函数工作流 FunctionGraph
云服务在IAM预置了常用授权项,称为系统身份策略。如果IAM系统身份策略无法满足授权要求,管理员可以根据各服务支持的授权项,创建IAM自定义身份策略来进行精细的访问控制,IAM自定义身份策略是对系统身份策略的扩展和补充。
除IAM服务外,Organizations服务中的服务控制策略(Service Control Policy,以下简称SCP)也可以使用这些授权项元素设置访问控制策略。
SCP不直接进行授权,只划定权限边界。将SCP绑定到组织单元或者成员账号时,并没有直接对组织单元或成员账号授予操作权限,而是规定了成员账号或组织单元包含的成员账号的授权范围。IAM身份策略授予权限的有效性受SCP限制,只有在SCP允许范围内的权限才能生效。
IAM服务与Organizations服务在使用这些元素进行访问控制时,存在着一些区别,详情请参见:IAM服务与Organizations服务权限访问控制的区别。
本章节介绍IAM服务身份策略授权场景中自定义身份策略和组织服务中SCP使用的元素,这些元素包含了操作(Action)、资源(Resource)和条件(Condition)。
操作(Action)
操作(Action)即为身份策略中支持的授权项。
- “访问级别”列描述如何对操作进行分类(List、Read和Write等)。此分类可帮助您了解在身份策略中相应操作对应的访问级别。
- “资源类型”列指每个操作是否支持资源级权限。
- 资源类型支持通配符号*表示所有。如果此列没有值(-),则必须在身份策略语句的Resource元素中指定所有资源类型(“*”)。
- 如果该列包含资源类型,则必须在具有该操作的语句中指定该资源的URN。
- 资源类型列中必需资源在表中用星号(*)标识,表示使用此操作必须指定该资源类型。
关于定义的资源类型的详细信息请参见资源类型(Resource)。
- “条件键”列包括了可以在身份策略语句的Condition元素中支持指定的键值。
- 如果该授权项资源类型列存在值,则表示条件键仅对列举的资源类型生效。
- 如果该授权项资源类型列没有值(-),则表示条件键对整个授权项生效。
- 如果此列条件键没有值(-),表示此操作不支持指定条件键。
关于定义的条件键的详细信息请参见条件(Condition)。
- “别名”列包括了可以在身份策略中配置的策略授权项。通过这些授权项,可以控制支持策略授权的API访问。详细信息请参见身份策略兼容性说明。
您可以在身份策略语句的Action元素中指定以下的相关操作。
|
授权项 |
描述 |
访问级别 |
资源类型(*为必须) |
条件键 |
别名 |
|---|---|---|---|---|---|
|
functiongraph:function:createFunction |
授予权限以创建函数。 |
Write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:deleteFunction |
授予权限以删除函数。 |
Write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:listFunctions |
授予权限以查询函数列表。 |
List |
function * |
|
|
|
- |
|||||
|
functiongraph:function:getFunctionCode |
授予权限以获取指定函数代码信息。 |
Read |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updateFunctionCode |
授予权限以修改指定的函数的代码。 |
Write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:getFunctionConfig |
授予权限以获取指定函数的metadata。 |
Read |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updateFunctionConfig |
授予权限以修改指定的函数的metadata信息。 |
Write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updateMaxInstanceConfig |
授予权限以更新函数最大实例数。 |
Write |
function * |
|
|
|
- |
|||||
|
functiongraph:function:updateSnapshot |
授予权限以启动/禁用函数快照。 |
Write |
function * |
|
|
|
functiongraph:function:getSnapshotState |
授予权限以查询函数快照制作状态。 |
Read |
function * |
|
|
|
functiongraph:function:createUrl |
授予权限以创建函数URL。 |
Write |
function * |
|
|
|
functiongraph:function:deleteUrl |
授予权限以删除函数URL。 |
Write |
function * |
|
|
|
functiongraph:function:updateUrl |
授予权限以更新函数URL。 |
Write |
function * |
|
|
|
functiongraph:function:getUrl |
授予权限以获取指定函数的URL。 |
Read |
function * |
|
|
|
functiongraph::getResourceInstance |
授予权限以查询资源实例。 |
Read |
- |
|
|
|
functiongraph::createTag |
授予权限以创建资源标签。 |
Tagging |
- |
|
|
|
functiongraph::deleteTag |
授予权限以删除资源标签。 |
Tagging |
- |
|
|
|
functiongraph::listTags |
授予权限以获取资源标签列表。 |
List |
- |
|
|
|
functiongraph::createFunctionApp |
授予权限以创建应用程序。 |
Write |
- |
|
|
|
functiongraph::deleteFunctionApp |
授予权限以删除应用程序。 |
Write |
- |
|
|
|
functiongraph::getFunctionApp |
授予权限以查询应用程序详情。 |
Read |
- |
|
|
|
functiongraph::listFunctionApps |
授予权限以查询应用程序列表。 |
List |
- |
|
|
|
functiongraph::getFunctionAppTemplate |
授予权限以查询应用程序模板详情。 |
Read |
- |
|
|
|
functiongraph::listFunctionAppTemplates |
授予权限以查询应用程序模板列表。 |
List |
- |
|
|
|
