权限。

read

-

-

workspace:desktops:setMaintenanceMode

授予批量设置桌面管理员维护模式的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:prepAttachUsers

授予预批量分配用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchAttachUsers

授予批量分配用户的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:changeUsername

授予在Windows AD场景下,修改与桌面关联的用户名的权限。

write

-

-

workspace:desktops:sendNotifications

授予发送消息通知的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:migrate

授予迁移桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listAgents

授予查询桌面安装agent列表的权限。

list

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchInstallAgents

授予批量为桌面安装agent的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listTags

授予查询桌面标签的权限。

list

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:tag

授予创建桌面标签的权限。

tagging

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:desktops:untag

授予删除桌面标签的权限。

tagging

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:desktops:listProjectTags

授予查询项目标签的权限。

list

-

-

workspace:desktops:operateTags

授予批量添加删除标签的权限。

tagging

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:desktops:listByTags

授予使用标签过滤桌面的权限。

list

-

-

workspace:exclusiveHosts:create

授予创建专享主机的权限。

write

exclusiveHost *

-

-

g:EnterpriseProjectId

workspace:exclusiveHosts:list

授予查询专享主机列表的权限。

list

exclusiveHost *

-

-

g:EnterpriseProjectId

workspace:exclusiveHosts:check

授予校验是否能创建专享主机的权限。

write

-

-

workspace:exclusiveHosts:get

授予查询专享主机详情的权限。

read

exclusiveHost *

g:EnterpriseProjectId

workspace:exclusiveHosts:update

授予更新专享主机信息的权限。

write

exclusiveHost *

g:EnterpriseProjectId

workspace:exclusiveHosts:delete

授予删除专享主机的权限。

write

exclusiveHost *

g:EnterpriseProjectId

workspace:mkp:listImages

授予查询云市场镜像列表的权限。

list

-

-

workspace:mkp:listCommodityInfos

授予查询云市场商品信息的权限。

list

-

-

workspace:mkp:createOrder

授予创建云市场产品订单的权限。

write

-

-

workspace:mkp:listListProductReserve

授予查询云市场库存信息的权限。

list

-

-

workspace:mkp:listCommodityDetails

授予查询云市场商品详情的权限。

list

-

-

workspace:mkp:listRelationCommodityDetails

授予查询商品的关联商品的权限。

list

-

-

workspace:mkp:listCommodityAgreements

授予查询云市场商品协议的权限。

list

-

-

workspace:networks:listEips

授予查询EIP列表的权限。

list

-

-

workspace:networks:createEips

授予创建EIP的权限。

write

-

-

workspace:networks:bindEips

授予绑定EIP的权限。

write

-

-

workspace:networks:unbindEips

授予解绑EIP的权限。

write

-

-

workspace:networks:getEipQuota

授予查询EIP配额的权限。

read

-

-

workspace:networks:ListNatGateways

授予查询Nat网关列表的权限。

list

-

-

workspace:orders:create

授予包周期下单的权限。

write

-

  • workspace:CreateOrderType
  • workspace:AssociatePublicIp
  • workspace:AccessMode

workspace:orders:change

授予创建变更订单的权限。

write

-

workspace:ChangeOrderType

workspace:orders:batchInquiry

授予批量询价的权限。

write

-

-

workspace:quotas:check

授予校验配额的权限。

write

-

-

workspace:renderDesktops:create

授予创建渲染桌面的权限。

write

-

-

workspace:renderDesktops:delete

授予删除渲染桌面的权限。

write

-

-

workspace:renderDesktops:list

授予查询渲染桌面列表的权限。

list

-

-

workspace:renderDesktops:action

授予操作渲染桌面的权限。

write

-

-

workspace:scheduledTasks:list

授予查询定时任务列表的权限。

list

scheduledTask *

-

workspace:scheduledTasks:create

授予创建定时任务的权限。

write

scheduledTask *

-

desktop

-

desktopPool

-

server

-

serverGroup

-

workspace:scheduledTasks:get

授予查询定时任务详情的权限。

read

scheduledTask *

-

workspace:scheduledTasks:update

授予更新定时任务的权限。

write

scheduledTask *

-

desktop

-

desktopPool

-

server

-

serverGroup

-

workspace:scheduledTasks:delete

授予删除定时任务的权限。

write

scheduledTask *

-

workspace:scheduledTasks:getFuture

授予查询定时任务未来执行时间的权限。

read

-

-

workspace:scheduledTasks:batchDelete

授予批量删除定时任务的权限。

write

scheduledTask *

-

workspace:scheduledTasks:listRecords

授予查询定时任务执行记录的权限。

list

scheduledTask *

-

workspace:scheduledTasks:getRecord

授予查询定时任务执行记录详情的权限。

read

scheduledTask *

-

workspace:scheduledTasks:exportRecords

授予导出定时任务记录及执行详情的权限。

list

scheduledTask *

-

workspace:users:subscribeSharer

授予订阅协同资源的权限。

write

user *

-

workspace:desktops:addSubResources

授予购买桌面附属资源的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:deleteSubResources

授予删除桌面附属资源的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createSnapshots

授予创建桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:getSnapshots

授予查询桌面快照的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:deleteSnapshots

授予删除桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:restoreBySnapshot

授予使用桌面快照恢复桌面的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:statistics:listDesktopStatus

授予统计桌面状态的权限。

list

-

-

workspace:statistics:getUnused

授予查询在指定时间段未使用的桌面的权限。

read

-

-

workspace:statistics:getUsed

授予查询使用桌面的时长的权限。

read

-

-

workspace:bindingPolicies:export

授予导出终端与桌面绑定配置excel的权限。

list

-

-

workspace:bindingPolicies:getConfig

授予查询终端与桌面绑定的开关配置信息的权限。

read

-

-

workspace:bindingPolicies:createConfig

授予设置终端与桌面绑定的开关配置的权限。

write

-

-

workspace:bindingPolicies:get

授予查询终端与桌面绑定配置列表的权限。

read

-

-

workspace:bindingPolicies:add

授予增加终端与桌面绑定配置的权限。

write

-

-

workspace:bindingPolicies:update

授予修改终端与桌面绑定配置的权限。

write

-

-

workspace:bindingPolicies:delete

授予删除终端与桌面绑定配置的权限。

write

-

-

workspace:volumes:delete

授予删除桌面数据盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:batchAdd

授予增加桌面磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:batchExpand

授予扩容桌面磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:wdh:getType

授予查询云办公主机类型的权限。

read

wdh *

g:EnterpriseProjectId

workspace:wdh:get

授予查询云办公主机列表的权限。

read

wdh *

g:EnterpriseProjectId

workspace:desktops:getRemoteAssistance

授予查询远程协助信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:createRemoteAssistance

授予创建远程协助的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:cancelRemoteAssistance

授予取消远程协助的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:add

授予单个桌面增加磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:expand

授予扩容磁盘的权限。

write

desktop

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:volumes:listDssPoolsDetail

授予获取专属分布式存储池详情列表的权限。

list

-

-

workspace:common:listTimezones

授予查询时区配置的权限。

list

-

-

workspace:connections:securityExport

授予导出连接记录的权限。

list

-

-

workspace:images:list

授予查询支持的镜像列表的权限。

list

-

-

workspace:policyGroups:import

授予导入策略组的权限。

write

-

-

workspace:accessPolicies:create

授予创建接入策略的权限。

write

-

-

workspace:accessPolicies:get

授予查询接入策略的权限。

read

-

-

workspace:accessPolicies:delete

授予删除指定接入策略的权限。

write

-

-

workspace:accessPolicies:getTarget

授予查询指定接入策略的应用对象的权限。

read

-

-

workspace:accessPolicies:updateTarget

授予更新指定接入策略的应用对象的权限。

write

-

-

workspace:products:listDesktopProducts

授予查询支持的产品套餐列表的权限。

list

-

-

workspace:products:listSharerProducts

授予查询协同套餐列表的权限。

list

-

-

workspace:products:listInternetProducts

授予查询上网套餐列表的权限。

list

-

-

workspace:availabilityZones:list

授予查询支持的可用分区列表的权限。

list

-

-

workspace:userGroups:export

授予导出用户组的权限。

list

userGroup *

-

workspace:users:export

授予导出用户的权限。

list

user *

-

workspace:users:import

授予导入用户的权限。

write

user *

-

workspace:userGroups:exportUsers

授予导出用户组用户的权限。

list

userGroup *

-

workspace:users:operate

授予操作用户(锁定、解锁和重置密码)的权限。

write

user *

-

workspace:users:randomPassword

授予给用户重置随机密码的权限。

write

user *

-

workspace:users:deleteOtps

授予解绑OTP设备的权限。

write

user *

-

workspace:users:resendEmail

授予重新发送邮件的权限。

write

user *

-

workspace:connections:securityList

授予查询连接信息的权限。

list

-

-

workspace:connections:listOnlineUsers

授予查询登录人数的权限。

list

-

-

workspace:userGroups:list

授予查询用户组列表的权限。

list

userGroup *

-

workspace:userGroups:create

授予创建用户组的权限。

write

userGroup *

-

workspace:userGroups:batchDelete

授予批量删除用户组的权限。

write

userGroup *

-

workspace:userGroups:delete

授予删除桌面用户组的权限。

write

userGroup *

-

workspace:userGroups:update

授予修改用户组信息的权限。

write

userGroup *

-

workspace:userGroups:operate

授予操作用户组的权限。

write

userGroup *

-

user *

-

workspace:userGroups:getUsers

授予查询用户组中的用户的权限。

list

userGroup *

-

workspace:jobs:listSubJobs

授予查询子任务列表的权限。

list

-

-

workspace:jobs:deleteSubJobRecords

授予删除子任务记录的权限。

write

-

-

workspace:ou:get

授予查询OU信息的权限。

list

-

-

workspace:ou:create

授予新增OU信息的权限。

write

-

-

workspace:ou:delete

授予删除OU信息的权限。

write

-

-

workspace:ou:update

授予更新OU信息的权限。

write

-

-

workspace:policyGroups:list

授予查询策略组列表的权限。

list

policyGroup *

-

workspace:policyGroups:create

授予新增策略组的权限。

write

policyGroup *

-

desktop

-

desktopPool

-

user

-

userGroup

-

appGroup

-

workspace:policyGroups:delete

授予删除策略组的权限。

write

policyGroup *

-

workspace:policyGroups:get

授予查询策略组的权限。

read

policyGroup *

-

workspace:policyGroups:update

授予修改策略组的权限。

write

policyGroup *

-

user

-

userGroup

-

appGroup

-

workspace:policyGroups:export

授予导出策略组的权限。

list

policyGroup *

-

workspace:policyGroups:listPolicies

授予查询策略组中的策略项的权限。

list

policyGroup *

-

workspace:policyGroups:updatePolicies

授予修改策略组中的策略项的权限。

write

policyGroup *

-

workspace:policyGroups:listTargets

授予查询策略组应用对象的权限。

list

policyGroup *

-

workspace:policyGroups:updateTargets

授予修改策略组应用对象的权限。

write

policyGroup *

-

desktop

-

desktopPool

-

user

-

userGroup

-

appGroup

-

workspace:policyGroups:listDetail

授予查询策略组详情列表的权限。

list

policyGroup *

-

workspace:policyGroups:getOriginalPolicies

授予查询初始策略项的权限。

read

policyGroup *

-

workspace:users:list

授予查询用户列表的权限。

list

user *

-

workspace:users:create

授予创建用户的权限。

write

user *

-

workspace:users:delete

授予删除指定用户的权限。

write

user *

-

workspace:users:get

授予查询用户详情信息的权限。

read

user *

-

workspace:users:update

授予修改用户信息的权限。

write

user *

-

workspace:users:batchDelete

授予批量删除用户的权限。

write

user *

-

workspace:users:resetPassword

授予重置用户密码的权限。

write

user *

-

workspace:users:checkResetPasswordToken

授予校验重置域用户密码Token的权限。

write

user *

-

workspace:users:getTemplate

授予用户模板下载的权限。

read

-

-

workspace:users:checkExist

授予校验用户是否存在的权限。

write

user *

-

workspace:users:listOtps

授予查询OTP设备的权限。

list

user *

-

workspace:users:getImportTemplate

授予创建用户模板下载的权限。

read

-

-

workspace:users:batchCreate

授予批量创建用户的权限。

write

user *

-

workspace:products:listVolumeProducts

授予查询磁盘产品列表的权限。

list

-

-

workspace:tenants:listExportTasks

授予查询导出任务列表的权限。

list

-

-

workspace:tenants:deleteExportTasks

授予批量删除导出任务记录的权限。

write

-

-

workspace:tenants:exportData

授予下载导出的文件的权限。

read

-

-

workspace:statistics:listAlarm

授予查询告警列表的权限。

list

-

-

workspace:statistics:getAlarm

授予查询告警数的权限。

read

-

-

workspace:statistics:getGrowthRate

授予查询指标环比值的权限。

read

-

-

workspace:statistics:getMetric

授予查询指标的权限。

read

-

-

workspace:statistics:getMetricTrend

授予查询指标趋势的权限。

read

-

-

workspace:statistics:updateNotificationRules

授予更新指标的通知规则的权限。

write

-

-

workspace:statistics:deleteNotificationRules

授予删除指标的通知规则的权限。

write

-

-

workspace:statistics:createNotifyRules

授予新增指标的通知规则的权限。

write

-

-

workspace:statistics:listNotificationRules

授予查询指标的通知规则的权限。

list

-

-

workspace:statistics:listNotificationRecords

授予查询指标通知记录的权限。

list

-

-

workspace:statistics:listDesktopMetrics

授予查询桌面使用统计信息的权限。

list

-

-

workspace:statistics:exportDesktopMetrics

授予导出桌面使用统计信息的权限。

list

-

-

workspace:statistics:listUserMetrics

授予查询用户使用统计信息的权限。

list

-

-

workspace:statistics:exportUserMetrics

授予导出用户使用统计信息;的权限。

list

-

-

workspace:appcenter:createBucketCredential

授予生成OBS桶凭证信息信息的权限。

write

-

-

workspace:appcenter:createAndAuthorizeBucket

授予添加并授权默认OBS桶的权限。

write

-

-

workspace:appcenter:listApps

授予按照名称分页查询应用的权限。

list

-

-

workspace:appcenter:createApp

授予上传应用的权限。

write

-

-

workspace:appcenter:updateApp

授予修改应用的权限。

write

-

-

workspace:appcenter:deleteApp

授予删除应用的权限。

write

-

-

workspace:appcenter:installApp

授予自动安装应用的权限。

write

-

-

workspace:appcenter:listAppAuthorizations

授予查询应用授权信息的权限。

list

-

-

workspace:appcenter:batchUpdateAppAuthorizations

授予设置应用授权的权限。

write

-

-

workspace:appcenter:batchDeleteApps

授予批量删除应用的权限。

write

-

-

workspace:appcenter:batchDisableApps

授予批量设置应用不可见的权限。

write

-

-

workspace:appcenter:batchEnableApps

授予批量设置应用可见的权限。

write

-

-

workspace:appcenter:batchInstallApps

授予批量自动安装安装应用的权限。

write

-

-

workspace:appcenter:listAppCatalogs

授予查询应用分类信息的权限。

list

-

-

workspace:appcenter:listJobs

授予查询应用安装job信息的权限。

list

-

-

workspace:appcenter:batchDeleteJobs

授予批量删除job的权限。

write

-

-

workspace:appcenter:retryJobs

授予重试失败job的权限。

write

-

-

workspace:appcenter:createAppRule

授予创建应用规则的权限。

write

-

-

workspace:appcenter:listAppRule

授予查询应用规则的权限。

list

-

-

workspace:appcenter:updateAppRule

授予修改应用规则的权限。

write

-

-

workspace:appcenter:deleteAppRule

授予删除应用规则的权限。

write

-

-

workspace:appcenter:batchDeleteAppRules

授予批量删除应用规则的权限。

write

-

-

workspace:appcenter:enableRuleRestriction

授予启用规则管控的权限。

write

-

-

workspace:appcenter:disableRuleRestriction

授予禁用规则管控的权限。

write

-

-

workspace:appcenter:addRestrictedRule

授予增加管控规则的权限。

write

-

-

workspace:appcenter:listRestrictedRule

授予查询管控规则列表的权限。

list

-

-

workspace:appcenter:deleteRestrictedRule

授予批量删除管控规则列表的权限。

write

-

-

workspace:appcenter:updateTenantProfile

授予禁用租户功能的权限。

write

-

-

workspace:appcenter:listTenantProfiles

授予查询租户功能状态的权限。

list

-

-

workspace:scripts:create

授予创建脚本的权限。

write

script *

-

workspace:scripts:list

授予查询脚本列表的权限。

list

script *

-

workspace:scripts:get

授予查询脚本详情的权限。

read

script *

-

workspace:scripts:put

授予更新脚本的权限。

write

script *

-

workspace:scripts:delete

授予删除脚本的权限。

write

script *

-

workspace:scripts:execute

授予批量执行脚本或命令的权限。

write

script *

-

desktop *

-

workspace:scripts:getRecordDetail

授予查询脚本或命令执行记录详情的权限。

read

script *

-

workspace:scripts:listRecords

授予查询脚本执行记录列表的权限。

list

script *

-

workspace:scripts:listTasks

授予查询脚本任务列表的权限。

list

script *

-

workspace:scripts:retry

授予重试脚本的权限。

write

script *

-

workspace:scripts:stop

授予停止脚本或命令执行任务的权限。

write

script *

-

workspace:scripts:download

授予下载脚本输出记录的权限。

write

script *

-

workspace:tenants:getShareSpaceConfig

授予查询协同配置的权限。

read

-

-

workspace:tenants:updateShareSpaceConfig

授予修改协同配置的权限。

write

-

-

workspace:authConfigs:getStatus

授予查询认证状态的权限。

read

-

-

workspace:privacystatements:sign

授予签署隐私声明的权限。

write

-

-

workspace:sites:get

授予查询站点信息的权限。

read

-

-

workspace:sites:add

授予新增站点的权限。

write

-

workspace:AccessMode

workspace:sites:delete

授予删除站点的权限。

write

-

-

workspace:sites:updateAccessMode

授予修改站点接入方式的权限。

write

-

workspace:AccessMode

workspace:sites:updateSubnets

授予修改站点业务子网的权限。

write

-

-

workspace:tenants:checkEnterpriseIds

授予检查企业ID是否已被使用的权限。

write

-

-

workspace:tenants:updateEnterpriseId

授予修改企业ID的权限。

write

-

-

workspace:bandwidth:create

授予开通云办公带宽的权限。

write

-

-

workspace:bandwidth:list

授予查询云办公带宽列表的权限。

list

-

-

workspace:bandwidth:update

授予修改云办公带宽的权限。

write

-

-

workspace:bandwidth:delete

授予取消云办公带宽的权限。

write

-

-

workspace:bandwidth:getControlConfig

授予查询云办公带宽的控制配置的权限。

read

-

-

workspace:bandwidth:updateControlConfig

授予修改云办公带宽的控制配置的权限。

write

-

-

workspace:bandwidth:createChangeOrder

授予创建云办公带宽变更订单的权限。

write

-

-

workspace:desktops:batchCreateSnapshots

授予批量创建桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchDeleteSnapshots

授予批量删除桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:batchRestoreSnapshots

授予批量恢复桌面快照的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listSnapshots

授予查询桌面快照列表的权限。

list

-

-

workspace:desktops:verifyDesktopName

授予校验桌面名称的权限。

write

-

-

workspace:networks:getAvailableIp

授予根据子网id查询该子网下可用的ip的权限。

read

-

-

workspace:desktops:getAdStatus

授予查询AD网络状态的权限。

read

-

-

workspace:networks:checkIpIfExist

授予检查IP是否存在的权限。

write

-

-

workspace:images:checkIfExist

授予检查镜像是否存在的权限。

write

-

-

workspace:wdh:listDesktops

授予查询云办公主机包含桌面信息的权限。

list

wdh *

-

-

g:EnterpriseProjectId

workspace:wdh:update

授予更新云办公主机信息的权限。

write

wdh *

g:EnterpriseProjectId

workspace:bindingPolicies:getTemplate

授予下载终端与桌面绑定模板的权限。

read

-

-

workspace:bindingPolicies:import

授予批量导入终端与桌面绑定的权限。

write

-

-

workspace:statistics:getRunState

授予运行状态统计的权限。

read

-

-

workspace:statistics:getLoginState

授予登录状态统计的权限。

read

-

-

workspace:networks:getUsingSubnets

授予查询正在被使用的子网列表的权限。

read

-

-

workspace:networks:listPorts

授予查询端口列表的权限。

list

-

-

workspace:renderDesktops:createConsole

授予获取远程登录控制台地址的权限。

write

-

-

workspace:renderDesktops:resize

授予变更渲染桌面规格的权限。

write

-

-

workspace:exclusiveHosts:resizeLites

授予变更专享主机规格的权限。

write

exclusiveHost *

g:EnterpriseProjectId

workspace:desktops:getMonitor

授予查询桌面监控信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listDetachInfo

授予查询桌面历史解绑用户信息的权限。

list

desktop *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:desktops:getSysprepVersion

授予查询sysprep版本信息的权限。

read

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:networks:createNat

授予开通NAT网关上网功能的权限。

write

-

-

workspace:networks:listNats

授予查询NAT网关上网功能的权限。

list

-

-

workspace:networks:listSubnets

授予查询子网列表的权限。

list

-

-

workspace:networks:listVpcs

授予查询查询vpc的权限。

list

-

-

workspace:policyGroups:createTemplate

授予创建策略模板的权限。

write

-

-

workspace:policyGroups:listTemplate

授予查询策略模板列表的权限。

list

-

-

workspace:policyGroups:updateTemplate

授予更新策略模板的权限。

write

-

-

workspace:networks:listSecurityGroups

授予查询安全组列表的权限。

list

-

-

workspace:availabilityZones:getSummary

授予查询可用分区列表概要的权限。

read

-

-

workspace:availabilityZones:get

授予查询可用分区详情的权限。

read

-

-

workspace:users:importUser

授予导入用户列表的权限。

write

user *

-

workspace:users:uploadTemplate

授予导入桌面用户列表的权限。

write

user *

-

workspace:accessPolicies:update

授予更新指定接入策略的权限。

write

-

-

workspace:desktops:verifySource

授予校验桌面来源的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:desktops:listDesktopNetworks

授予批量查询桌面网络信息的权限。

list

desktop *

-

workspace:desktops:batchChangeNetwork

授予批量切换桌面网络的权限。

write

desktop *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:jobs:get

授予查询任务详情的权限。

read

-

-

workspace:accessPolicies:importIp

授予导入IP列表的权限。

write

-

-

workspace:accessPolicies:getIpImportTemplate

授予下载IP导入模板的权限。

read

-

-

workspace:sites:listEdgeSites

授予查询边缘站点的权限。

list

-

-

workspace:sites:checkEdgeSiteResources

授予校验边缘站点资源的权限。

write

-

-

workspace:ou:listAdOus

授予查询AD域下OU信息的权限。

list

-

-

workspace:ou:listOuUsers

授予查询OU下用户信息的权限。

list

-

-

workspace:ou:importUsersByOU

授予导入OU用户的权限。

write

-

-

workspace:appGroup:list

授予查询应用组的权限。

list

appGroup *

-

workspace:appGroup:create

授予创建应用组的权限。

write

appGroup *

-

serverGroup

-

workspace:appGroup:delete

授予应用组删除的权限。

write

appGroup *

-

workspace:appGroup:get

授予查询应用组详情的权限。

read

appGroup *

-

workspace:appGroup:update

授予修改应用组的权限。

write

appGroup *

-

serverGroup

-

workspace:app:listPublishedApp

授予查询已发布应用的权限。

list

app *

-

appGroup *

-

workspace:app:publish

授予发布应用的权限。

write

app *

-

appGroup *

-

workspace:app:get

授予查询应用详细信息的权限。

read

app *

-

appGroup *

-

workspace:app:update

授予修改应用信息的权限。

write

app *

-

appGroup *

-

workspace:app:deleteIcon

授予删除自定义应用图标的权限。

write

app *

-

appGroup *

-

workspace:app:uploadIcon

授予修改自定义应用图标的权限。

write

app *

-

appGroup *

-

workspace:app:check

授予校验应用的权限。

write

app *

-

appGroup *

-

workspace:app:batchDisable

授予批量禁用应用的权限。

write

app *

-

appGroup *

-

workspace:app:batchEnable

授予批量启用应用的权限。

write

app *

-

appGroup *

-

workspace:app:unpublish

授予批量取消应用发布的权限。

write

app *

-

appGroup *

-

workspace:appGroup:listPublishableApp

授予可发布应用列表的权限。

list

appGroup *

-

workspace:appGroup:batchDeleteAuthorization

授予移除应用组授权的权限。

write

appGroup *

-

user

-

userGroup

-

workspace:appGroup:disassociate

授予解除服务组关联的所有应用组的权限。

write

-

-

workspace:appGroup:listAuthorization

授予查询应用组授权记录的权限。

list

appGroup *

-

workspace:appGroup:addAuthorization

授予增加应用组授权的权限。

write

appGroup *

-

user

-

userGroup

-

workspace:appGroup:batchDelete

授予批量删除应用组的权限。

write

appGroup *

-

workspace:appGroup:check

授予校验应用组的权限。

write

-

-

workspace:serverGroup:list

授予查询服务器组列表的权限。

list

serverGroup *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:serverGroup:create

授予创建服务器组的权限。

write

serverGroup *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:serverGroup:delete

授予删除服务器组的权限。

write

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:get

授予查询指定服务器组的权限。

read

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:update

授予修改服务器组的权限。

write

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:getServerState

授予查询指定服务器组内服务器状态的权限。

read

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:serverGroup:listDetail

授予查询租户服务器组基础信息列表的权限。

list

serverGroup *

-

workspace:serverGroup:getRestrict

授予指定租户服务器组限制查询的权限。

read

serverGroup *

-

workspace:serverGroup:validate

授予校验服务器组的权限。

write

serverGroup *

-

workspace:serverGroup:tagResource

授予服务器组添加标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:serverGroup:unTagResource

授予服务器组删除标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:serverGroup:listTagsForResource

授予查询服务器组标签的权限。

list

serverGroup *

-

-

g:EnterpriseProjectId

workspace:serverGroup:listTags

授予查询租户所有服务器上标签的权限。

list

serverGroup *

-

workspace:serverGroup:batchCreateTags

授予批量添加服务器组标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:serverGroup:batchDeleteTags

授予批量删除服务器组标签的权限。

tagging

serverGroup *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

-

  • g:RequestTag/<tag-key>
  • g:TagKeys

workspace:server:list

授予查询服务器列表的权限。

list

server *

-

workspace:server:delete

授予删除服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:get

授予查询指定服务器的权限。

read

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:update

授予修改服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:changeImage

授予修改服务器的镜像的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:reinstall

授予重装服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:getVncUrl

授予获取VNC远程登录地址的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:accessAgent:list

授予查询租户的所有HDA最新版本的权限。

list

-

-

workspace:accessAgent:batchUpgrade

授予批量升级服务器HDA版本的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:accessAgent:listLatestVersion

授予查询租户的HDA最新版本的权限。

list

-

-

workspace:server:listAccessAgentDetails

授予查询服务器的HDA相关信息的权限。

list

server *

-

workspace:accessAgent:getUpgradeFlag

授予查询HDA升级提醒标识的权限。

read

-

-

workspace:accessAgent:updateUpgradeFlag

授予更新HDA升级通知标识的权限。

write

-

-

workspace:accessAgent:listUpgradeRecords

授予查询服务器的HDA升级跟踪记录的权限。

list

-

-

workspace:server:batchDelete

授予批量删除服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchChangeMaintainMode

授予标记服务器维护状态的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchReboot

授予重启服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchRejoinDomain

授予批量服务器重新加域的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchStart

授予启动服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchStop

授予关闭服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchUpdateTsvi

授予批量更新服务器虚拟会话IP配置的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:create

授予创建应用服务器的权限。

write

server *

-

serverGroup *

-

-

  • g:RequestTag/<tag-key>
  • g:TagKeys
  • g:EnterpriseProjectId

workspace:server:batchMigrateHosts

授予迁移云办公主机下面的服务器到目标云办公主机的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

wdh *

-

workspace:server:getMetricData

授予查询云应用服务器监控信息的权限。

read

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:jobs:batchDeleteSubJobs

授予批量删除子任务的权限。

write

-

-

workspace:jobs:countSubJobs

授予子任务数量查询的权限。

list

-

-

workspace:appWarehouse:authorizeObs

授予获取上传至OBS桶的ak/sk的权限。

write

-

-

workspace:appWarehouse:batchDeleteApp

授予批量删除应用仓库中的指定应用的权限。

write

-

-

workspace:appWarehouse:ListWarehouseApps

授予查询租户应用仓库中的应用列表的权限。

list

-

-

workspace:appWarehouse:createApp

授予在应用仓库中新增应用的权限。

write

-

-

workspace:appWarehouse:deleteApp

授予删除应用仓库中的指定应用的权限。

write

-

-

workspace:appWarehouse:uploadAppIcon

授予在应用仓库中上传图标文件的权限。

write

-

-

workspace:appWarehouse:createBucketOrAcl

授予添加桶或者桶授权的权限。

write

-

-

workspace:images:listImageJobs

授予查询租户的任务列表的权限。

list

-

-

workspace:images:getImageJob

授予查询任务详情的权限。

read

-

-

workspace:imageServer:list

授予查询镜像实例列表的权限。

list

imageServer *

-

-

g:EnterpriseProjectId

workspace:imageServer:create

授予创建镜像实例的权限。

write

imageServer *

-

-

g:EnterpriseProjectId

workspace:imageServer:get

授予查询指定镜像实例的权限。

read

imageServer *

g:EnterpriseProjectId

workspace:imageServer:update

授予修改镜像实例的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:attachApp

授予分发软件信息至镜像实例的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:listLatestAttachedApp

授予查询最近一次分发软件信息列表的权限。

list

imageServer *

-

workspace:imageServer:recreate

授予构建云应用镜像的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:batchDelete

授予批量删除镜像实例的权限。

write

imageServer *

g:EnterpriseProjectId

workspace:imageServer:listImageSubJobs

授予子任务查询的权限。

list

-

-

workspace:imageServer:batchDeleteImageSubJobs

授予批量删除子任务的权限。

write

-

-

workspace:imageServer:countImageSubJobs

授予子任务数量查询的权限。

read

-

-

workspace:appGroup:listMailRecord

授予查询应用组授权邮件发送记录的权限。

list

-

-

workspace:appGroup:resendMail

授予重发应用组授权邮件(根据授权邮件记录)的权限。

write

-

-

workspace:storage:listPersistentStorage

授予查询WKS存储的权限。

list

storage *

-

workspace:storage:createPersistentStorage

授予创建WKS存储的权限。

write

storage *

-

workspace:storage:deletePersistentStorage

授予删除WKS存储的权限。

write

storage *

-

workspace:storage:updateUserFolderAssignment

授予创建个人存储目录的权限。

write

storage *

-

workspace:storage:updateShareFolderAssignment

授予修改共享目录成员的权限。

write

storage *

-

workspace:storage:createShareFolder

授予创建共享存储目录的权限。

write

storage *

-

workspace:storage:deleteStorageClaim

授予删除共享目录的权限。

write

storage *

-

workspace:storage:deleteUserStorageAttachment

授予删除个人存储目录的权限。

write

storage *

-

workspace:storage:batchDeletePersistentStorage

授予批量删除WKS存储的权限。

write

storage *

-

workspace:storage:listStorageAssignment

授予查询个人存储目录的权限。

list

storage *

-

workspace:storage:listShareFolder

授予查询共享存储目录的权限。

list

storage *

-

workspace:policyGroups:deleteTemplate

授予删除策略模板的权限。

write

-

-

workspace:privacystatements:get

授予查询最新版本的隐私声明的权限。

read

-

-

workspace:scalingPolicy:delete

授予删除弹性伸缩策略的权限。

write

-

-

workspace:scalingPolicy:list

授予查询服务器组弹性伸缩策略的权限。

read

-

-

workspace:scalingPolicy:create

授予新增/修改弹性伸缩策略的权限。

write

-

-

workspace:session:listAppConnection

授予查询应用使用记录的权限。

write

-

-

workspace:session:logoffUserSession

授予用户会话注销的权限。

write

-

-

workspace:session:listUserConnection

授予查询用户登录记录的权限。

write

-

-

workspace:session:listSessionByUserName

授予根据用户名查询当前会话的权限。

list

-

-

workspace:storagePolicy:create

授予新增或更新存储目录访问权限自定义策略的权限。

write

storage *

-

workspace:storagePolicy:list

授予查询存储目录访问权限策略的权限。

list

storage *

-

workspace:storage:listSfs3Storage

授予查询SFS3.0存储的权限。

list

storage *

-

workspace:baseResource:list

授予查询可用分区列表的权限。

list

-

-

workspace:tenants:listConfigInfo

授予查询企业系统配置的权限。

list

-

-

workspace:tenants:active

授予租户服务激活、初始化的权限。

write

-

-

workspace:tenants:listTenantProfile

授予查询租户信息的权限。

list

-

-

workspace:server:listServerMetricData

授予查询服务器的监控数据的权限。

list

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:session:listSessions

授予查询企业会话列表的权限。

list

-

-

workspace:appWarehouse:updateApp

授予更新应用仓库中的应用的权限。

write

-

-

workspace:server:batchChangeImage

授予批量切换服务器镜像的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:server:batchReinstall

授予批量重装服务器的权限。

write

server *

  • g:ResourceTag/<tag-key>
  • g:EnterpriseProjectId

workspace:tenants:updateAccessAddressBackupConfig

授予修改云办公服务接入地址备份配置的权限

write

-

-

workspace:tenants:listAccessAddressBackupConfig

授予获取云办公服务接入地址备份配置的权限

list

-

-

workspace:desktops:listWithConnectStatus

授予查询桌面连接状态列表的权限

list

-

-

workspace:orders:createDesktopOrder

授予创建桌面订单的权限

write

-

-

workspace:products:listHourPackageProducts

授予查询可订购小时包套餐的权限

list

-

-

云桌面Workspace的API通常对应着一个或多个授权项。表2展示了API与授权项的关系,以及该API需要依赖的授权项。

表2 API与操作项的关系

API

对应的操作项

依赖的操作项

GET /v2/{project_id}/auth-config/method-config

workspace:authConfigs:get

-

PUT /v2/{project_id}/auth-config/method-config

workspace:authConfigs:update

-

GET /v2/{project_id}/assist-auth-config/method-config

workspace:assistAuthConfigs:get

-

PUT /v2/{project_id}/assist-auth-config/method-config

workspace:assistAuthConfigs:update

-

POST /v2/{project_id}/workspace-jobs/{job_id}/actions

workspace:jobs:retry

-

GET /v2/{project_id}/quotas

workspace:quotas:get

-

GET /v2/{project_id}/tenants/roles

workspace:tenants:getRoles

-

GET /v2/{project_id}/tenant-configs

workspace:tenants:ListConfig

-

PUT /v2/{project_id}/tenant-configs

workspace:tenants:updateConfig

-

GET /v2/{project_id}/nat-mapping-configs

workspace:natMappings:getConfig

-

PUT /v2/{project_id}/nat-mapping-configs

workspace:natMappings:updateConfig

-

GET /v2/{project_id}/workspaces

workspace:tenants:get

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:securityGroups:get

POST /v2/{project_id}/workspaces

workspace:tenants:open

  • eip:bandwidths:create
  • eip:publicIps:create
  • elb:healthmonitors:create
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:update
  • elb:listeners:show
  • elb:listeners:list
  • elb:loadbalancers:create
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:update
  • elb:pools:show
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:securityGroupRules:create
  • vpc:securityGroupRules:delete
  • vpc:securityGroupRules:get
  • vpc:securityGroups:create
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:get

DELETE /v2/{project_id}/workspaces

workspace:tenants:delete

  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:delete
  • elb:listeners:show
  • elb:loadbalancers:delete
  • elb:loadbalancers:show
  • elb:members:delete
  • elb:members:list
  • elb:pools:delete
  • elb:pools:show
  • vpc:ports:delete
  • vpc:securityGroups:delete
  • vpcep:endpoints:delete
  • vpcep:endpoints:get
  • eip:publicIps:disassociateInstance
  • eip:bandwidths:delete
  • eip:publicIps:delete

PUT /v2/{project_id}/workspaces

workspace:tenants:update

  • eip:bandwidths:create
  • eip:bandwidths:delete
  • eip:publicIps:create
  • eip:publicIps:delete
  • eip:publicIps:disassociateInstance
  • elb:healthmonitors:create
  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:delete
  • elb:listeners:update
  • elb:listeners:show
  • elb:loadbalancers:create
  • elb:loadbalancers:delete
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:delete
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:delete
  • elb:pools:update
  • elb:pools:show
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:delete
  • vpcep:endpoints:get

GET /v2/{project_id}/workspaces/lock-status

workspace:tenants:getLockStatus

-

PUT /v2/{project_id}/workspaces/lock-status

workspace:tenants:unlock

-

POST /v2/{project_id}/agencies

workspace:agencies:create

  • iam:agencies:listV5
  • iam:agencies:getV5
  • iam:agencies:createServiceLinkedAgencyV5
  • iam:roles:getRole
  • iam:roles:listRoles
  • iam:agencies:getAgency
  • iam:agencies:listAgencies
  • iam:agencies:createAgency
  • iam:permissions:listRolesForAgencyOnProject
  • iam:permissions:grantRoleToAgencyOnProject

GET /v2/{project_id}/agencies

workspace:agencies:get

  • iam:agencies:listV5
  • iam:agencies:getV5
  • iam:agencies:getAgency
  • iam:agencies:listAgencies
  • iam:permissions:listRolesForAgencyOnProject