functiongraph::createVpcEndpoint |
授予权限以创建下沉入口。 |
Write |
- |
|
|
|
functiongraph::deleteVpcEndpoint |
授予权限以删除下沉入口。 |
Write |
- |
|
|
|
functiongraph:function:export |
授予权限以导出函数。 |
Read |
function * |
|
|
|
functiongraph:function:import |
授予权限以导入函数。 |
Write |
function * |
|
|
|
functiongraph::exportPackage |
授予权限以导出函数应用。 |
Read |
- |
|
|
|
functiongraph::importPackage |
授予权限以导入函数应用。 |
Write |
- |
|
|
|
functiongraph:function:createVersion |
授予权限以发布函数版本。 |
Write |
function * |
- |
|
|
functiongraph:function:listVersion |
授予权限以获取指定函数的版本列表。 |
List |
function * |
- |
|
|
functiongraph:function:createAlias |
授予权限以创建函数灰度版本别名。 |
Write |
function * |
- |
|
|
functiongraph:function:deleteAlias |
授予权限以删除函数版本别名。 |
Write |
function * |
- |
|
|
functiongraph:function:listAlias |
授予权限以获取指定函数所有版本别名列表。 |
List |
function * |
- |
|
|
functiongraph:function:getAlias |
授予权限以获取函数版本指定别名信息。 |
Read |
function * |
- |
|
|
functiongraph:function:updateAlias |
授予权限以修改函数版本别名信息。 |
Write |
function * |
- |
|
|
functiongraph::listQuota |
授予权限以查询租户配额。 |
List |
- |
- |
|
|
functiongraph:dependency:createDependency |
授予权限以创建依赖包。 |
Write |
- |
- |
|
|
functiongraph:dependency:deleteDependency |
授予权限以删除依赖包。 |
Write |
- |
- |
|
|
functiongraph:dependency:listDependencies |
授予权限以获取依赖包列表。 |
List |
- |
- |
|
|
functiongraph:dependency:getDependency |
授予权限以获取指定依赖包信息。 |
Read |
- |
- |
|
|
functiongraph:dependency:updateDependency |
授予权限以更新指定依赖包信息。 |
Write |
- |
- |
|
|
functiongraph:dependency:createDependencyVersion |
授予权限以创建依赖包版本。 |
Write |
- |
- |
|
|
functiongraph:dependency:deleteDependencyVersion |
授予权限以删除依赖包版本。 |
Write |
- |
- |
|
|
functiongraph:dependency:listDependencyVersion |
授予权限以获取依赖包版本列表。 |
List |
- |
- |
|
|
functiongraph:dependency:getDependencyVersion |
授予权限以获取依赖包版本详细信息。 |
Read |
- |
- |
|
|
functiongraph:function:createEvent |
授予权限以创建测试事件。 |
Write |
function * |
|
|
|
functiongraph:function:deleteEvent |
授予权限以删除指定测试事件。 |
Write |
function * |
|
|
|
functiongraph:function:updateEvent |
授予权限以更新函数测试事件。 |
Write |
function * |
|
|
|
functiongraph:function:listEvent |
授予权限以获取函数测试事件列表。 |
List |
function * |
|
|
|
functiongraph:function:getEvent |
授予权限以获取函数测试事件详细信息。 |
Read |
function * |
|
|
|
functiongraph:function:getTracing |
授予权限以获取函数调用链配置。 |
Read |
function * |
|
|
|
functiongraph:function:updateTracing |
授予权限以更新函数调用链配置。 |
Write |
function * |
|
|
|
functiongraph::listFunctionByMetric |
授予权限以按指定指标获取函数列表。 |
List |
- |
- |
|
|
functiongraph:function:listFunctionStatistics |
授予权限以获取指定时间段的函数运行指标。 |
List |
function * |
|
|
|
functiongraph::listStatistics |
授予权限以获取租户函数统计信息。 |
List |
- |
- |
|
|
functiongraph:function:getReservedInstanceMetrics |
授予权限以查询函数预留实例使用情况指标。 |
Read |
function * |
|
|
|
functiongraph::enableLtsLogs |
授予权限以开通lts日志上报功能。 |
Write |
- |
- |
|
|
functiongraph:function:getLtsLogConfiguration |
授予权限以获取指定函数的lts日志组日志流配置。 |
Read |
function * |
|
|
|
functiongraph:function:updateReservedInstanceCount |
授予权限以修改函数预留实例数量。 |
Write |
function * |
|
|
|
functiongraph::listReservedInstanceCount |
授予权限以获取函数预留实例数量。 |
List |
- |
- |
|
|
functiongraph::listReservedInstanceConfig |
授予权限以获取函数预留实例配置列表。 |
List |
function |