POST /v3/{project_id}/desktops/{desktop_id}/ai-accelerate-job

workspace:desktops:commitAiAccelerateJob

-

POST /v2/{project_id}/desktops/{desktop_id}/ai-accelerate-job

workspace:desktops:createAiAccelerateJob

-

GET /v2/{project_id}/ai-accelerate-job/{job_id}

workspace:desktops:getAiAccelerateJob

-

POST /v2/{project_id}/sysprep

workspace:desktops:getSysPrepInfo

-

POST /v2/{project_id}/verification/batch-change-image

workspace:desktops:checkBatchChangeImage

ims:images:list

GET /v2/{project_id}/desktop-name-policies

workspace:tenants:listDesktopNamePolicies

-

POST /v2/{project_id}/desktop-name-policies

workspace:tenants:createDesktopNamePolicy

-

PUT /v2/{project_id}/desktop-name-policies/{policy_id}

workspace:tenants:updateDesktopNamePolicy

-

POST /v2/{project_id}/desktop-name-policies/batch-delete

workspace:tenants:batchDeleteDesktopNamePolicies

-

POST /v2/{project_id}/desktop-pools

workspace:desktopPools:create

  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get
  • dss:pools:list

GET /v2/{project_id}/desktop-pools

workspace:desktopPools:list

ims:images:list

PUT /v2/{project_id}/desktop-pools/{pool_id}

workspace:desktopPools:update

-

DELETE /v2/{project_id}/desktop-pools/{pool_id}

workspace:desktopPools:delete

-

GET /v2/{project_id}/desktop-pools/{pool_id}

workspace:desktopPools:get

ims:images:list

POST /v2/{project_id}/desktop-pools/{pool_id}/expand

workspace:desktopPools:expand

  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get
  • dss:pools:list

POST /v2/{project_id}/desktop-pools/{pool_id}/resize

workspace:desktopPools:resize

  • vpc:subnets:get
  • ims:images:list

POST /v2/{project_id}/desktop-pools/{pool_id}/rebuild

workspace:desktopPools:rebuild

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

POST /v2/{project_id}/desktop-pools/{pool_id}/volumes/batch-add

workspace:desktopPools:batchAddVolumes

-

POST /v2/{project_id}/desktop-pools/{pool_id}/volumes/batch-delete

workspace:desktopPools:batchDeleteVolumes

-

POST /v2/{project_id}/desktop-pools/{pool_id}/volumes/batch-expand

workspace:desktopPools:batchExpandVolumes

-

POST /v2/{project_id}/desktop-pools/{pool_id}/action

workspace:desktopPools:operate

-

GET /v2/{project_id}/desktop-pools/{pool_id}/users

workspace:desktopPools:listUsers

-

POST /v2/{project_id}/desktop-pools/{pool_id}/users

workspace:desktopPools:authorizeUsers

ims:images:list

GET /v2/{project_id}/desktop-pools/{pool_id}/desktops

workspace:desktopPools:listDesktops

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

GET /v2/{project_id}/desktop-pools/script-execution-tasks/detail

workspace:desktopPools:listScriptTasks

-

POST /v2/{project_id}/desktop-pools/{pool_id}/script-executions

workspace:desktopPools:executeScripts

-

POST /v2/{project_id}/desktop-pools/{pool_id}/notifications

workspace:desktopPools:sendNotifications

-

GET /v3/{project_id}/desktops/export

workspace:desktops:export

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

POST /v2/{project_id}/desktops

workspace:desktops:create

  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • eip:publicIps:get
  • eip:publicIps:list
  • eip:publicIps:create
  • eip:publicIps:associateInstance
  • eip:publicIps:delete
  • eip:publicIps:createTags
  • vpc:quotas:list
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get
  • dss:pools:list

GET /v2/{project_id}/desktops

workspace:desktops:list

-

PUT /v2/{project_id}/desktops/{desktop_id}

workspace:desktops:update

-

DELETE /v2/{project_id}/desktops/{desktop_id}

workspace:desktops:delete

  • vpc:ports:get
  • vpc:ports:delete

GET /v2/{project_id}/desktops/{desktop_id}

workspace:desktops:get

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

POST /v2/{project_id}/desktops/batch-delete

workspace:desktops:batchDelete

  • vpc:ports:get
  • vpc:ports:delete

POST /v2/{project_id}/desktops/logoff

workspace:desktops:logoff

-

GET /v2/{project_id}/desktops/detail

workspace:desktops:listDetail

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

POST /v2/{project_id}/desktops/action

workspace:desktops:operate

-

POST /v2/{project_id}/desktops/resize

workspace:desktops:resize

  • vpc:subnets:get
  • ims:images:list

GET /v2/{project_id}/connections/status

workspace:desktops:getConnectStatus

-

GET /v2/{project_id}/desktops/status

workspace:desktops:ListStatus

-

POST /v2/{project_id}/desktops/rebuild

workspace:desktops:rebuild

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

GET /v2/{project_id}/desktops/{desktop_id}/actions

workspace:desktops:getActions

-

GET /v2/{project_id}/desktops/{desktop_id}/remote-consoles

workspace:desktops:createConsole

-

PUT /v2/{project_id}/desktops/sids

workspace:desktops:updateSids

-

POST /v2/{project_id}/desktops/{desktop_id}/rejoin-domain

workspace:desktops:rejoinDomain

-

POST /v2/{project_id}/desktops/desktop-to-image

workspace:desktops:createImage

  • ims:quotas:get
  • ims:images:get
  • ims:images:list
  • ims:images:setTags
  • ims:images:setOrDeleteTags
  • ims:images:updateMemberStatus
  • ims:images:copyInRegion
  • ims:serverImages:create

POST /v2/{project_id}/desktops/batch-detach

workspace:desktops:batchDetach

vpc:ports:get

POST /v2/{project_id}/desktops/detach

workspace:desktops:detach

vpc:ports:get

POST /v2/{project_id}/desktops/attach

workspace:desktops:attach

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

GET /v2/{project_id}/desktops/{desktop_id}/networks

workspace:desktops:getNetwork

  • vpc:vpcs:get
  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:get
  • vpc:securityGroups:get
  • eip:publicIps:list

PUT /v2/{project_id}/desktops/{desktop_id}/networks

workspace:desktops:changeNetwork

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:networks:get
  • vpc:ports:get
  • vpc:ports:create
  • vpc:ports:update
  • vpc:ports:delete
  • vpc:securityGroups:get
  • eip:publicIps:list
  • eip:publicIps:associateInstance
  • eip:publicIps:disassociateInstance

GET /v2/{project_id}/exclusive-hosts/{host_id}/desktops

workspace:exclusiveHosts:listDesktops

-

GET /v2/{project_id}/all-desktops

workspace:desktops:listAll

-

GET /v2/{project_id}/desktop-associate/discover-vm/infos

workspace:desktopAssociate:listDiscoverVmInfo

-

POST /v2/{project_id}/desktop-associate/tasks

workspace:desktopAssociate:startTask

-

POST /v2/{project_id}/desktop-associate/discover-vm/switch

workspace:desktopAssociate:switchScanTask

-

GET /v2/{project_id}/desktop-associate/discover-vm/switch

workspace:desktopAssociate:getScanTaskSwitch

-

PUT /v2/{project_id}/desktops/maintenance-mode

workspace:desktops:setMaintenanceMode

-

POST /v2/{project_id}/desktops/pre-batch-attach

workspace:desktops:prepAttachUsers

-

POST /v2/{project_id}/desktops/batch-attach

workspace:desktops:batchAttachUsers

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

PUT /v2/{project_id}/desktops/change-username

workspace:desktops:changeUsername

-

POST /v2/{project_id}/desktops/notifications

workspace:desktops:sendNotifications

-

POST /v2/{project_id}/desktops/{desktop_id}/migrate

workspace:desktops:migrate

  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:update
  • vpc:ports:get

GET /v2/{project_id}/desktops/agents

workspace:desktops:listAgents

-

POST /v2/{project_id}/desktops/agents

workspace:desktops:batchInstallAgents

-

GET /v2/{project_id}/desktops/{desktop_id}/tags

workspace:desktops:listTags

-

POST /v2/{project_id}/desktops/{desktop_id}/tags

workspace:desktops:tag

-

DELETE /v2/{project_id}/desktops/{desktop_id}/tags/{key}

workspace:desktops:untag

-

GET /v2/{project_id}/desktops/tags

workspace:desktops:listProjectTags

-

POST /v2/{project_id}/desktops/{desktop_id}/tags/action

workspace:desktops:operateTags

-

POST /v2/{project_id}/desktops/resource_instances/action

workspace:desktops:listByTags

-

POST /v2/{project_id}/desktops/batch-tags

workspace:desktops:tag

-

DELETE /v2/{project_id}/desktops/batch-tags

workspace:desktops:untag

-

POST /v2/{project_id}/exclusive-hosts

workspace:exclusiveHosts:create

  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:subnets:get
  • vpc:vpcs:get

GET /v2/{project_id}/exclusive-hosts

workspace:exclusiveHosts:list

-

POST /v2/{project_id}/exclusive-hosts/check-limits

workspace:exclusiveHosts:check

-

GET /v2/{project_id}/exclusive-hosts/{host_id}

workspace:exclusiveHosts:get

  • nat:snatRules:list
  • eip:publicIps:list

PUT /v2/{project_id}/exclusive-hosts/{host_id}

workspace:exclusiveHosts:update

-

DELETE /v2/{project_id}/exclusive-hosts/{host_id}

workspace:exclusiveHosts:delete

-

GET /v2/{project_id}/market-images

workspace:mkp:listImages

ims:images:list

GET /v2/{project_id}/mkp/commodities/commodity-ids

workspace:mkp:listCommodityInfos

-

POST /v2/{project_id}/mkp/order

workspace:mkp:createOrder

-

POST /v2/{project_id}/mkp/product-reserve

workspace:mkp:listListProductReserve

-

GET /v2/{project_id}/mkp/commodities

workspace:mkp:listCommodityDetails

-

GET /v2/{project_id}/mkp/commodities/{commodity_id}/relation-commodities

workspace:mkp:listRelationCommodityDetails

-

GET /v2/{project_id}/mkp/commodities/agreements

workspace:mkp:listCommodityAgreements

-

GET /v2/{project_id}/eips

workspace:networks:listEips

  • eip:publicIps:list
  • eip:bandwidths:list

POST /v2/{project_id}/eips

workspace:networks:createEips

  • vpc:quotas:list
  • eip:publicIps:create
  • eip:publicIps:associateInstance

POST /v2/{project_id}/eips/binding

workspace:networks:bindEips

  • eip:publicIps:associateInstance
  • eip:publicIps:get

POST /v2/{project_id}/eips/unbinding

workspace:networks:unbindEips

  • eip:publicIps:list
  • eip:publicIps:disassociateInstance

GET /v2/{project_id}/eips/quotas

workspace:networks:getEipQuota

vpc:quotas:list

GET /v2/{project_id}/nat-gateways

workspace:networks:ListNatGateways

  • vpc:subnets:get
  • vpc:vpcs:get
  • nat:snatRules:list
  • nat:natGateways:list

POST /v2/{project_id}/periodic/subscribe/order

workspace:orders:create

  • ims:images:list
  • vpc:vpcs:get
  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:get
  • bss:order:update

POST /v2/{project_id}/periodic/{desktop_id}/change/order

workspace:orders:change

  • ims:images:list
  • bss:order:update

POST /v2/{project_id}/periodic/change/batch-order

workspace:orders:change

  • ims:images:list
  • bss:order:update

POST /v2/{project_id}/periodic/inquiry/change-image

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/change/order

workspace:orders:change

  • ims:images:list
  • bss:order:update

POST /v2/{project_id}/desktop-pool/periodic/inquiry/add-volume

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/inquiry/change-image

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/inquiry/extend-volume

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/inquiry/resize

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/periodic/inquiry/add-resources

workspace:orders:batchInquiry

ims:images:list

GET /v2/{project_id}/checkOrderLimits

workspace:quotas:check

-

POST /v2/{project_id}/render-desktops

workspace:renderDesktops:create

  • ims:images:list
  • ims:images:share
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get

DELETE /v2/{project_id}/render-desktops

workspace:renderDesktops:delete

  • vpc:ports:get
  • vpc:ports:delete

GET /v2/{project_id}/render-desktops

workspace:renderDesktops:list

-

POST /v2/{project_id}/render-desktops/action

workspace:renderDesktops:action

-

GET /v2/{project_id}/scheduled-tasks

workspace:scheduledTasks:list

-

POST /v2/{project_id}/scheduled-tasks

workspace:scheduledTasks:create

-

GET /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:get

-

PUT /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:update

-

DELETE /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:delete

-

POST /v2/{project_id}/scheduled-tasks/future-executions

workspace:scheduledTasks:getFuture

-

POST /v2/{project_id}/scheduled-tasks/batch-delete

workspace:scheduledTasks:batchDelete

-

GET /v2/{project_id}/scheduled-tasks/{task_id}/records

workspace:scheduledTasks:listRecords

-

GET /v2/{project_id}/scheduled-tasks/{task_id}/records/{record_id}

workspace:scheduledTasks:getRecord

-

POST /v2/{project_id}/scheduled-tasks/{task_id}/records/export

workspace:scheduledTasks:exportRecords

-

POST /v2/{project_id}/user/share-resources

workspace:users:subscribeSharer

-

POST /v2/{project_id}/desktop/sub-resources

workspace:desktops:addSubResources

-

POST /v2/{project_id}/desktop/delete-sub-resources

workspace:desktops:deleteSubResources

-

POST /v2/{project_id}/desktops/{desktop_id}/snapshots

workspace:desktops:createSnapshots

-

GET /v2/{project_id}/desktops/{desktop_id}/snapshots

workspace:desktops:getSnapshots

-

DELETE /v2/{project_id}/desktops/{desktop_id}/snapshots

workspace:desktops:deleteSnapshots

-

POST /v2/{project_id}/desktops/{desktop_id}/snapshots/restore

workspace:desktops:restoreBySnapshot

-

GET /v2/{project_id}/statistics

workspace:statistics:listDesktopStatus

-

GET /v2/{project_id}/desktops/statistics/unused

workspace:statistics:getUnused

-

POST /v2/{project_id}/desktops/statistics/used

workspace:statistics:getUsed

-

GET /v3/{project_id}/terminals/binding-desktops/template/export

workspace:bindingPolicies:export

-

GET /v2/{project_id}/terminals/binding-desktops/config

workspace:bindingPolicies:getConfig

-

POST /v2/{project_id}/terminals/binding-desktops/config

workspace:bindingPolicies:createConfig

-

GET /v2/{project_id}/terminals/binding-desktops

workspace:bindingPolicies:get

-

POST /v2/{project_id}/terminals/binding-desktops

workspace:bindingPolicies:add

-

PUT /v2/{project_id}/terminals/binding-desktops

workspace:bindingPolicies:update

-

POST /v2/{project_id}/terminals/binding-desktops/batch-delete

workspace:bindingPolicies:delete

-

POST /v2/{project_id}/desktops/{desktop_id}/volumes/batch-delete

workspace:volumes:delete

-

POST /v2/{project_id}/volumes

workspace:volumes:batchAdd

-

POST /v2/{project_id}/volumes/expand

workspace:volumes:batchExpand

-

GET /v2/{project_id}/hosts/types

workspace:wdh:getType

-

GET /v2/{project_id}/hosts

workspace:wdh:get

-

GET /v2/{project_id}/desktops/{desktop_id}/remote-assistance

workspace:desktops:getRemoteAssistance

-

POST /v2/{project_id}/desktops/{desktop_id}/remote-assistance

workspace:desktops:createRemoteAssistance

-

DELETE /v2/{project_id}/desktops/{desktop_id}/remote-assistance

workspace:desktops:cancelRemoteAssistance

-

POST /v2/{project_id}/desktops/{desktop_id}/volumes

workspace:volumes:add

-

POST /v2/{project_id}/desktops/{desktop_id}/volumes/{volume_id}/expand

workspace:volumes:expand

-

GET /v2/{project_id}/dss-pools/detail

workspace:volumes:listDssPoolsDetail

dss:pools:list

GET /v2/{project_id}/common/timezones

workspace:common:listTimezones

-

GET /v3/{project_id}/desktops/connections/export

workspace:connections:securityExport

-

GET /v2/{project_id}/images

workspace:images:list

ims:images:list

POST /v2/{project_id}/policy-groups/import

workspace:policyGroups:import

-

POST /v2/{project_id}/access-policy

workspace:accessPolicies:create

-

GET /v2/{project_id}/access-policy

workspace:accessPolicies:get

-

DELETE /v2/{project_id}/access-policy

workspace:accessPolicies:delete

-

GET /v2/{project_id}/access-policy/{access_policy_id}/objects

workspace:accessPolicies:getTarget

-

PUT /v2/{project_id}/access-policy/{access_policy_id}/objects

workspace:accessPolicies:updateTarget

-

GET /v2/{project_id}/products

workspace:products:listDesktopProducts

ecs:cloudServerFlavors:get

GET /v2/{project_id}/products/sharer

workspace:products:listSharerProducts

-

GET /v2/{project_id}/products/adninternet

workspace:products:listInternetProducts

-

GET /v2/{project_id}/availability-zones

workspace:availabilityZones:list

-

GET /v2/{project_id}/groups/export

workspace:userGroups:export

-

POST /v3/{project_id}/users/export

workspace:users:export

-

POST /v2/{project_id}/users/import

workspace:users:import

-

GET /v3/{project_id}/groups/{group_id}/users/export

workspace:userGroups:exportUsers

-

GET /v2/{project_id}/groups/{group_id}/users/export

workspace:userGroups:exportUsers

-

POST /v2/{project_id}/users/{user_id}/actions

workspace:users:operate

-

GET /v2/{project_id}/users/{user_id}/random-password

workspace:users:randomPassword

-

DELETE /v2/{project_id}/users/{user_id}/otp-devices

workspace:users:deleteOtps

-

POST /v2/{project_id}/users/{user_id}/resend-email

workspace:users:resendEmail

-

GET /v2/{project_id}/connections/desktops

workspace:connections:securityList

-

GET /v2/{project_id}/connections/desktops/export

workspace:connections:securityExport

-

GET /v2/{project_id}/connections/online-users

workspace:connections:listOnlineUsers

-

GET /v2/{project_id}/desktops/connections

workspace:connections:securityList

-

GET /v2/{project_id}/desktops/connections/export

workspace:connections:securityExport

-

GET /v2/{project_id}/desktops/online-users

workspace:connections:listOnlineUsers

-

GET /v2/{project_id}/groups

workspace:userGroups:list

-

POST /v2/{project_id}/groups

workspace:userGroups:create

-

POST /v2/{project_id}/groups/batch-delete

workspace:userGroups:batchDelete

-

DELETE /v2/{project_id}/groups/{group_id}

workspace:userGroups:delete

-

PUT /v2/{project_id}/groups/{group_id}

workspace:userGroups:update

-

POST /v2/{project_id}/groups/{group_id}/actions

workspace:userGroups:operate

-

GET /v2/{project_id}/groups/{group_id}/users

workspace:userGroups:getUsers

-

GET /v2/{project_id}/workspace-sub-jobs

workspace:jobs:listSubJobs

-

POST /v2/{project_id}/workspace-sub-jobs/batch-delete

workspace:jobs:deleteSubJobRecords

-

GET /v2/{project_id}/ous

workspace:ou:get

-

POST /v2/{project_id}/ous

workspace:ou:create

-

DELETE /v2/{project_id}/ous/{ou_id}

workspace:ou:delete

-

PUT /v2/{project_id}/ous/{ou_id}

workspace:ou:update

-

GET /v2/{project_id}/policy-groups

workspace:policyGroups:list

-

POST /v2/{project_id}/policy-groups

workspace:policyGroups:create

-

DELETE /v2/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:delete

-

GET /v2/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:get

-

PUT /v2/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:update

-

POST /v2/{project_id}/policy-groups/export

workspace:policyGroups:export

-

GET /v2/{project_id}/policy-groups/{policy_group_id}/policies

workspace:policyGroups:listPolicies

-

PUT /v2/{project_id}/policy-groups/{policy_group_id}/policies

workspace:policyGroups:updatePolicies

-

GET /v2/{project_id}/policy-groups/{policy_group_id}/targets

workspace:policyGroups:listTargets

-

PUT /v2/{project_id}/policy-groups/{policy_group_id}/targets

workspace:policyGroups:updateTargets

-

GET /v2/{project_id}/policy-groups/detail

workspace:policyGroups:listDetail

-

GET /v2/{project_id}/policy-groups/original-policies

workspace:policyGroups:getOriginalPolicies

-

GET /v2/{project_id}/users

workspace:users:list

-

POST /v2/{project_id}/users

workspace:users:create

-

DELETE /v2/{project_id}/users/{user_id}

workspace:users:delete

-

GET /v2/{project_id}/users/{user_id}

workspace:users:get

-

PUT /v2/{project_id}/users/{user_id}

workspace:users:update

-

POST /v2/{project_id}/users/batch-delete

workspace:users:batchDelete

-

POST /v2/{project_id}/users/password

workspace:users:resetPassword

-

POST /v2/{project_id}/users/password-token

workspace:users:checkResetPasswordToken

-

GET /v2/{project_id}/users/desktop-users/template

workspace:users:getTemplate

-

POST /v2/{project_id}/users/exist

workspace:users:checkExist

-

GET /v2/{project_id}/users/{user_id}/otp-devices

workspace:users:listOtps

-

GET /v2/{project_id}/users/template/download

workspace:users:getImportTemplate

-

POST /v2/{project_id}/users/export

workspace:users:export

-

POST /v2/{project_id}/users/batch-create

workspace:users:batchCreate

-

GET /v2/{project_id}/volume/products

workspace:products:listVolumeProducts

-

GET /v2/{project_id}/export-tasks

workspace:tenants:listExportTasks

-

POST /v2/{project_id}/export-tasks/batch-delete

workspace:tenants:deleteExportTasks

-

GET /v2/{project_id}/export-tasks/{task_id}/download

workspace:tenants:exportData

-

GET /v2/{project_id}/alarms

workspace:statistics:listAlarm

ces:alarmHistory:list

GET /v2/{project_id}/statistics/alarms

workspace:statistics:getAlarm

ces:alarmHistory:list

GET /v2/{project_id}/statistics/growth-rate

workspace:statistics:getGrowthRate

-

GET /v2/{project_id}/statistics/metrics

workspace:statistics:getMetric

-

GET /v2/{project_id}/statistics/metrics/trend

workspace:statistics:getMetricTrend

-

PUT /v2/{project_id}/statistics/notify-rules/{rule_id}

workspace:statistics:updateNotificationRules

smn:topic:get

DELETE /v2/{project_id}/statistics/notify-rules/{rule_id}

workspace:statistics:deleteNotificationRules

-

POST /v2/{project_id}/statistics/notify-rules

workspace:statistics:createNotifyRules

smn:topic:get

GET /v2/{project_id}/statistics/notify-rules

workspace:statistics:listNotificationRules

-

GET /v2/{project_id}/statistics/notification-records

workspace:statistics:listNotificationRecords

-

GET /v2/{project_id}/statistics/metrics/desktops

workspace:statistics:listDesktopMetrics

-

GET /v2/{project_id}/statistics/metrics/desktops/export

workspace:statistics:exportDesktopMetrics

-

GET /v2/{project_id}/statistics/metrics/users

workspace:statistics:listUserMetrics

-

GET /v2/{project_id}/statistics/metrics/users/export

workspace:statistics:exportUserMetrics

-

GET /v3/{project_id}/statistics/metrics/desktops/export

workspace:statistics:exportDesktopMetrics

-

GET /v3/{project_id}/statistics/metrics/users/export

workspace:statistics:exportUserMetrics

-

POST /v1/{project_id}/app-center/buckets/actions/create-credential

workspace:appcenter:createBucketCredential

  • obs:bucket:GetBucketAcl
  • obs:object:PutObject
  • obs:object:DeleteObject

POST /v1/{project_id}/app-center/buckets

workspace:appcenter:createAndAuthorizeBucket

  • obs:bucket:HeadBucket
  • obs:bucket:PutBucketAcl
  • obs:bucket:PutReplicationConfiguration
  • obs:bucket:CreateBucket
  • obs:bucket:PutBucketCORS

GET /v1/{project_id}/app-center/apps

workspace:appcenter:listApps

-

POST /v1/{project_id}/app-center/apps

workspace:appcenter:createApp

-

PATCH /v1/{project_id}/app-center/apps/{app_id}

workspace:appcenter:updateApp

-

DELETE /v1/{project_id}/app-center/apps/{app_id}

workspace:appcenter:deleteApp

-

POST /v1/{project_id}/app-center/apps/{app_id}/actions/auto-install

workspace:appcenter:installApp

-

GET /v1/{project_id}/app-center/apps/{app_id}/authorizations

workspace:appcenter:listAppAuthorizations

-

POST /v1/{project_id}/app-center/apps/{app_id}/actions/assign-authorizations

workspace:appcenter:batchUpdateAppAuthorizations

-

POST /v1/{project_id}/app-center/apps/actions/batch-delete

workspace:appcenter:batchDeleteApps

-

POST /v1/{project_id}/app-center/apps/actions/batch-disable

workspace:appcenter:batchDisableApps

-

POST /v1/{project_id}/app-center/apps/actions/batch-enable

workspace:appcenter:batchEnableApps

-

POST /v1/{project_id}/app-center/apps/actions/batch-assign-authorization

workspace:appcenter:batchUpdateAppAuthorizations

-

POST /v1/{project_id}/app-center/apps/actions/batch-auto-install

workspace:appcenter:batchInstallApps

-

GET /v1/{project_id}/app-center/app-catalogs

workspace:appcenter:listAppCatalogs

-

GET /v1/{project_id}/app-center/jobs

workspace:appcenter:listJobs

-

POST /v1/{project_id}/app-center/jobs/actions/batch-delete

workspace:appcenter:batchDeleteJobs

-

POST /v1/{project_id}/app-center/jobs/actions/retry

workspace:appcenter:retryJobs

-

POST /v1/{project_id}/app-center/app-rules

workspace:appcenter:createAppRule

-

GET /v1/{project_id}/app-center/app-rules

workspace:appcenter:listAppRule

-

PATCH /v1/{project_id}/app-center/app-rules/{rule_id}

workspace:appcenter:updateAppRule

-

DELETE /v1/{project_id}/app-center/app-rules/{rule_id}

workspace:appcenter:deleteAppRule

-

POST /v1/{project_id}/app-center/app-rules/batch-delete

workspace:appcenter:batchDeleteAppRules

-

POST /v1/{project_id}/app-center/app-rules/actions/enable-rule-restriction

workspace:appcenter:enableRuleRestriction

-

POST /v1/{project_id}/app-center/app-rules/actions/disable-rule-restriction

workspace:appcenter:disableRuleRestriction

-

POST /v1/{project_id}/app-center/app-restricted-rules

workspace:appcenter:addRestrictedRule

-

GET /v1/{project_id}/app-center/app-restricted-rules

workspace:appcenter:listRestrictedRule

-

POST /v1/{project_id}/app-center/app-restricted-rules/actions/batch-delete

workspace:appcenter:deleteRestrictedRule

-

PATCH /v1/{project_id}/app-center/profiles

workspace:appcenter:updateTenantProfile

-

GET /v1/{project_id}/app-center/profiles

workspace:appcenter:listTenantProfiles

-

POST /v2/{project_id}/scripts

workspace:scripts:create

-

GET /v2/{project_id}/scripts

workspace:scripts:list

-

GET /v2/{project_id}/scripts/{script_id}

workspace:scripts:get

-

PUT /v2/{project_id}/scripts/{script_id}

workspace:scripts:put

-

DELETE /v2/{project_id}/scripts/{script_id}

workspace:scripts:delete

-

POST /v2/{project_id}/script-executions

workspace:scripts:execute

-

GET /v2/{project_id}/script-execution-records/{record_id}

workspace:scripts:getRecordDetail

-

GET /v2/{project_id}/script-execution-records

workspace:scripts:listRecords

-

GET /v2/{project_id}/script-execution-tasks

workspace:scripts:listTasks

-

POST /v2/{project_id}/script-executions/retry

workspace:scripts:retry

-

POST /v2/{project_id}/script-executions/stop

workspace:scripts:stop

-

POST /v2/{project_id}/script-execution-records/{record_id}/download

workspace:scripts:download

-

GET /v2/{project_id}/share-space/configuration

workspace:tenants:getShareSpaceConfig

-

PUT /v2/{project_id}/share-space/configuration

workspace:tenants:updateShareSpaceConfig

-

GET /v2/{project_id}/auth-config/status

workspace:authConfigs:getStatus

-

POST /v2/{project_id}/privacystatement

workspace:privacystatements:sign

-

GET /v2/{project_id}/quotas/detail

workspace:quotas:get

-

GET /v2/{project_id}/sites

workspace:sites:get

-

POST /v2/{project_id}/sites

workspace:sites:add

  • eip:bandwidths:create
  • eip:publicIps:create
  • elb:healthmonitors:create
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:update
  • elb:listeners:show
  • elb:listeners:list
  • elb:loadbalancers:create
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:update
  • elb:pools:show
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:securityGroupRules:create
  • vpc:securityGroupRules:delete
  • vpc:securityGroupRules:get
  • vpc:securityGroups:create
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:get

DELETE /v2/{project_id}/sites/{site_id}

workspace:sites:delete

  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:delete
  • elb:listeners:show
  • elb:loadbalancers:delete
  • elb:loadbalancers:show
  • elb:members:delete
  • elb:members:list
  • elb:pools:delete
  • elb:pools:show
  • vpc:ports:delete
  • vpc:securityGroups:delete
  • vpcep:endpoints:delete
  • vpcep:endpoints:get
  • eip:publicIps:disassociateInstance
  • eip:bandwidths:delete
  • eip:publicIps:delete

PUT /v2/{project_id}/sites/{site_id}/access-mode

workspace:sites:updateAccessMode

  • eip:bandwidths:create
  • eip:bandwidths:delete
  • eip:publicIps:create
  • eip:publicIps:delete
  • eip:publicIps:disassociateInstance
  • elb:healthmonitors:create
  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:delete
  • elb:listeners:update
  • elb:listeners:show
  • elb:loadbalancers:create
  • elb:loadbalancers:delete
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:delete
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:delete
  • elb:pools:update
  • elb:pools:show
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:delete
  • vpcep:endpoints:get

PUT /v2/{project_id}/sites/{site_id}/subnet-ids

workspace:sites:updateSubnets

  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get

GET /v2/{project_id}/tenants/lock-status

workspace:tenants:getLockStatus

-

PUT /v2/{project_id}/tenants/lock-status

workspace:tenants:unlock

-

POST /v2/{project_id}/workspaces/enterprise-ids/check

workspace:tenants:checkEnterpriseIds

-

PUT /v2/{project_id}/workspaces/enterprise-id

workspace:tenants:updateEnterpriseId

-

POST /v2/{project_id}/bandwidths

workspace:bandwidth:create

-

GET /v2/{project_id}/bandwidths

workspace:bandwidth:list

-

POST /v2/{project_id}/bandwidths/{bandwidth_id}/update

workspace:bandwidth:update

-

DELETE /v2/{project_id}/bandwidths/{bandwidth_id}

workspace:bandwidth:delete

-

GET /v2/{project_id}/bandwidths/{bandwidth_id}/control-list

workspace:bandwidth:getControlConfig

-

PUT /v2/{project_id}/bandwidths/{bandwidth_id}/control-list

workspace:bandwidth:updateControlConfig

-

POST /v2/{project_id}/bandwidths/{bandwidth_id}/periodic/change/order

workspace:bandwidth:createChangeOrder

-

POST /v2/{project_id}/adns

workspace:bandwidth:create

-

GET /v2/{project_id}/adns

workspace:bandwidth:list

-

POST /v2/{project_id}/desktops-adn/batch-delete

workspace:bandwidth:delete

-

POST /v2/{project_id}/snapshots/batch-create

workspace:desktops:batchCreateSnapshots

-

POST /v2/{project_id}/snapshots/batch-delete

workspace:desktops:batchDeleteSnapshots

-

POST /v2/{project_id}/snapshots/batch-restore

workspace:desktops:batchRestoreSnapshots

-

GET /v2/{project_id}/snapshots

workspace:desktops:listSnapshots

-

POST /v2/{project_id}/verification/desktop-name

workspace:desktops:verifyDesktopName

-

GET /v2/{project_id}/subnets/{subnet_id}/available-ip

workspace:networks:getAvailableIp

-

GET /v2/{project_id}/ad/status

workspace:desktops:getAdStatus

-

GET /v2/{project_id}/ip-exist

workspace:networks:checkIpIfExist

-

POST /v2/{project_id}/desktops/check-images

workspace:images:checkIfExist

ims:images:list

GET /v2/{project_id}/hosts/{host_id}/servers

workspace:wdh:listDesktops

-

PUT /v2/{project_id}/hosts

workspace:wdh:update

-

GET /v2/{project_id}/terminals/binding-desktops/template

workspace:bindingPolicies:getTemplate

-

POST /v2/{project_id}/terminals/binding-desktops/template/import

workspace:bindingPolicies:import

-

GET /v2/{project_id}/terminals/binding-desktops/template/export

workspace:bindingPolicies:export

-

GET /v2/{project_id}/desktops/statistics/run-state

workspace:statistics:getRunState

-

GET /v2/{project_id}/desktops/statistics/login-state

workspace:statistics:getLoginState

-

GET /v2/{project_id}/subnets/using-subnets

workspace:networks:getUsingSubnets

-

GET /v2/{project_id}/ports

workspace:networks:listPorts

-

GET /v2/{project_id}/render-desktops/{desktop_id}/remote-consoles

workspace:renderDesktops:createConsole

-

PUT /v2/{project_id}/render-desktops/resize

workspace:renderDesktops:resize

-

POST /v2/{project_id}/exclusive-hosts/{host_id}/resize-lites

workspace:exclusiveHosts:resizeLites

-

GET /services/v2/{project_id}/desktops/{desktop_id}

workspace:desktops:get

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

GET /v2/{project_id}/desktop-monitor/{desktop_id}

workspace:desktops:getMonitor

ces:metricData:get

GET /v2/{project_id}/desktops/export

workspace:desktops:export

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

GET /v2/{project_id}/desktops/{desktop_id}/detach-info

workspace:desktops:listDetachInfo

-

GET /v2/{project_id}/desktops/{desktop_id}/sysprep

workspace:desktops:getSysprepVersion

-

POST /v2/{project_id}/internet

workspace:networks:createNat

  • vpc:ports:delete
  • vpc:ports:get
  • vpc:networks:get
  • eip:publicIps:create
  • eip:publicIps:update
  • eip:publicIps:delete
  • nat:snatRules:list
  • nat:snatRules:create
  • nat:natGateways:list
  • nat:natGateways:create

GET /v2/{project_id}/internet

workspace:networks:listNats

  • vpc:subnets:get
  • vpc:vpcs:get
  • nat:snatRules:list
  • nat:natGateways:list

POST /v2/{project_id}/quotas/check

workspace:quotas:check

-

GET /v2/{project_id}/subnets

workspace:networks:listSubnets

  • vpc:subnets:list
  • vpc:subnets:get

GET /v2/{project_id}/vpcs

workspace:networks:listVpcs

vpc:vpcs:list

POST /v2/{project_id}/policy-groups/policy-template

workspace:policyGroups:createTemplate

-

GET /v1/{project_id}/policy-templates

workspace:policyGroups:listTemplate

-

PUT /v2/{project_id}/policy-groups/policy-template/{policy_group_id}

workspace:policyGroups:updateTemplate

-

GET /v2/{project_id}/security-groups

workspace:networks:listSecurityGroups

-

GET /v2/{project_id}/availability-zones/summary

workspace:availabilityZones:getSummary

-

GET /v2/{project_id}/availability-zones/detail

workspace:availabilityZones:get

-

POST /v2/{project_id}/users/desktop-users/action/import

workspace:users:importUser

-

POST /v2/{project_id}/users/template-upload

workspace:users:uploadTemplate

-

PUT /v2/{project_id}/access-policy/{access_policy_id}

workspace:accessPolicies:update

-

POST /v2/{project_id}/desktops/{desktop_id}/verify-source

workspace:desktops:verifySource

-

GET /v2/{project_id}/desktops/networks

workspace:desktops:listDesktopNetworks

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:networks:get
  • vpc:ports:get
  • vpc:securityGroups:get
  • eip:publicIps:list

POST /v2/{project_id}/desktops/networks/batch-change

workspace:desktops:batchChangeNetwork

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:networks:get
  • vpc:ports:get
  • vpc:ports:create
  • vpc:ports:update
  • vpc:ports:delete
  • vpc:securityGroups:get
  • eip:publicIps:list
  • eip:publicIps:associateInstance
  • eip:publicIps:disassociateInstance