|
|
|
functiongraph::getReservedInstanceState |
授予权限以获取函数预留实例状态。 |
Read |
- |
- |
|
|
functiongraph:function:invokeAsync |
授予权限以异步执行函数。 |
Write |
function * |
- |
|
|
functiongraph:function:invokeSync |
授予权限以同步执行函数。 |
Write |
function * |
|
|
|
functiongraph:function:invokeReservedFunctionAsync |
授予权限以函数异步执行并返回预留实例ID。 |
Write |
function * |
|
|
|
functiongraph:function:stopAsyncInvoke |
授予权限以停止函数异步调用请求。 |
Write |
function * |
|
|
|
functiongraph:function:listAsyncInvocation |
授予权限以获取函数异步调用请求列表。 |
List |
function * |
|
|
|
functiongraph:function:deleteAsyncInvokeConfig |
授予权限以删除函数异步配置信息。 |
Write |
function * |
|
|
|
functiongraph:function:updateAsyncInvokeConfig |
授予权限以设置函数异步配置信息。 |
Write |
function * |
|
|
|
functiongraph:function:listAsyncInvokeConfig |
授予权限以获取指定函数所有版本的异步配置列表。 |
List |
function * |
|
|
|
functiongraph:function:getAsyncInvokeConfig |
授予权限以获取指定函数某一版本的异步配置信息。 |
Read |
function * |
|
|
|
functiongraph::updateAsyncStatusLog |
授予权限以允许异步状态通知。 |
Write |
- |
- |
|
|
functiongraph::getAsyncStatusLogInfo |
授予权限以查询异步日志详情。 |
Read |
- |
- |
|
|
functiongraph:function:listActiveAsyncInvocations |
授予权限以获取函数异步调用活跃请求列表。 |
List |
function * |
|
|
|
functiongraph:trigger:createTrigger |
授予权限以创建触发器。 |
Write |
function * |
|
|
|
functiongraph:trigger:delete |
授予权限以删除触发器。 |
Write |
trigger * |
- |
|
|
functiongraph:trigger:update |
授予权限以更新触发器。 |
Write |
function * |
|
|
|
functiongraph:trigger:list |
授予权限以获取指定函数的所有触发器。 |
List |
function * |
|
|
|
functiongraph:trigger:get |
授予权限以获取指定触发器的信息。 |
Read |
trigger * |
- |
|
|
functiongraph:trigger:batchDelete |
授予权限以删除指定函数的所有触发器。 |
Write |
function * |
|
|
|
functiongraph::listObsNotifications |
授予权限以获取指定OBS桶的所有通知配置。 |
Read |
- |
- |
|
|
functiongraph::listObsBucket |
授予权限以获取OBS桶列表。 |
List |
- |
- |
|
|
functiongraph:workflow:create |
授予权限以创建函数流。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:delete |
授予权限以删除函数流。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:update |
授予权限以修改指定函数流实例的元数据。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:list |
授予权限以查询函数流。 |
List |
workflow * |
|
|
|
functiongraph:workflow:getConfig |
授予权限以获取指定函数流实例的元数据。 |
Read |
workflow * |
|
|
|
functiongraph:workflow:invoke |
授予权限以异步执行方式启动函数流。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:invokeSync |
授予权限以同步执行方式启动函数流。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:terminate |
授予权限以停止函数流。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:retry |
授予权限以重试函数流。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:listExecutions |
授予权限以获取指定函数流执行实例列表。 |
List |
workflow * |
|
|
|
functiongraph:workflow:getExecutionDetail |
授予权限以获取指定函数流执行实例。 |
Read |
workflow * |
|
|
|
functiongraph:workflow:getMetric |
授予权限以获取指定函数流指标。 |
Read |
workflow * |
|
|
|
functiongraph:workflow:listMetrics |
授予权限以获取函数流指标。 |
List |
- |
- |
|
|
functiongraph:workflow:downloadOutput |
授予权限以下载函数流节点的执行结果。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:cancel |
授予权限以停止执行函数流。 |
Write |
workflow * |
|
|
|
functiongraph:workflow:metadata |
授予权限以获取函数流元数据。 |
List |
- |
- |
|
API通常对应着一个或多个授权项。表2展示了API与授权项的关系,以及该API需要依赖的授权项。
|
API |
对应的授权项 |
依赖的授权项 |
|---|---|---|
|