GET /v2/{project_id}/workspace-jobs/{job_id}

workspace:jobs:get

-

POST /v2/{project_id}/ip/import

workspace:accessPolicies:importIp

-

GET /v2/{project_id}/ip/template/download

workspace:accessPolicies:getIpImportTemplate

-

GET /v2/{project_id}/wks-edge-sites

workspace:sites:listEdgeSites

  • ies:edgeSite:list
  • ies:edgeSite:getMetricData

POST /v2/{project_id}/check-edge-site-resources

workspace:sites:checkEdgeSiteResources

  • ies:edgeSite:list
  • ies:edgeSite:getMetricData

GET /v2/{project_id}/ad-ous

workspace:ou:listAdOus

-

GET /v2/{project_id}/ou-users

workspace:ou:listOuUsers

-

POST /v2/{project_id}/ou-users/import

workspace:ou:importUsersByOU

-

GET /v1/{project_id}/app-groups

workspace:appGroup:list

-

POST /v1/{project_id}/app-groups

workspace:appGroup:create

-

DELETE /v1/{project_id}/app-groups/{app_group_id}

workspace:appGroup:delete

-

GET /v1/{project_id}/app-groups/{app_group_id}

workspace:appGroup:get

-

PATCH /v1/{project_id}/app-groups/{app_group_id}

workspace:appGroup:update

-

GET /v1/{project_id}/app-groups/{app_group_id}/apps

workspace:app:listPublishedApp

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps

workspace:app:publish

-

GET /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}

workspace:app:get

-

PATCH /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}

workspace:app:update

-

DELETE /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}/icon

workspace:app:deleteIcon

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}/icon

workspace:app:uploadIcon

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/actions/check

workspace:app:check

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/actions/disable

workspace:app:batchDisable

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/actions/enable

workspace:app:batchEnable

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/batch-unpublish

workspace:app:unpublish

-

GET /v1/{project_id}/app-groups/{app_group_id}/publishable-app

workspace:appGroup:listPublishableApp

-

POST /v1/{project_id}/app-groups/actions/batch-delete-authorization

workspace:appGroup:batchDeleteAuthorization

-

POST /v1/{project_id}/app-groups/actions/disassociate-app-group

workspace:appGroup:disassociate

-

GET /v1/{project_id}/app-groups/actions/list-authorizations

workspace:appGroup:listAuthorization

-

POST /v1/{project_id}/app-groups/authorizations

workspace:appGroup:addAuthorization

-

POST /v1/{project_id}/app-groups/batch-delete

workspace:appGroup:batchDelete

-

POST /v1/{project_id}/app-groups/rules/validate

workspace:appGroup:check

-

GET /v1/{project_id}/app-server-groups

workspace:serverGroup:list

-

POST /v1/{project_id}/app-server-groups

workspace:serverGroup:create

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

DELETE /v1/{project_id}/app-server-groups/{server_group_id}

workspace:serverGroup:delete

-

GET /v1/{project_id}/app-server-groups/{server_group_id}

workspace:serverGroup:get

-

PATCH /v1/{project_id}/app-server-groups/{server_group_id}

workspace:serverGroup:update

ims:images:list

GET /v1/{project_id}/app-server-groups/{server_group_id}/state

workspace:serverGroup:getServerState

-

GET /v1/{project_id}/app-server-groups/actions/list

workspace:serverGroup:listDetail

-

GET /v1/{project_id}/app-server-groups/resources/restrict

workspace:serverGroup:getRestrict

-

POST /v1/{project_id}/app-server-groups/rules/validate

workspace:serverGroup:validate

-

POST /v1/{project_id}/server-group/{server_group_id}/tags/create

workspace:serverGroup:tagResource

-

DELETE /v1/{project_id}/server-group/{server_group_id}/tags/delete

workspace:serverGroup:unTagResource

-

GET /v1/{project_id}/server-group/{server_group_id}/tags

workspace:serverGroup:listTagsForResource

-

GET /v1/{project_id}/server-group/tags

workspace:serverGroup:listTags

-

POST /v1/{project_id}/server-group/tags/batch-create

workspace:serverGroup:batchCreateTags

-

DELETE /v1/{project_id}/server-group/tags/batch-delete

workspace:serverGroup:batchDeleteTags

-

GET /v1/{project_id}/app-servers

workspace:server:list

-

DELETE /v1/{project_id}/app-servers/{server_id}

workspace:server:delete

  • iam:roles:listRoles
  • vpc:ports:delete
  • vpc:ports:get

GET /v1/{project_id}/app-servers/{server_id}

workspace:server:get

-

PATCH /v1/{project_id}/app-servers/{server_id}

workspace:server:update

-

POST /v1/{project_id}/app-servers/{server_id}/actions/change-image

workspace:server:changeImage

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

POST /v1/{project_id}/app-servers/{server_id}/actions/reinstall

workspace:server:reinstall

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

GET /v1/{project_id}/app-servers/{server_id}/actions/vnc

workspace:server:getVncUrl

-

GET /v1/{project_id}/app-servers/access-agent/latest-version

workspace:accessAgent:list

-

PATCH /v1/{project_id}/app-servers/access-agent/actions/upgrade

workspace:accessAgent:batchUpgrade

-

GET /v1/{project_id}/app-servers/access-agent/latest-version

workspace:accessAgent:listLatestVersion

-

GET /v1/{project_id}/app-servers/access-agent/list

workspace:server:listAccessAgentDetails

-

GET /v1/{project_id}/app-servers/access-agent/upgrade-flag

workspace:accessAgent:getUpgradeFlag

-

PATCH /v1/{project_id}/app-servers/access-agent/upgrade-flag

workspace:accessAgent:updateUpgradeFlag

-

GET /v1/{project_id}/app-servers/access-agent/upgrade-record

workspace:accessAgent:listUpgradeRecords

-

POST /v1/{project_id}/app-servers/actions/batch-delete

workspace:server:batchDelete

  • iam:roles:listRoles
  • vpc:ports:delete
  • vpc:ports:get

PATCH /v1/{project_id}/app-servers/actions/batch-maint

workspace:server:batchChangeMaintainMode

-

PATCH /v1/{project_id}/app-servers/actions/batch-reboot

workspace:server:batchReboot

-

PATCH /v1/{project_id}/app-servers/actions/batch-rejoin-domain

workspace:server:batchRejoinDomain

-

PATCH /v1/{project_id}/app-servers/actions/batch-start

workspace:server:batchStart

-

PATCH /v1/{project_id}/app-servers/actions/batch-stop

workspace:server:batchStop

-

PATCH /v1/{project_id}/app-servers/actions/batch-update-tsvi

workspace:server:batchUpdateTsvi

  • vpc:subnets:get
  • vpc:ports:update

POST /v1/{project_id}/app-servers/actions/create

workspace:server:create

  • ims:images:list
  • ims:images:updateMemberStatus
  • ims:images:share
  • ims:images:get
  • vpc:securityGroups:get
  • vpc:securityGroupRules:get
  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:create
  • vpc:ports:get
  • vpc:ports:delete
  • vpc:vpcs:get
  • dss:pools:list

PATCH /v1/{project_id}/app-servers/hosts/batch-migrate

workspace:server:batchMigrateHosts

-

GET /v1/{project_id}/app-servers/metric-data/{server_id}

workspace:server:getMetricData

-

GET /v1/{project_id}/app-server-sub-jobs

workspace:jobs:listSubJobs

-

POST /v1/{project_id}/app-server-sub-jobs/actions/batch-delete

workspace:jobs:batchDeleteSubJobs

-

GET /v1/{project_id}/app-server-sub-jobs/actions/count

workspace:jobs:countSubJobs

-

POST /v1/{project_id}/app-warehouse/action/authorize

workspace:appWarehouse:authorizeObs

  • obs:bucket:GetBucketAcl
  • obs:object:PutObject
  • obs:object:DeleteObject

POST /v1/{project_id}/app-warehouse/actions/batch-delete

workspace:appWarehouse:batchDeleteApp

  • obs:bucket:HeadBucket
  • obs:object:DeleteObject

GET /v1/{project_id}/app-warehouse/apps

workspace:appWarehouse:ListWarehouseApps

-

POST /v1/{project_id}/app-warehouse/apps

workspace:appWarehouse:createApp

-

DELETE /v1/{project_id}/app-warehouse/apps/{id}

workspace:appWarehouse:deleteApp

  • obs:bucket:HeadBucket
  • obs:object:DeleteObject

POST /v1/{project_id}/app-warehouse/apps/icon

workspace:appWarehouse:uploadAppIcon

obs:object:PutObject

POST /v1/{project_id}/app-warehouse/bucket-and-acl/create

workspace:appWarehouse:createBucketOrAcl

  • obs:bucket:GetBucketAcl
  • obs:bucket:HeadBucket
  • obs:bucket:PutBucketAcl
  • obs:bucket:PutReplicationConfiguration
  • obs:bucket:CreateBucket
  • obs:bucket:PutBucketCORS

GET /v1/{project_id}/check/quota

workspace:quotas:get

-

GET /v1/{project_id}/image-server-jobs

workspace:images:listImageJobs

-

GET /v1/{project_id}/image-server-jobs/{job_id}

workspace:images:getImageJob

-

GET /v1/{project_id}/image-servers

workspace:imageServer:list

-

POST /v1/{project_id}/image-servers

workspace:imageServer:create

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

GET /v1/{project_id}/image-servers/{server_id}

workspace:imageServer:get

-

PATCH /v1/{project_id}/image-servers/{server_id}

workspace:imageServer:update

-

POST /v1/{project_id}/image-servers/{server_id}/actions/attach-app

workspace:imageServer:attachApp

-

GET /v1/{project_id}/image-servers/{server_id}/actions/latest-attached-app

workspace:imageServer:listLatestAttachedApp

-

POST /v1/{project_id}/image-servers/{server_id}/actions/recreate-image

workspace:imageServer:recreate

  • vpc:ports:get
  • vpc:subnets:get
  • ims:quotas:get
  • ims:images:get
  • ims:images:list
  • ims:images:setTags
  • ims:images:setOrDeleteTags
  • ims:images:updateMemberStatus
  • ims:images:copyInRegion
  • ims:serverImages:create

PATCH /v1/{project_id}/image-servers/actions/batch-delete

workspace:imageServer:batchDelete

-

GET /v1/{project_id}/image-server-sub-jobs

workspace:imageServer:listImageSubJobs

-

PATCH /v1/{project_id}/image-server-sub-jobs/actions/batch-delete

workspace:imageServer:batchDeleteImageSubJobs

-

GET /v1/{project_id}/image-server-sub-jobs/actions/count

workspace:imageServer:countImageSubJobs

-

GET /v2/{project_id}/job/{job_id}

workspace:jobs:get

-

GET /v1/{project_id}/mails

workspace:appGroup:listMailRecord

-

POST /v1/{project_id}/mails/actions/send

workspace:appGroup:resendMail

-

POST /v1/{project_id}/mails/actions/send-by-authorization

workspace:appGroup:resendMail

-

GET /v1/{project_id}/persistent-storages

workspace:storage:listPersistentStorage

-

POST /v1/{project_id}/persistent-storages

workspace:storage:createPersistentStorage

  • obs:bucket:HeadBucket
  • obs:bucket:PutBucketPolicy
  • obs:bucket:PutBucketAcl
  • obs:bucket:PutBucketCORS

DELETE /v1/{project_id}/persistent-storages/{storage_id}

workspace:storage:deletePersistentStorage

  • obs:object:GetObject
  • obs:object:DeleteObject

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/assign-folder

workspace:storage:updateUserFolderAssignment

-

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/assign-share-folder

workspace:storage:updateShareFolderAssignment

-

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/create-share-folder

workspace:storage:createShareFolder

  • obs:object:GetObject
  • obs:object:PutObject

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/delete-storage-claim

workspace:storage:deleteStorageClaim

obs:object:DeleteObject

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/delete-user-attachment

workspace:storage:deleteUserStorageAttachment

obs:object:DeleteObject

POST /v1/{project_id}/persistent-storages/actions/batch-delete

workspace:storage:batchDeletePersistentStorage

-

GET /v1/{project_id}/persistent-storages/actions/list-attachments

workspace:storage:listStorageAssignment

-

GET /v1/{project_id}/persistent-storages/actions/list-share-folders

workspace:storage:listShareFolder

-

GET /v1/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:get

-

GET /v1/{project_id}/policy-groups/{policy_group_id}/policy

workspace:policyGroups:listPolicies

-

GET /v1/{project_id}/policy-groups/{policy_group_id}/target

workspace:policyGroups:listTargets

-

GET /v1/{project_id}/policy-groups/show/detail

workspace:policyGroups:listDetail

-

GET /v1/{project_id}/policy-templates

workspace:policyGroups:listTemplate

-

DELETE /v1/{project_id}/policy-templates/{policy_template_id}

workspace:policyGroups:deleteTemplate

-

PATCH /v1/{project_id}/policy-templates/{policy_template_id}

workspace:policyGroups:updateTemplate

-

GET /v1/{project_id}/privacy-statement

workspace:privacystatements:get

-

DELETE /v1/{project_id}/scaling-policy

workspace:scalingPolicy:delete

-

GET /v1/{project_id}/scaling-policy

workspace:scalingPolicy:list

-

PUT /v1/{project_id}/scaling-policy

workspace:scalingPolicy:create

-

GET /v1/{project_id}/schedule-task/{task_id}/execute-history

workspace:scheduledTasks:list

-

POST /v1/{project_id}/schedule-task

workspace:scheduledTasks:create

-

GET /v1/{project_id}/schedule-task/{execute_history_id}/execute-detail

workspace:scheduledTasks:getRecord

-

DELETE /v1/{project_id}/schedule-task/{task_id}

workspace:scheduledTasks:delete

-

POST /v1/{project_id}/schedule-task/future-executions

workspace:scheduledTasks:get

-

PATCH /v1/{project_id}/schedule-task/{task_id}

workspace:scheduledTasks:update

-

GET /v1/{project_id}/schedule-task/{task_id}/execute-history

workspace:scheduledTasks:listRecords

-

POST /v1/{project_id}/schedule-task/actions/batch-delete

workspace:scheduledTasks:batchDelete

-

POST /v1/{project_id}/session/app-connection

workspace:session:listAppConnection

-

POST /v1/{project_id}/session/logoff

workspace:session:logoffUserSession

-

POST /v1/{project_id}/session/user-connection

workspace:session:listUserConnection

-

GET /v1/{project_id}/session/user-session-info

workspace:session:listSessionByUserName

-

PUT /v1/{project_id}/storages-policy/actions/create-statements

workspace:storagePolicy:create

-

GET /v1/{project_id}/storages-policy/actions/list-statements

workspace:storagePolicy:list

-

GET /v1/{project_id}/users

workspace:users:list

-

GET /v1/persistent-storages/actions/list-sfs-storages

workspace:storage:listSfs3Storage

  • obs:bucket:ListBucket
  • obs:bucket:GetBucketStorage
  • obs:bucket:ListAllMyBuckets

GET /v1/{project_id}/product

workspace:baseResource:list

ecs:availabilityZones:list

POST /v1/{project_id}/bundles/batch-query-config-info

workspace:tenants:listConfigInfo

-

GET /v1/{project_id}/product

workspace:baseResource:list

-

GET /v1/{project_id}/volume-type

workspace:baseResource:list

-

POST /v1/{project_id}/tenant/action/active

workspace:tenants:active

-

GET /v1/{project_id}/tenant/profile

workspace:tenants:listTenantProfile

-

GET /v1/{project_id}/volume-type

workspace:baseResource:list

-

GET /v1/{project_id}/app-servers/server-metric-data/{server_id}

workspace:server:listServerMetricData

-

GET /v1/{project_id}/session/list-sessions

workspace:session:listSessions

-

PATCH /v1/{project_id}/app-warehouse/apps/{id}

workspace:appWarehouse:updateApp

-

POST /v1/{project_id}/app-servers/actions/batch-change-image

workspace:server:batchChangeImage

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

POST /v1/{project_id}/app-servers/actions/batch-reinstall

workspace:server:batchReinstall

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

GET /v2/{project_id}/auth-config/method-config

workspace:authConfigs:get

-

PUT /v2/{project_id}/auth-config/method-config

workspace:authConfigs:update

-

GET /v2/{project_id}/assist-auth-config/method-config

workspace:assistAuthConfigs:get

-

PUT /v2/{project_id}/assist-auth-config/method-config

workspace:assistAuthConfigs:update

-

POST /v2/{project_id}/workspace-jobs/{job_id}/actions

workspace:jobs:retry

-

GET /v2/{project_id}/quotas

workspace:quotas:get

-

GET /v2/{project_id}/tenants/roles

workspace:tenants:getRoles

-

GET /v2/{project_id}/tenant-configs

workspace:tenants:ListConfig

-

PUT /v2/{project_id}/tenant-configs

workspace:tenants:updateConfig

-

GET /v2/{project_id}/nat-mapping-configs

workspace:natMappings:getConfig

-

PUT /v2/{project_id}/nat-mapping-configs

workspace:natMappings:updateConfig

-

GET /v2/{project_id}/workspaces

workspace:tenants:get

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:securityGroups:get

POST /v2/{project_id}/workspaces

workspace:tenants:open

  • eip:bandwidths:create
  • eip:publicIps:create
  • elb:healthmonitors:create
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:update
  • elb:listeners:show
  • elb:listeners:list
  • elb:loadbalancers:create
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:update
  • elb:pools:show
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:securityGroupRules:create
  • vpc:securityGroupRules:delete
  • vpc:securityGroupRules:get
  • vpc:securityGroups:create
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:get

DELETE /v2/{project_id}/workspaces

workspace:tenants:delete

  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:delete
  • elb:listeners:show
  • elb:loadbalancers:delete
  • elb:loadbalancers:show
  • elb:members:delete
  • elb:members:list
  • elb:pools:delete
  • elb:pools:show
  • vpc:ports:delete
  • vpc:securityGroups:delete
  • vpcep:endpoints:delete
  • vpcep:endpoints:get
  • eip:publicIps:disassociateInstance
  • eip:bandwidths:delete
  • eip:publicIps:delete

PUT /v2/{project_id}/workspaces

workspace:tenants:update

  • eip:bandwidths:create
  • eip:bandwidths:delete
  • eip:publicIps:create
  • eip:publicIps:delete
  • eip:publicIps:disassociateInstance
  • elb:healthmonitors:create
  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:delete
  • elb:listeners:update
  • elb:listeners:show
  • elb:loadbalancers:create
  • elb:loadbalancers:delete
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:delete
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:delete
  • elb:pools:update
  • elb:pools:show
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:delete
  • vpcep:endpoints:get

GET /v2/{project_id}/workspaces/lock-status

workspace:tenants:getLockStatus

-

PUT /v2/{project_id}/workspaces/lock-status

workspace:tenants:unlock

-

POST /v2/{project_id}/agencies

workspace:agencies:create

  • iam:agencies:listV5
  • iam:agencies:getV5
  • iam:agencies:createServiceLinkedAgencyV5
  • iam:roles:getRole
  • iam:roles:listRoles
  • iam:agencies:getAgency
  • iam:agencies:listAgencies
  • iam:agencies:createAgency
  • iam:permissions:listRolesForAgencyOnProject
  • iam:permissions:grantRoleToAgencyOnProject

GET /v2/{project_id}/agencies

workspace:agencies:get

  • iam:agencies:listV5
  • iam:agencies:getV5
  • iam:agencies:getAgency
  • iam:agencies:listAgencies
  • iam:permissions:listRolesForAgencyOnProject

POST /v3/{project_id}/desktops/{desktop_id}/ai-accelerate-job

workspace:desktops:commitAiAccelerateJob

-

POST /v2/{project_id}/desktops/{desktop_id}/ai-accelerate-job

workspace:desktops:createAiAccelerateJob

-

GET /v2/{project_id}/ai-accelerate-job/{job_id}

workspace:desktops:getAiAccelerateJob

-

POST /v2/{project_id}/sysprep

workspace:desktops:getSysPrepInfo

-

POST /v2/{project_id}/verification/batch-change-image

workspace:desktops:checkBatchChangeImage

ims:images:list

GET /v2/{project_id}/desktop-name-policies

workspace:tenants:listDesktopNamePolicies

-

POST /v2/{project_id}/desktop-name-policies

workspace:tenants:createDesktopNamePolicy

-

PUT /v2/{project_id}/desktop-name-policies/{policy_id}

workspace:tenants:updateDesktopNamePolicy

-

POST /v2/{project_id}/desktop-name-policies/batch-delete

workspace:tenants:batchDeleteDesktopNamePolicies

-

POST /v2/{project_id}/desktop-pools

workspace:desktopPools:create

  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get
  • dss:pools:list

GET /v2/{project_id}/desktop-pools

workspace:desktopPools:list

ims:images:list

PUT /v2/{project_id}/desktop-pools/{pool_id}

workspace:desktopPools:update

-

DELETE /v2/{project_id}/desktop-pools/{pool_id}

workspace:desktopPools:delete

-

GET /v2/{project_id}/desktop-pools/{pool_id}

workspace:desktopPools:get

ims:images:list

POST /v2/{project_id}/desktop-pools/{pool_id}/expand

workspace:desktopPools:expand

  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get
  • dss:pools:list

POST /v2/{project_id}/desktop-pools/{pool_id}/resize

workspace:desktopPools:resize

  • vpc:subnets:get
  • ims:images:list

POST /v2/{project_id}/desktop-pools/{pool_id}/rebuild

workspace:desktopPools:rebuild

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

POST /v2/{project_id}/desktop-pools/{pool_id}/volumes/batch-add

workspace:desktopPools:batchAddVolumes

-

POST /v2/{project_id}/desktop-pools/{pool_id}/volumes/batch-delete

workspace:desktopPools:batchDeleteVolumes

-

POST /v2/{project_id}/desktop-pools/{pool_id}/volumes/batch-expand

workspace:desktopPools:batchExpandVolumes

-

POST /v2/{project_id}/desktop-pools/{pool_id}/action

workspace:desktopPools:operate

-

GET /v2/{project_id}/desktop-pools/{pool_id}/users

workspace:desktopPools:listUsers

-

POST /v2/{project_id}/desktop-pools/{pool_id}/users

workspace:desktopPools:authorizeUsers

ims:images:list

GET /v2/{project_id}/desktop-pools/{pool_id}/desktops

workspace:desktopPools:listDesktops

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

GET /v2/{project_id}/desktop-pools/script-execution-tasks/detail

workspace:desktopPools:listScriptTasks

-

POST /v2/{project_id}/desktop-pools/{pool_id}/script-executions

workspace:desktopPools:executeScripts

-

POST /v2/{project_id}/desktop-pools/{pool_id}/notifications

workspace:desktopPools:sendNotifications

-

GET /v3/{project_id}/desktops/export

workspace:desktops:export

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

POST /v2/{project_id}/desktops

workspace:desktops:create

  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • eip:publicIps:get
  • eip:publicIps:list
  • eip:publicIps:create
  • eip:publicIps:associateInstance
  • eip:publicIps:delete
  • eip:publicIps:createTags
  • vpc:quotas:list
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get
  • dss:pools:list

GET /v2/{project_id}/desktops

workspace:desktops:list

-

PUT /v2/{project_id}/desktops/{desktop_id}

workspace:desktops:update

-

DELETE /v2/{project_id}/desktops/{desktop_id}

workspace:desktops:delete

  • vpc:ports:get
  • vpc:ports:delete

GET /v2/{project_id}/desktops/{desktop_id}

workspace:desktops:get

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

POST /v2/{project_id}/desktops/batch-delete

workspace:desktops:batchDelete

  • vpc:ports:get
  • vpc:ports:delete

POST /v2/{project_id}/desktops/logoff

workspace:desktops:logoff

-

GET /v2/{project_id}/desktops/detail

workspace:desktops:listDetail

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

POST /v2/{project_id}/desktops/action

workspace:desktops:operate

-

POST /v2/{project_id}/desktops/resize

workspace:desktops:resize

  • vpc:subnets:get
  • ims:images:list

GET /v2/{project_id}/connections/status

workspace:desktops:getConnectStatus

-

GET /v2/{project_id}/desktops/status

workspace:desktops:ListStatus

-

POST /v2/{project_id}/desktops/rebuild

workspace:desktops:rebuild

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

GET /v2/{project_id}/desktops/{desktop_id}/actions

workspace:desktops:getActions

-

GET /v2/{project_id}/desktops/{desktop_id}/remote-consoles

workspace:desktops:createConsole

-

PUT /v2/{project_id}/desktops/sids

workspace:desktops:updateSids

-

POST /v2/{project_id}/desktops/{desktop_id}/rejoin-domain

workspace:desktops:rejoinDomain

-

POST /v2/{project_id}/desktops/desktop-to-image

workspace:desktops:createImage

  • ims:quotas:get
  • ims:images:get
  • ims:images:list
  • ims:images:setTags
  • ims:images:setOrDeleteTags
  • ims:images:updateMemberStatus
  • ims:images:copyInRegion
  • ims:serverImages:create

POST /v2/{project_id}/desktops/batch-detach

workspace:desktops:batchDetach

vpc:ports:get

POST /v2/{project_id}/desktops/detach

workspace:desktops:detach

vpc:ports:get

POST /v2/{project_id}/desktops/attach

workspace:desktops:attach

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

GET /v2/{project_id}/desktops/{desktop_id}/networks

workspace:desktops:getNetwork

  • vpc:vpcs:get
  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:get
  • vpc:securityGroups:get
  • eip:publicIps:list

PUT /v2/{project_id}/desktops/{desktop_id}/networks

workspace:desktops:changeNetwork

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:networks:get
  • vpc:ports:get
  • vpc:ports:create
  • vpc:ports:update
  • vpc:ports:delete
  • vpc:securityGroups:get
  • eip:publicIps:list
  • eip:publicIps:associateInstance
  • eip:publicIps:disassociateInstance

GET /v2/{project_id}/exclusive-hosts/{host_id}/desktops

workspace:exclusiveHosts:listDesktops

-

GET /v2/{project_id}/all-desktops

workspace:desktops:listAll

-

GET /v2/{project_id}/desktop-associate/discover-vm/infos

workspace:desktopAssociate:listDiscoverVmInfo

-

POST /v2/{project_id}/desktop-associate/tasks

workspace:desktopAssociate:startTask

-

POST /v2/{project_id}/desktop-associate/discover-vm/switch

workspace:desktopAssociate:switchScanTask

-

GET /v2/{project_id}/desktop-associate/discover-vm/switch

workspace:desktopAssociate:getScanTaskSwitch

-

PUT /v2/{project_id}/desktops/maintenance-mode

workspace:desktops:setMaintenanceMode

-

POST /v2/{project_id}/desktops/pre-batch-attach

workspace:desktops:prepAttachUsers

-

POST /v2/{project_id}/desktops/batch-attach

workspace:desktops:batchAttachUsers

  • vpc:ports:get
  • ims:images:get
  • ims:images:list
  • ims:images:share
  • ims:images:updateMemberStatus
  • ims:images:deleteMember
  • ims:images:addMember

PUT /v2/{project_id}/desktops/change-username

workspace:desktops:changeUsername

-

POST /v2/{project_id}/desktops/notifications

workspace:desktops:sendNotifications

-

POST /v2/{project_id}/desktops/{desktop_id}/migrate

workspace:desktops:migrate

  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:update
  • vpc:ports:get

GET /v2/{project_id}/desktops/agents

workspace:desktops:listAgents

-

POST /v2/{project_id}/desktops/agents

workspace:desktops:batchInstallAgents

-

GET /v2/{project_id}/desktops/{desktop_id}/tags

workspace:desktops:listTags

-

POST /v2/{project_id}/desktops/{desktop_id}/tags

workspace:desktops:tag

-

DELETE /v2/{project_id}/desktops/{desktop_id}/tags/{key}

workspace:desktops:untag

-

GET /v2/{project_id}/desktops/tags

workspace:desktops:listProjectTags

-

POST /v2/{project_id}/desktops/{desktop_id}/tags/action

workspace:desktops:operateTags

-

POST /v2/{project_id}/desktops/resource_instances/action

workspace:desktops:listByTags

-

POST /v2/{project_id}/desktops/batch-tags

workspace:desktops:tag

-

DELETE /v2/{project_id}/desktops/batch-tags

workspace:desktops:untag

-

POST /v2/{project_id}/exclusive-hosts

workspace:exclusiveHosts:create

  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:subnets:get
  • vpc:vpcs:get

GET /v2/{project_id}/exclusive-hosts

workspace:exclusiveHosts:list

-

POST /v2/{project_id}/exclusive-hosts/check-limits

workspace:exclusiveHosts:check

-

GET /v2/{project_id}/exclusive-hosts/{host_id}

workspace:exclusiveHosts:get

  • nat:snatRules:list
  • eip:publicIps:list

PUT /v2/{project_id}/exclusive-hosts/{host_id}

workspace:exclusiveHosts:update

-

DELETE /v2/{project_id}/exclusive-hosts/{host_id}

workspace:exclusiveHosts:delete

-

GET /v2/{project_id}/market-images

workspace:mkp:listImages

ims:images:list

GET /v2/{project_id}/mkp/commodities/commodity-ids

workspace:mkp:listCommodityInfos

-

POST /v2/{project_id}/mkp/order

workspace:mkp:createOrder

-

POST /v2/{project_id}/mkp/product-reserve

workspace:mkp:listListProductReserve

-

GET /v2/{project_id}/mkp/commodities

workspace:mkp:listCommodityDetails

-

GET /v2/{project_id}/mkp/commodities/{commodity_id}/relation-commodities

workspace:mkp:listRelationCommodityDetails

-

GET /v2/{project_id}/mkp/commodities/agreements

workspace:mkp:listCommodityAgreements

-

GET /v2/{project_id}/eips

workspace:networks:listEips

  • eip:publicIps:list
  • eip:bandwidths:list

POST /v2/{project_id}/eips

workspace:networks:createEips

  • vpc:quotas:list
  • eip:publicIps:create
  • eip:publicIps:associateInstance

POST /v2/{project_id}/eips/binding

workspace:networks:bindEips

  • eip:publicIps:associateInstance
  • eip:publicIps:get

POST /v2/{project_id}/eips/unbinding

workspace:networks:unbindEips

  • eip:publicIps:list
  • eip:publicIps:disassociateInstance

GET /v2/{project_id}/eips/quotas

workspace:networks:getEipQuota

vpc:quotas:list

GET /v2/{project_id}/nat-gateways

workspace:networks:ListNatGateways

  • vpc:subnets:get
  • vpc:vpcs:get
  • nat:snatRules:list
  • nat:natGateways:list

POST /v2/{project_id}/periodic/subscribe/order

workspace:orders:create

  • ims:images:list
  • vpc:vpcs:get
  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:get
  • bss:order:update

POST /v2/{project_id}/periodic/{desktop_id}/change/order

workspace:orders:change

  • ims:images:list
  • bss:order:update

POST /v2/{project_id}/periodic/change/batch-order

workspace:orders:change

  • ims:images:list
  • bss:order:update

POST /v2/{project_id}/periodic/inquiry/change-image

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/change/order

workspace:orders:change

  • ims:images:list
  • bss:order:update

POST /v2/{project_id}/desktop-pool/periodic/inquiry/add-volume

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/inquiry/change-image

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/inquiry/extend-volume

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/desktop-pool/periodic/inquiry/resize

workspace:orders:batchInquiry

ims:images:list

POST /v2/{project_id}/periodic/inquiry/add-resources

workspace:orders:batchInquiry

ims:images:list

GET /v2/{project_id}/checkOrderLimits

workspace:quotas:check

-

POST /v2/{project_id}/render-desktops

workspace:renderDesktops:create

  • ims:images:list
  • ims:images:share
  • vpc:networks:get
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:ports:get
  • vpc:ports:update
  • vpc:securityGroups:get
  • vpc:subnets:get
  • vpc:vpcs:get