POST /v2/{project_id}/fgs/functions |
functiongraph:function:createFunction |
|
|
DELETE /v2/{project_id}/fgs/functions/{function_urn} |
functiongraph:function:deleteFunction |
|
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/config |
functiongraph:function:updateFunctionConfig |
|
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/code |
functiongraph:function:updateFunctionCode |
obs:object:GetObject |
|
GET /v2/{project_id}/fgs/functions |
functiongraph:function:listFunctions |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/config |
functiongraph:function:getFunctionConfig |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/code |
functiongraph:function:getFunctionCode |
- |
|
GET /v2/{project_id}/fgs/public-network-bandwidth |
functiongraph::getPublicNetworkBandwidth |
- |
|
- |
functiongraph::updatePublicNetworkBandwidth |
- |
|
GET /v2/{project_id}/fgs/resource-usage |
functiongraph::getTenantResourceUsage |
- |
|
POST /v2/{project_id}/fgs/functions/{function_urn}/command |
functiongraph::function:createTenantCommanmd |
- |
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/config-max-instance |
functiongraph:function:updateMaxInstanceConfig |
- |
|
POST /v2/{project_id}/fgs/functions/{function_urn}/snapshots/{action} |
functiongraph:function:updateSnapshot |
- |
|
POST /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:createUrl |
- |
|
DELETE /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:deleteUrl |
- |
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:updateUrl |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/function-url |
functiongraph:function:getUrl |
- |
|
POST /v2/{project_id}/{resource_type}/resource-instances/{action} |
functiongraph::getResourceInstance |
- |
|
POST /v2/{project_id}/{resource_type}/{resource_id}/tags/create |
functiongraph::createTag |
- |
|
DELETE /v2/{project_id}/{resource_type}/{resource_id}/tags/delete |
functiongraph::deleteTag |
- |
|
GET /v2/{project_id}/{resource_type}/tags |
functiongraph::listTags |
- |
|
POST /v2/{project_id}/fgs/applications |
functiongraph::createFunctionApp |
- |
|
DELETE /v2/{project_id}/fgs/applications/{id} |
functiongraph::deleteFunctionApp |
- |
|
GET /v2/{project_id}/fgs/applications/{id} |
functiongraph::getFunctionApp |
- |
|
GET /v2/{project_id}/fgs/applications |
functiongraph::listFunctionApps |
- |
|
GET /v2/{project_id}/fgs/application/templates/{id} |
functiongraph::getFunctionAppTemplate |
- |
|
GET /v2/{project_id}/fgs/application/templates |
functiongraph::listFunctionAppTemplates |
- |
|
POST /v2/{project_id}/fgs/vpc-endpoint |
functiongraph::createVpcEndpoint |
- |
|
DELETE /v2/{project_id}/fgs/vpc-endpoint/{vpc_id}/{subnet_id} |
functiongraph::deleteVpcEndpoint |
- |
|
GET /v2/{project_id}/fgs/functions/{func_urn}/download |
functiongraph:function:getFunctionCode |
- |
|
GET /v2/{project_id}/fgs/admins/sysconfig |
functiongraph:function:getFunctionConfig |
- |
|
GET /v2/{project_id}/fgs/domainname/vpc/{vpc_id} |
functiongraph:function:getFunctionConfig |
dns:zone:list |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/servicebridge/relation |