DELETE /v2/{project_id}/render-desktops

workspace:renderDesktops:delete

  • vpc:ports:get
  • vpc:ports:delete

GET /v2/{project_id}/render-desktops

workspace:renderDesktops:list

-

POST /v2/{project_id}/render-desktops/action

workspace:renderDesktops:action

-

GET /v2/{project_id}/scheduled-tasks

workspace:scheduledTasks:list

-

POST /v2/{project_id}/scheduled-tasks

workspace:scheduledTasks:create

-

GET /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:get

-

PUT /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:update

-

DELETE /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:delete

-

POST /v2/{project_id}/scheduled-tasks/future-executions

workspace:scheduledTasks:getFuture

-

POST /v2/{project_id}/scheduled-tasks/batch-delete

workspace:scheduledTasks:batchDelete

-

GET /v2/{project_id}/scheduled-tasks/{task_id}/records

workspace:scheduledTasks:listRecords

-

GET /v2/{project_id}/scheduled-tasks/{task_id}/records/{record_id}

workspace:scheduledTasks:getRecord

-

POST /v2/{project_id}/scheduled-tasks/{task_id}/records/export

workspace:scheduledTasks:exportRecords

-

POST /v2/{project_id}/user/share-resources

workspace:users:subscribeSharer

-

POST /v2/{project_id}/desktop/sub-resources

workspace:desktops:addSubResources

-

POST /v2/{project_id}/desktop/delete-sub-resources

workspace:desktops:deleteSubResources

-

POST /v2/{project_id}/desktops/{desktop_id}/snapshots

workspace:desktops:createSnapshots

-

GET /v2/{project_id}/desktops/{desktop_id}/snapshots

workspace:desktops:getSnapshots

-

DELETE /v2/{project_id}/desktops/{desktop_id}/snapshots

workspace:desktops:deleteSnapshots

-

POST /v2/{project_id}/desktops/{desktop_id}/snapshots/restore

workspace:desktops:restoreBySnapshot

-

GET /v2/{project_id}/statistics

workspace:statistics:listDesktopStatus

-

GET /v2/{project_id}/desktops/statistics/unused

workspace:statistics:getUnused

-

POST /v2/{project_id}/desktops/statistics/used

workspace:statistics:getUsed

-

GET /v3/{project_id}/terminals/binding-desktops/template/export

workspace:bindingPolicies:export

-

GET /v2/{project_id}/terminals/binding-desktops/config

workspace:bindingPolicies:getConfig

-

POST /v2/{project_id}/terminals/binding-desktops/config

workspace:bindingPolicies:createConfig

-

GET /v2/{project_id}/terminals/binding-desktops

workspace:bindingPolicies:get

-

POST /v2/{project_id}/terminals/binding-desktops

workspace:bindingPolicies:add

-

PUT /v2/{project_id}/terminals/binding-desktops

workspace:bindingPolicies:update

-

POST /v2/{project_id}/terminals/binding-desktops/batch-delete

workspace:bindingPolicies:delete

-

POST /v2/{project_id}/desktops/{desktop_id}/volumes/batch-delete

workspace:volumes:delete

-

POST /v2/{project_id}/volumes

workspace:volumes:batchAdd

-

POST /v2/{project_id}/volumes/expand

workspace:volumes:batchExpand

-

GET /v2/{project_id}/hosts/types

workspace:wdh:getType

-

GET /v2/{project_id}/hosts

workspace:wdh:get

-

GET /v2/{project_id}/desktops/{desktop_id}/remote-assistance

workspace:desktops:getRemoteAssistance

-

POST /v2/{project_id}/desktops/{desktop_id}/remote-assistance

workspace:desktops:createRemoteAssistance

-

DELETE /v2/{project_id}/desktops/{desktop_id}/remote-assistance

workspace:desktops:cancelRemoteAssistance

-

POST /v2/{project_id}/desktops/{desktop_id}/volumes

workspace:volumes:add

-

POST /v2/{project_id}/desktops/{desktop_id}/volumes/{volume_id}/expand

workspace:volumes:expand

-

GET /v2/{project_id}/dss-pools/detail

workspace:volumes:listDssPoolsDetail

dss:pools:list

GET /v2/{project_id}/common/timezones

workspace:common:listTimezones

-

GET /v3/{project_id}/desktops/connections/export

workspace:connections:securityExport

-

GET /v2/{project_id}/images

workspace:images:list

ims:images:list

POST /v2/{project_id}/policy-groups/import

workspace:policyGroups:import

-

POST /v2/{project_id}/access-policy

workspace:accessPolicies:create

-

GET /v2/{project_id}/access-policy

workspace:accessPolicies:get

-

DELETE /v2/{project_id}/access-policy

workspace:accessPolicies:delete

-

GET /v2/{project_id}/access-policy/{access_policy_id}/objects

workspace:accessPolicies:getTarget

-

PUT /v2/{project_id}/access-policy/{access_policy_id}/objects

workspace:accessPolicies:updateTarget

-

GET /v2/{project_id}/products

workspace:products:listDesktopProducts

ecs:cloudServerFlavors:get

GET /v2/{project_id}/products/sharer

workspace:products:listSharerProducts

-

GET /v2/{project_id}/products/adninternet

workspace:products:listInternetProducts

-

GET /v2/{project_id}/availability-zones

workspace:availabilityZones:list

-

GET /v2/{project_id}/groups/export

workspace:userGroups:export

-

POST /v3/{project_id}/users/export

workspace:users:export

-

POST /v2/{project_id}/users/import

workspace:users:import

-

GET /v3/{project_id}/groups/{group_id}/users/export

workspace:userGroups:exportUsers

-

GET /v2/{project_id}/groups/{group_id}/users/export

workspace:userGroups:exportUsers

-

POST /v2/{project_id}/users/{user_id}/actions

workspace:users:operate

-

GET /v2/{project_id}/users/{user_id}/random-password

workspace:users:randomPassword

-

DELETE /v2/{project_id}/users/{user_id}/otp-devices

workspace:users:deleteOtps

-

POST /v2/{project_id}/users/{user_id}/resend-email

workspace:users:resendEmail

-

GET /v2/{project_id}/connections/desktops

workspace:connections:securityList

-

GET /v2/{project_id}/connections/desktops/export

workspace:connections:securityExport

-

GET /v2/{project_id}/connections/online-users

workspace:connections:listOnlineUsers

-

GET /v2/{project_id}/desktops/connections

workspace:connections:securityList

-

GET /v2/{project_id}/desktops/connections/export

workspace:connections:securityExport

-

GET /v2/{project_id}/desktops/online-users

workspace:connections:listOnlineUsers

-

GET /v2/{project_id}/groups

workspace:userGroups:list

-

POST /v2/{project_id}/groups

workspace:userGroups:create

-

POST /v2/{project_id}/groups/batch-delete

workspace:userGroups:batchDelete

-

DELETE /v2/{project_id}/groups/{group_id}

workspace:userGroups:delete

-

PUT /v2/{project_id}/groups/{group_id}

workspace:userGroups:update

-

POST /v2/{project_id}/groups/{group_id}/actions

workspace:userGroups:operate

-

GET /v2/{project_id}/groups/{group_id}/users

workspace:userGroups:getUsers

-

GET /v2/{project_id}/workspace-sub-jobs

workspace:jobs:listSubJobs

-

POST /v2/{project_id}/workspace-sub-jobs/batch-delete

workspace:jobs:deleteSubJobRecords

-

GET /v2/{project_id}/ous

workspace:ou:get

-

POST /v2/{project_id}/ous

workspace:ou:create

-

DELETE /v2/{project_id}/ous/{ou_id}

workspace:ou:delete

-

PUT /v2/{project_id}/ous/{ou_id}

workspace:ou:update

-

GET /v2/{project_id}/policy-groups

workspace:policyGroups:list

-

POST /v2/{project_id}/policy-groups

workspace:policyGroups:create

-

DELETE /v2/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:delete

-

GET /v2/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:get

-

PUT /v2/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:update

-

POST /v2/{project_id}/policy-groups/export

workspace:policyGroups:export

-

GET /v2/{project_id}/policy-groups/{policy_group_id}/policies

workspace:policyGroups:listPolicies

-

PUT /v2/{project_id}/policy-groups/{policy_group_id}/policies

workspace:policyGroups:updatePolicies

-

GET /v2/{project_id}/policy-groups/{policy_group_id}/targets

workspace:policyGroups:listTargets

-

PUT /v2/{project_id}/policy-groups/{policy_group_id}/targets

workspace:policyGroups:updateTargets

-

GET /v2/{project_id}/policy-groups/detail

workspace:policyGroups:listDetail

-

GET /v2/{project_id}/policy-groups/original-policies

workspace:policyGroups:getOriginalPolicies

-

GET /v2/{project_id}/users

workspace:users:list

-

POST /v2/{project_id}/users

workspace:users:create

-

DELETE /v2/{project_id}/users/{user_id}

workspace:users:delete

-

GET /v2/{project_id}/users/{user_id}

workspace:users:get

-

PUT /v2/{project_id}/users/{user_id}

workspace:users:update

-

POST /v2/{project_id}/users/batch-delete

workspace:users:batchDelete

-

POST /v2/{project_id}/users/password

workspace:users:resetPassword

-

POST /v2/{project_id}/users/password-token

workspace:users:checkResetPasswordToken

-

GET /v2/{project_id}/users/desktop-users/template

workspace:users:getTemplate

-

POST /v2/{project_id}/users/exist

workspace:users:checkExist

-

GET /v2/{project_id}/users/{user_id}/otp-devices

workspace:users:listOtps

-

GET /v2/{project_id}/users/template/download

workspace:users:getImportTemplate

-

POST /v2/{project_id}/users/export

workspace:users:export

-

POST /v2/{project_id}/users/batch-create

workspace:users:batchCreate

-

GET /v2/{project_id}/volume/products

workspace:products:listVolumeProducts

-

GET /v2/{project_id}/export-tasks

workspace:tenants:listExportTasks

-

POST /v2/{project_id}/export-tasks/batch-delete

workspace:tenants:deleteExportTasks

-

GET /v2/{project_id}/export-tasks/{task_id}/download

workspace:tenants:exportData

-

GET /v2/{project_id}/alarms

workspace:statistics:listAlarm

ces:alarmHistory:list

GET /v2/{project_id}/statistics/alarms

workspace:statistics:getAlarm

ces:alarmHistory:list

GET /v2/{project_id}/statistics/growth-rate

workspace:statistics:getGrowthRate

-

GET /v2/{project_id}/statistics/metrics

workspace:statistics:getMetric

-

GET /v2/{project_id}/statistics/metrics/trend

workspace:statistics:getMetricTrend

-

PUT /v2/{project_id}/statistics/notify-rules/{rule_id}

workspace:statistics:updateNotificationRules

smn:topic:get

DELETE /v2/{project_id}/statistics/notify-rules/{rule_id}

workspace:statistics:deleteNotificationRules

-

POST /v2/{project_id}/statistics/notify-rules

workspace:statistics:createNotifyRules

smn:topic:get

GET /v2/{project_id}/statistics/notify-rules

workspace:statistics:listNotificationRules

-

GET /v2/{project_id}/statistics/notification-records

workspace:statistics:listNotificationRecords

-

GET /v2/{project_id}/statistics/metrics/desktops

workspace:statistics:listDesktopMetrics

-

GET /v2/{project_id}/statistics/metrics/desktops/export

workspace:statistics:exportDesktopMetrics

-

GET /v2/{project_id}/statistics/metrics/users

workspace:statistics:listUserMetrics

-

GET /v2/{project_id}/statistics/metrics/users/export

workspace:statistics:exportUserMetrics

-

GET /v3/{project_id}/statistics/metrics/desktops/export

workspace:statistics:exportDesktopMetrics

-

GET /v3/{project_id}/statistics/metrics/users/export

workspace:statistics:exportUserMetrics

-

POST /v1/{project_id}/app-center/buckets/actions/create-credential

workspace:appcenter:createBucketCredential

  • obs:bucket:GetBucketAcl
  • obs:object:PutObject
  • obs:object:DeleteObject

POST /v1/{project_id}/app-center/buckets

workspace:appcenter:createAndAuthorizeBucket

  • obs:bucket:HeadBucket
  • obs:bucket:PutBucketAcl
  • obs:bucket:PutReplicationConfiguration
  • obs:bucket:CreateBucket
  • obs:bucket:PutBucketCORS

GET /v1/{project_id}/app-center/apps

workspace:appcenter:listApps

-

POST /v1/{project_id}/app-center/apps

workspace:appcenter:createApp

-

PATCH /v1/{project_id}/app-center/apps/{app_id}

workspace:appcenter:updateApp

-

DELETE /v1/{project_id}/app-center/apps/{app_id}

workspace:appcenter:deleteApp

-

POST /v1/{project_id}/app-center/apps/{app_id}/actions/auto-install

workspace:appcenter:installApp

-

GET /v1/{project_id}/app-center/apps/{app_id}/authorizations

workspace:appcenter:listAppAuthorizations

-

POST /v1/{project_id}/app-center/apps/{app_id}/actions/assign-authorizations

workspace:appcenter:batchUpdateAppAuthorizations

-

POST /v1/{project_id}/app-center/apps/actions/batch-delete

workspace:appcenter:batchDeleteApps

-

POST /v1/{project_id}/app-center/apps/actions/batch-disable

workspace:appcenter:batchDisableApps

-

POST /v1/{project_id}/app-center/apps/actions/batch-enable

workspace:appcenter:batchEnableApps

-

POST /v1/{project_id}/app-center/apps/actions/batch-assign-authorization

workspace:appcenter:batchUpdateAppAuthorizations

-

POST /v1/{project_id}/app-center/apps/actions/batch-auto-install

workspace:appcenter:batchInstallApps

-

GET /v1/{project_id}/app-center/app-catalogs

workspace:appcenter:listAppCatalogs

-

GET /v1/{project_id}/app-center/jobs

workspace:appcenter:listJobs

-

POST /v1/{project_id}/app-center/jobs/actions/batch-delete

workspace:appcenter:batchDeleteJobs

-

POST /v1/{project_id}/app-center/jobs/actions/retry

workspace:appcenter:retryJobs

-

POST /v1/{project_id}/app-center/app-rules

workspace:appcenter:createAppRule

-

GET /v1/{project_id}/app-center/app-rules

workspace:appcenter:listAppRule

-

PATCH /v1/{project_id}/app-center/app-rules/{rule_id}

workspace:appcenter:updateAppRule

-

DELETE /v1/{project_id}/app-center/app-rules/{rule_id}

workspace:appcenter:deleteAppRule

-

POST /v1/{project_id}/app-center/app-rules/batch-delete

workspace:appcenter:batchDeleteAppRules

-

POST /v1/{project_id}/app-center/app-rules/actions/enable-rule-restriction

workspace:appcenter:enableRuleRestriction

-

POST /v1/{project_id}/app-center/app-rules/actions/disable-rule-restriction

workspace:appcenter:disableRuleRestriction

-

POST /v1/{project_id}/app-center/app-restricted-rules

workspace:appcenter:addRestrictedRule

-

GET /v1/{project_id}/app-center/app-restricted-rules

workspace:appcenter:listRestrictedRule

-

POST /v1/{project_id}/app-center/app-restricted-rules/actions/batch-delete

workspace:appcenter:deleteRestrictedRule

-

PATCH /v1/{project_id}/app-center/profiles

workspace:appcenter:updateTenantProfile

-

GET /v1/{project_id}/app-center/profiles

workspace:appcenter:listTenantProfiles

-

POST /v2/{project_id}/scripts

workspace:scripts:create

-

GET /v2/{project_id}/scripts

workspace:scripts:list

-

GET /v2/{project_id}/scripts/{script_id}

workspace:scripts:get

-

PUT /v2/{project_id}/scripts/{script_id}

workspace:scripts:put

-

DELETE /v2/{project_id}/scripts/{script_id}

workspace:scripts:delete

-

POST /v2/{project_id}/script-executions

workspace:scripts:execute

-

GET /v2/{project_id}/script-execution-records/{record_id}

workspace:scripts:getRecordDetail

-

GET /v2/{project_id}/script-execution-records

workspace:scripts:listRecords

-

GET /v2/{project_id}/script-execution-tasks

workspace:scripts:listTasks

-

POST /v2/{project_id}/script-executions/retry

workspace:scripts:retry

-

POST /v2/{project_id}/script-executions/stop

workspace:scripts:stop

-

POST /v2/{project_id}/script-execution-records/{record_id}/download

workspace:scripts:download

-

GET /v2/{project_id}/share-space/configuration

workspace:tenants:getShareSpaceConfig

-

PUT /v2/{project_id}/share-space/configuration

workspace:tenants:updateShareSpaceConfig

-

GET /v2/{project_id}/auth-config/status

workspace:authConfigs:getStatus

-

POST /v2/{project_id}/privacystatement

workspace:privacystatements:sign

-

GET /v2/{project_id}/quotas/detail

workspace:quotas:get

-

GET /v2/{project_id}/sites

workspace:sites:get

-

POST /v2/{project_id}/sites

workspace:sites:add

  • eip:bandwidths:create
  • eip:publicIps:create
  • elb:healthmonitors:create
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:update
  • elb:listeners:show
  • elb:listeners:list
  • elb:loadbalancers:create
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:update
  • elb:pools:show
  • vpc:ports:create
  • vpc:ports:delete
  • vpc:securityGroupRules:create
  • vpc:securityGroupRules:delete
  • vpc:securityGroupRules:get
  • vpc:securityGroups:create
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:get

DELETE /v2/{project_id}/sites/{site_id}

workspace:sites:delete

  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:delete
  • elb:listeners:show
  • elb:loadbalancers:delete
  • elb:loadbalancers:show
  • elb:members:delete
  • elb:members:list
  • elb:pools:delete
  • elb:pools:show
  • vpc:ports:delete
  • vpc:securityGroups:delete
  • vpcep:endpoints:delete
  • vpcep:endpoints:get
  • eip:publicIps:disassociateInstance
  • eip:bandwidths:delete
  • eip:publicIps:delete

PUT /v2/{project_id}/sites/{site_id}/access-mode

workspace:sites:updateAccessMode

  • eip:bandwidths:create
  • eip:bandwidths:delete
  • eip:publicIps:create
  • eip:publicIps:delete
  • eip:publicIps:disassociateInstance
  • elb:healthmonitors:create
  • elb:healthmonitors:delete
  • elb:healthmonitors:show
  • elb:listeners:create
  • elb:listeners:delete
  • elb:listeners:update
  • elb:listeners:show
  • elb:loadbalancers:create
  • elb:loadbalancers:delete
  • elb:loadbalancers:update
  • elb:loadbalancers:show
  • elb:members:create
  • elb:members:delete
  • elb:members:list
  • elb:members:update
  • elb:pools:create
  • elb:pools:delete
  • elb:pools:update
  • elb:pools:show
  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get
  • vpcep:endpoints:create
  • vpcep:endpoints:delete
  • vpcep:endpoints:get

PUT /v2/{project_id}/sites/{site_id}/subnet-ids

workspace:sites:updateSubnets

  • vpc:subnets:get
  • vpc:subnets:update
  • vpc:vpcs:get

GET /v2/{project_id}/tenants/lock-status

workspace:tenants:getLockStatus

-

PUT /v2/{project_id}/tenants/lock-status

workspace:tenants:unlock

-

POST /v2/{project_id}/workspaces/enterprise-ids/check

workspace:tenants:checkEnterpriseIds

-

PUT /v2/{project_id}/workspaces/enterprise-id

workspace:tenants:updateEnterpriseId

-

POST /v2/{project_id}/bandwidths

workspace:bandwidth:create

-

GET /v2/{project_id}/bandwidths

workspace:bandwidth:list

-

POST /v2/{project_id}/bandwidths/{bandwidth_id}/update

workspace:bandwidth:update

-

DELETE /v2/{project_id}/bandwidths/{bandwidth_id}

workspace:bandwidth:delete

-

GET /v2/{project_id}/bandwidths/{bandwidth_id}/control-list

workspace:bandwidth:getControlConfig

-

PUT /v2/{project_id}/bandwidths/{bandwidth_id}/control-list

workspace:bandwidth:updateControlConfig

-

POST /v2/{project_id}/bandwidths/{bandwidth_id}/periodic/change/order

workspace:bandwidth:createChangeOrder

-

POST /v2/{project_id}/adns

workspace:bandwidth:create

-

GET /v2/{project_id}/adns

workspace:bandwidth:list

-

POST /v2/{project_id}/desktops-adn/batch-delete

workspace:bandwidth:delete

-

POST /v2/{project_id}/snapshots/batch-create

workspace:desktops:batchCreateSnapshots

-

POST /v2/{project_id}/snapshots/batch-delete

workspace:desktops:batchDeleteSnapshots

-

POST /v2/{project_id}/snapshots/batch-restore

workspace:desktops:batchRestoreSnapshots

-

GET /v2/{project_id}/snapshots

workspace:desktops:listSnapshots

-

POST /v2/{project_id}/verification/desktop-name

workspace:desktops:verifyDesktopName

-

GET /v2/{project_id}/subnets/{subnet_id}/available-ip

workspace:networks:getAvailableIp

-

GET /v2/{project_id}/ad/status

workspace:desktops:getAdStatus

-

GET /v2/{project_id}/ip-exist

workspace:networks:checkIpIfExist

-

POST /v2/{project_id}/desktops/check-images

workspace:images:checkIfExist

ims:images:list

GET /v2/{project_id}/hosts/{host_id}/servers

workspace:wdh:listDesktops

-

PUT /v2/{project_id}/hosts

workspace:wdh:update

-

GET /v2/{project_id}/terminals/binding-desktops/template

workspace:bindingPolicies:getTemplate

-

POST /v2/{project_id}/terminals/binding-desktops/template/import

workspace:bindingPolicies:import

-

GET /v2/{project_id}/terminals/binding-desktops/template/export

workspace:bindingPolicies:export

-

GET /v2/{project_id}/desktops/statistics/run-state

workspace:statistics:getRunState

-

GET /v2/{project_id}/desktops/statistics/login-state

workspace:statistics:getLoginState

-

GET /v2/{project_id}/subnets/using-subnets

workspace:networks:getUsingSubnets

-

GET /v2/{project_id}/ports

workspace:networks:listPorts

-

GET /v2/{project_id}/render-desktops/{desktop_id}/remote-consoles

workspace:renderDesktops:createConsole

-

PUT /v2/{project_id}/render-desktops/resize

workspace:renderDesktops:resize

-

POST /v2/{project_id}/exclusive-hosts/{host_id}/resize-lites

workspace:exclusiveHosts:resizeLites

-

GET /services/v2/{project_id}/desktops/{desktop_id}

workspace:desktops:get

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

GET /v2/{project_id}/desktop-monitor/{desktop_id}

workspace:desktops:getMonitor

ces:metricData:get

GET /v2/{project_id}/desktops/export

workspace:desktops:export

  • vpc:ports:get
  • vpc:ports:list
  • vpc:securityGroups:get
  • eip:publicIps:list
  • nat:snatRules:list

GET /v2/{project_id}/desktops/{desktop_id}/detach-info

workspace:desktops:listDetachInfo

-

GET /v2/{project_id}/desktops/{desktop_id}/sysprep

workspace:desktops:getSysprepVersion

-

POST /v2/{project_id}/internet

workspace:networks:createNat

  • vpc:ports:delete
  • vpc:ports:get
  • vpc:networks:get
  • eip:publicIps:create
  • eip:publicIps:update
  • eip:publicIps:delete
  • nat:snatRules:list
  • nat:snatRules:create
  • nat:natGateways:list
  • nat:natGateways:create

GET /v2/{project_id}/internet

workspace:networks:listNats

  • vpc:subnets:get
  • vpc:vpcs:get
  • nat:snatRules:list
  • nat:natGateways:list

POST /v2/{project_id}/quotas/check

workspace:quotas:check

-

GET /v2/{project_id}/subnets

workspace:networks:listSubnets

  • vpc:subnets:list
  • vpc:subnets:get

GET /v2/{project_id}/vpcs

workspace:networks:listVpcs

vpc:vpcs:list

POST /v2/{project_id}/policy-groups/policy-template

workspace:policyGroups:createTemplate

-

GET /v1/{project_id}/policy-templates

workspace:policyGroups:listTemplate

-

PUT /v2/{project_id}/policy-groups/policy-template/{policy_group_id}

workspace:policyGroups:updateTemplate

-

GET /v2/{project_id}/security-groups

workspace:networks:listSecurityGroups

-

GET /v2/{project_id}/availability-zones/summary

workspace:availabilityZones:getSummary

-

GET /v2/{project_id}/availability-zones/detail

workspace:availabilityZones:get

-

POST /v2/{project_id}/users/desktop-users/action/import

workspace:users:importUser

-

POST /v2/{project_id}/users/template-upload

workspace:users:uploadTemplate

-

PUT /v2/{project_id}/access-policy/{access_policy_id}

workspace:accessPolicies:update

-

POST /v2/{project_id}/desktops/{desktop_id}/verify-source

workspace:desktops:verifySource

-

GET /v2/{project_id}/desktops/networks

workspace:desktops:listDesktopNetworks

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:networks:get
  • vpc:ports:get
  • vpc:securityGroups:get
  • eip:publicIps:list

POST /v2/{project_id}/desktops/networks/batch-change

workspace:desktops:batchChangeNetwork

  • vpc:vpcs:get
  • vpc:subnets:get
  • vpc:networks:get
  • vpc:ports:get
  • vpc:ports:create
  • vpc:ports:update
  • vpc:ports:delete
  • vpc:securityGroups:get
  • eip:publicIps:list
  • eip:publicIps:associateInstance
  • eip:publicIps:disassociateInstance

GET /v2/{project_id}/workspace-jobs/{job_id}

workspace:jobs:get

-

POST /v2/{project_id}/ip/import

workspace:accessPolicies:importIp

-

GET /v2/{project_id}/ip/template/download

workspace:accessPolicies:getIpImportTemplate

-

GET /v2/{project_id}/wks-edge-sites

workspace:sites:listEdgeSites

  • ies:edgeSite:list
  • ies:edgeSite:getMetricData

POST /v2/{project_id}/check-edge-site-resources

workspace:sites:checkEdgeSiteResources

  • ies:edgeSite:list
  • ies:edgeSite:getMetricData

GET /v2/{project_id}/ad-ous

workspace:ou:listAdOus

-

GET /v2/{project_id}/ou-users

workspace:ou:listOuUsers

-

POST /v2/{project_id}/ou-users/import

workspace:ou:importUsersByOU

-

GET /v1/{project_id}/app-groups

workspace:appGroup:list

-

POST /v1/{project_id}/app-groups

workspace:appGroup:create

-

DELETE /v1/{project_id}/app-groups/{app_group_id}

workspace:appGroup:delete

-

GET /v1/{project_id}/app-groups/{app_group_id}

workspace:appGroup:get

-

PATCH /v1/{project_id}/app-groups/{app_group_id}

workspace:appGroup:update

-

GET /v1/{project_id}/app-groups/{app_group_id}/apps

workspace:app:listPublishedApp

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps

workspace:app:publish

-

GET /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}

workspace:app:get

-

PATCH /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}

workspace:app:update

-

DELETE /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}/icon

workspace:app:deleteIcon

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/{app_id}/icon

workspace:app:uploadIcon

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/actions/check

workspace:app:check

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/actions/disable

workspace:app:batchDisable

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/actions/enable

workspace:app:batchEnable

-

POST /v1/{project_id}/app-groups/{app_group_id}/apps/batch-unpublish

workspace:app:unpublish

-

GET /v1/{project_id}/app-groups/{app_group_id}/publishable-app

workspace:appGroup:listPublishableApp

-

POST /v1/{project_id}/app-groups/actions/batch-delete-authorization

workspace:appGroup:batchDeleteAuthorization

-

POST /v1/{project_id}/app-groups/actions/disassociate-app-group

workspace:appGroup:disassociate

-

GET /v1/{project_id}/app-groups/actions/list-authorizations

workspace:appGroup:listAuthorization

-

POST /v1/{project_id}/app-groups/authorizations

workspace:appGroup:addAuthorization

-

POST /v1/{project_id}/app-groups/batch-delete

workspace:appGroup:batchDelete

-

POST /v1/{project_id}/app-groups/rules/validate

workspace:appGroup:check

-

GET /v1/{project_id}/app-server-groups

workspace:serverGroup:list

-

POST /v1/{project_id}/app-server-groups

workspace:serverGroup:create

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

DELETE /v1/{project_id}/app-server-groups/{server_group_id}

workspace:serverGroup:delete

-

GET /v1/{project_id}/app-server-groups/{server_group_id}

workspace:serverGroup:get

-

PATCH /v1/{project_id}/app-server-groups/{server_group_id}

workspace:serverGroup:update

ims:images:list

GET /v1/{project_id}/app-server-groups/{server_group_id}/state

workspace:serverGroup:getServerState

-

GET /v1/{project_id}/app-server-groups/actions/list

workspace:serverGroup:listDetail

-

GET /v1/{project_id}/app-server-groups/resources/restrict

workspace:serverGroup:getRestrict

-

POST /v1/{project_id}/app-server-groups/rules/validate

workspace:serverGroup:validate

-

POST /v1/{project_id}/server-group/{server_group_id}/tags/create

workspace:serverGroup:tagResource

-

DELETE /v1/{project_id}/server-group/{server_group_id}/tags/delete

workspace:serverGroup:unTagResource

-

GET /v1/{project_id}/server-group/{server_group_id}/tags

workspace:serverGroup:listTagsForResource

-

GET /v1/{project_id}/server-group/tags

workspace:serverGroup:listTags

-

POST /v1/{project_id}/server-group/tags/batch-create

workspace:serverGroup:batchCreateTags

-

DELETE /v1/{project_id}/server-group/tags/batch-delete

workspace:serverGroup:batchDeleteTags

-

GET /v1/{project_id}/app-servers

workspace:server:list

-

DELETE /v1/{project_id}/app-servers/{server_id}

workspace:server:delete

  • iam:roles:listRoles
  • vpc:ports:delete
  • vpc:ports:get

GET /v1/{project_id}/app-servers/{server_id}

workspace:server:get

-

PATCH /v1/{project_id}/app-servers/{server_id}

workspace:server:update

-

POST /v1/{project_id}/app-servers/{server_id}/actions/change-image

workspace:server:changeImage

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

POST /v1/{project_id}/app-servers/{server_id}/actions/reinstall

workspace:server:reinstall

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

GET /v1/{project_id}/app-servers/{server_id}/actions/vnc

workspace:server:getVncUrl

-

GET /v1/{project_id}/app-servers/access-agent/upgrade-record

workspace:accessAgent:list

-

PATCH /v1/{project_id}/app-servers/access-agent/actions/upgrade

workspace:accessAgent:batchUpgrade

-

GET /v1/{project_id}/app-servers/access-agent/latest-version

workspace:accessAgent:listLatestVersion

-

GET /v1/{project_id}/app-servers/access-agent/list

workspace:server:listAccessAgentDetails

-

GET /v1/{project_id}/app-servers/access-agent/upgrade-flag

workspace:accessAgent:getUpgradeFlag

-

PATCH /v1/{project_id}/app-servers/access-agent/upgrade-flag

workspace:accessAgent:updateUpgradeFlag

-

GET /v1/{project_id}/app-servers/access-agent/upgrade-record

workspace:accessAgent:listUpgradeRecords

-

POST /v1/{project_id}/app-servers/actions/batch-delete

workspace:server:batchDelete

  • iam:roles:listRoles
  • vpc:ports:delete
  • vpc:ports:get

PATCH /v1/{project_id}/app-servers/actions/batch-maint

workspace:server:batchChangeMaintainMode

-

PATCH /v1/{project_id}/app-servers/actions/batch-reboot

workspace:server:batchReboot

-

PATCH /v1/{project_id}/app-servers/actions/batch-rejoin-domain

workspace:server:batchRejoinDomain

-

PATCH /v1/{project_id}/app-servers/actions/batch-start

workspace:server:batchStart

-

PATCH /v1/{project_id}/app-servers/actions/batch-stop

workspace:server:batchStop

-

PATCH /v1/{project_id}/app-servers/actions/batch-update-tsvi

workspace:server:batchUpdateTsvi

  • vpc:subnets:get
  • vpc:ports:update

POST /v1/{project_id}/app-servers/actions/create

workspace:server:create

  • ims:images:list
  • ims:images:updateMemberStatus
  • ims:images:share
  • ims:images:get
  • vpc:securityGroups:get
  • vpc:securityGroupRules:get
  • vpc:networks:get
  • vpc:subnets:get
  • vpc:ports:create
  • vpc:ports:get
  • vpc:ports:delete
  • vpc:vpcs:get
  • dss:pools:list

PATCH /v1/{project_id}/app-servers/hosts/batch-migrate

workspace:server:batchMigrateHosts

-

GET /v1/{project_id}/app-servers/metric-data/{server_id}

workspace:server:getMetricData

-

GET /v1/{project_id}/app-server-sub-jobs

workspace:jobs:listSubJobs

-

POST /v1/{project_id}/app-server-sub-jobs/actions/batch-delete

workspace:jobs:batchDeleteSubJobs

-

GET /v1/{project_id}/app-server-sub-jobs/actions/count

workspace:jobs:countSubJobs

-

POST /v1/{project_id}/app-warehouse/action/authorize

workspace:appWarehouse:authorizeObs

  • obs:bucket:GetBucketAcl
  • obs:object:PutObject
  • obs:object:DeleteObject

POST /v1/{project_id}/app-warehouse/actions/batch-delete

workspace:appWarehouse:batchDeleteApp

  • obs:bucket:HeadBucket
  • obs:object:DeleteObject

GET /v1/{project_id}/app-warehouse/apps

workspace:appWarehouse:ListWarehouseApps

-

POST /v1/{project_id}/app-warehouse/apps

workspace:appWarehouse:createApp

-

DELETE /v1/{project_id}/app-warehouse/apps/{id}

workspace:appWarehouse:deleteApp

  • obs:bucket:HeadBucket
  • obs:object:DeleteObject

POST /v1/{project_id}/app-warehouse/apps/icon

workspace:appWarehouse:uploadAppIcon

obs:object:PutObject

POST /v1/{project_id}/app-warehouse/bucket-and-acl/create

workspace:appWarehouse:createBucketOrAcl

  • obs:bucket:GetBucketAcl
  • obs:bucket:HeadBucket
  • obs:bucket:PutBucketAcl
  • obs:bucket:PutReplicationConfiguration
  • obs:bucket:CreateBucket
  • obs:bucket:PutBucketCORS

GET /v1/{project_id}/check/quota

workspace:quotas:get

-

GET /v1/{project_id}/image-server-jobs

workspace:images:listImageJobs

-

GET /v1/{project_id}/image-server-jobs/{job_id}

workspace:images:getImageJob

-

GET /v1/{project_id}/image-servers

workspace:imageServer:list

-

POST /v1/{project_id}/image-servers

workspace:imageServer:create

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

GET /v1/{project_id}/image-servers/{server_id}

workspace:imageServer:get

-

PATCH /v1/{project_id}/image-servers/{server_id}

workspace:imageServer:update

-

POST /v1/{project_id}/image-servers/{server_id}/actions/attach-app

workspace:imageServer:attachApp

-

GET /v1/{project_id}/image-servers/{server_id}/actions/latest-attached-app

workspace:imageServer:listLatestAttachedApp

-

POST /v1/{project_id}/image-servers/{server_id}/actions/recreate-image

workspace:imageServer:recreate

  • vpc:ports:get
  • vpc:subnets:get
  • ims:quotas:get
  • ims:images:get
  • ims:images:list
  • ims:images:setTags
  • ims:images:setOrDeleteTags
  • ims:images:updateMemberStatus
  • ims:images:copyInRegion
  • ims:serverImages:create

PATCH /v1/{project_id}/image-servers/actions/batch-delete

workspace:imageServer:batchDelete

-

GET /v1/{project_id}/image-server-sub-jobs

workspace:imageServer:listImageSubJobs

-

PATCH /v1/{project_id}/image-server-sub-jobs/actions/batch-delete

workspace:imageServer:batchDeleteImageSubJobs

-

GET /v1/{project_id}/image-server-sub-jobs/actions/count

workspace:imageServer:countImageSubJobs

-

GET /v2/{project_id}/job/{job_id}

workspace:jobs:get

-

GET /v1/{project_id}/mails

workspace:appGroup:listMailRecord

-

POST /v1/{project_id}/mails/actions/send

workspace:appGroup:resendMail

-

POST /v1/{project_id}/mails/actions/send

workspace:appGroup:resendMail

-

GET /v1/{project_id}/persistent-storages

workspace:storage:listPersistentStorage

-

POST /v1/{project_id}/persistent-storages

workspace:storage:createPersistentStorage

  • obs:bucket:HeadBucket
  • obs:bucket:PutBucketPolicy
  • obs:bucket:PutBucketAcl
  • obs:bucket:PutBucketCORS

DELETE /v1/{project_id}/persistent-storages/{storage_id}

workspace:storage:deletePersistentStorage

  • obs:object:GetObject
  • obs:object:DeleteObject

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/assign-folder

workspace:storage:updateUserFolderAssignment

-

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/assign-share-folder

workspace:storage:updateShareFolderAssignment

-

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/create-share-folder

workspace:storage:createShareFolder

  • obs:object:GetObject
  • obs:object:PutObject

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/delete-storage-claim

workspace:storage:deleteStorageClaim

obs:object:DeleteObject

POST /v1/{project_id}/persistent-storages/{storage_id}/actions/delete-user-attachment

workspace:storage:deleteUserStorageAttachment

obs:object:DeleteObject

POST /v1/{project_id}/persistent-storages/actions/batch-delete

workspace:storage:batchDeletePersistentStorage

-

GET /v1/{project_id}/persistent-storages/actions/list-attachments

workspace:storage:listStorageAssignment

-

GET /v1/{project_id}/persistent-storages/actions/list-share-folders

workspace:storage:listShareFolder

-

GET /v1/{project_id}/policy-groups/{policy_group_id}

workspace:policyGroups:get

-

GET /v2/{project_id}/policy-groups/{policy_group_id}/policies

workspace:policyGroups:listPolicies

-

GET /v1/{project_id}/policy-groups/{policy_group_id}/target

workspace:policyGroups:listTargets

-

GET /v2/{project_id}/policy-groups/detail

workspace:policyGroups:listDetail

-

GET /v1/{project_id}/policy-templates

workspace:policyGroups:listTemplate

-

DELETE /v1/{project_id}/policy-templates/{policy_template_id}

workspace:policyGroups:deleteTemplate

-

PATCH /v1/{project_id}/policy-templates/{policy_template_id}

workspace:policyGroups:updateTemplate

-

GET /v1/{project_id}/privacy-statement

workspace:privacystatements:get

-

DELETE /v1/{project_id}/scaling-policy

workspace:scalingPolicy:delete

-

GET /v1/{project_id}/scaling-policy

workspace:scalingPolicy:list

-

PUT /v1/{project_id}/scaling-policy

workspace:scalingPolicy:create

-

GET /v2/{project_id}/scheduled-tasks/{task_id}/records

workspace:scheduledTasks:list

-

POST /v2/{project_id}/scheduled-tasks

workspace:scheduledTasks:create

-

GET /v2/{project_id}/scheduled-tasks/{task_id}/records/{record_id}

workspace:scheduledTasks:getRecord

-

DELETE /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:delete

-

POST /v2/{project_id}/scheduled-tasks/future-executions

workspace:scheduledTasks:get

-

PUT /v2/{project_id}/scheduled-tasks/{task_id}

workspace:scheduledTasks:update

-

GET /v2/{project_id}/scheduled-tasks/{task_id}/records

workspace:scheduledTasks:listRecords

-

POST /v2/{project_id}/scheduled-tasks/batch-delete

workspace:scheduledTasks:batchDelete

-

POST /v1/{project_id}/session/app-connection

workspace:session:listAppConnection

-

POST /v1/{project_id}/session/logoff

workspace:session:logoffUserSession

-

POST /v1/{project_id}/session/user-connection

workspace:session:listUserConnection

-

GET /v1/{project_id}/session/user-session-info

workspace:session:listSessionByUserName

-

PUT /v1/{project_id}/storages-policy/actions/create-statements

workspace:storagePolicy:create

-

GET /v1/{project_id}/storages-policy/actions/list-statements

workspace:storagePolicy:list

-

GET /v2/{project_id}/users

workspace:users:list

-

GET /v1/persistent-storages/actions/list-sfs-storages

workspace:storage:listSfs3Storage

  • obs:bucket:ListBucket
  • obs:bucket:GetBucketStorage
  • obs:bucket:ListAllMyBuckets

GET /v1/{project_id}/availability-zone

workspace:baseResource:list

ecs:availabilityZones:list

POST /v1/{project_id}/bundles/batch-query-config-info

workspace:tenants:listConfigInfo

-

GET /v1/{project_id}/product

workspace:baseResource:list

-

GET /v1/{project_id}/product

workspace:baseResource:list

-

POST /v1/{project_id}/tenant/action/active

workspace:tenants:active

-

GET /v1/{project_id}/tenant/profile

workspace:tenants:listTenantProfile

-

GET /v1/{project_id}/volume-type

workspace:baseResource:list

-

GET /v1/{project_id}/app-servers/server-metric-data/{server_id}

workspace:server:listServerMetricData

-

GET /v1/{project_id}/session/list-sessions

workspace:session:listSessions

-

PATCH /v1/{project_id}/app-warehouse/apps/{id}

workspace:appWarehouse:updateApp

-

POST /v1/{project_id}/app-servers/actions/batch-change-image

workspace:server:batchChangeImage

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

POST /v1/{project_id}/app-servers/actions/batch-reinstall

workspace:server:batchReinstall

  • ims:images:list
  • vpc:ports:get
  • vpc:subnets:get

资源类型(Resource)

资源类型(Resource)表示SCP所作用的资源。如表3中的某些操作指定了可以在该操作指定的资源类型,则必须在具有该操作的SCP语句中指定该资源的URN,SCP仅作用于此资源;如未指定,Resource默认为“*”,则SCP将应用到所有资源。您也可以在SCP中设置条件,从而指定资源类型。

云桌面Workspace定义了以下可以在SCP的Resource元素中使用的资源类型。

表3 云桌面支持的资源类型

资源类型

描述

URN

desktop

桌面

workspace:<region>:<account-id>:desktop:<desktop-id>

desktopPool

桌面池

workspace:<region>:<account-id>:desktopPool:<pool-id>

wdh

云办公主机

workspace:<region>:<account-id>:wdh:<wdh-id>

exclusiveHost

专享主机

workspace:<region>:<account-id>:exclusiveHost:<host-id>

user

用户

workspace:<region>:<account-id>:user:<user-id>

userGroup

用户组

workspace:<region>:<account-id>:userGroup:<group-id>

policyGroup

策略组

workspace:<region>:<account-id>:policyGroup:<policy-group-id>

script

脚本

workspace:<region>:<account-id>:script:<script-id>

scheduledTask

定时任务

workspace:<region>:<account-id>:scheduledTask:<task-id>

server

应用服务器

workspace:<region>:<account-id>:server:<server-id>

serverGroup

应用服务器组

workspace:<region>:<account-id>:serverGroup:<server-group-id>

app

应用

workspace:<region>:<account-id>:app:<app-id>

appGroup

应用组

workspace:<region>:<account-id>:appGroup:<app-group-id>

imageServer

应用镜像服务器

workspace:<region>:<account-id>:imageServer:<image-server-id>

storage

存储

workspace:<region>:<account-id>:storage:<storage-id>

条件(Condition)

条件键(Condition)是SCP生效的特定条件,包括条件键运算符

  • 条件键表示SCP语句的Condition元素中的键值。根据适用范围,分为全局级条件键和服务级条件键。
    • 全局级条件键(前缀为g:)适用于所有操作,在鉴权过程中,云服务不需要提供用户身份信息,系统将自动获取并鉴权。详情请参见:全局条件键
    • 服务级条件键(前缀通常为服务缩写,如workspace:)仅适用于对应服务的操作,详情请参见表4
    • 单值/多值表示API调用时请求中与条件关联的值数。单值条件键在API调用时的请求中最多包含一个值,多值条件键在API调用时请求可以包含多个值。例如:g:SourceVpce是单值条件键,表示仅允许通过某个VPC终端节点发起请求访问某资源,一个请求最多包含一个VPC终端节点ID值。g:TagKeys是多值条件键,表示请求中携带的所有标签的key组成的列表,当用户在调用API请求时传入标签可以传入多个值。
  • 运算符与条件键、条件值一起构成完整的条件判断语句,当请求信息满足该条件时,SCP才能生效。支持的运算符请参见:运算符

云桌面定义了以下可以在SCP的Condition元素中使用的条件键,您可以使用这些条件键进一步细化SCP语句应用的条件。

表4 云桌面支持的服务级条件键

服务级条件键

类型

单值/多值

说明

workspace:AccessMode

string

多值

根据请求参数中指定的接入方式过滤访问,有效的条件值应为INTERNET、DEDICATED、BOTH。

workspace:CreateOrderType

string

FALSE

根据请求参数中指定的创建订单类型过滤访问,有效的条件值应为createDesktops、addVolumes、createDehHosts、rebuildDesktops、createDesktopPool、expandDesktopPool、applyDesktopsInternet、createExclusiveHosts、subscribeUserSharer、createApps。

workspace:ChangeOrderType

string

FALSE

根据请求参数中指定的变更订单类型过滤访问,有效的条件值应为resizeDesktops、expandVolumes、meteredToPeriod、ADD_VOLUME、EXTEND_VOLUME、RESIZE、CHANGE_IMAGE、ADD_SUB_RESOURCES、DELETE_SUB_RESOURCES。

workspace:AssociatePublicIp

boolean

FALSE

按照关联eip开关值筛选桌面绑定eip的权限。

相关文档