functiongraph:function:listFunctions |
- |
|
POST /v2/{project_id}/fgs/packages |
functiongraph:function:createFunction |
- |
|
DELETE /v2/{project_id}/fgs/packages/{package_name} |
functiongraph:function:deleteFunction |
- |
|
PUT /v2/{project_id}/fgs/packages/{package_name} |
functiongraph:function:createFunction |
- |
|
GET /v2/{project_id}/fgs/packages |
functiongraph:function:listFunctions |
- |
|
PUT /v2/{project_id}/fgs/functions/{func_urn}/collect/{state} |
functiongraph:function:updateFunctionConfig |
- |
|
GET /v2/{project_id}/fgs/template-labels |
functiongraph:function:listFunctions |
- |
|
GET /v2/fgs/template-labels |
functiongraph:function:listFunctions |
- |
|
GET /v2/{project_id}/fgs/templates |
functiongraph:function:listFunctions |
- |
|
GET /v2/{project_id}/fgs/templates/{template_id} |
functiongraph:function:listFunctions |
- |
|
GET /v2/fgs/runtimetypes |
functiongraph:function:listFunctions |
- |
|
GET /v2/fgs/service-trusted-agencies |
functiongraph:function:getFunctionConfig |
- |
|
GET /v2/{project_id}/fgs/feature |
functiongraph:function:getFunctionConfig |
- |
|
POST /v2/{project_id}/fgs/agc/agency/{agency_name} |
functiongraph:function:createFunction |
- |
|
POST /v2/{project_id}/fgs/functions/enable-async-status-logs |
functiongraph::updateAsyncStatusLog |
|
|
GET /v2/{project_id}/fgs/functions/async-status-log-detail |
functiongraph::getAsyncStatusLogInfo |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/active-async-invocations |
functiongraph:function:listActiveAsyncInvocations |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/export |
functiongraph:function:export |
- |
|
POST /v2/{project_id}/fgs/functions/import |
functiongraph:function:import |
- |
|
GET /v2/{project_id}/fgs/packages/{package_name}/export |
functiongraph::exportPackage |
- |
|
POST /v2/{project_id}/fgs/packages/import |
functiongraph::importPackage |
- |
|
POST /v2/{project_id}/fgs/functions/{function_urn}/versions |
functiongraph:function:createVersion |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/versions |
functiongraph:function:listVersion |
- |
|
POST /v2/{project_id}/fgs/functions/{function_urn}/aliases |
functiongraph:function:createAlias |
- |
|
DELETE /v2/{project_id}/fgs/functions/{function_urn}/aliases/{alias_name} |
functiongraph:function:deleteAlias |
functiongraph:trigger:list |
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/aliases/{alias_name} |
functiongraph:function:updateAlias |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/aliases |
functiongraph:function:listAlias |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/aliases/{alias_name} |
functiongraph:function:getAlias |
- |
|
POST /v2/{project_id}/fgs/dependencies |
functiongraph:dependency:createDependency |
obs:object:GetObject |
|
DELETE /v2/{project_id}/fgs/dependencies/{depend_id} |
functiongraph:dependency:deleteDependency |
- |
|
PUT /v2/{project_id}/fgs/dependencies/{depend_id} |
functiongraph:dependency:updateDependency |
obs:object:GetObject |
|
GET /v2/{project_id}/fgs/dependencies |
functiongraph:dependency:listDependencies |
- |
|
GET /v2/{project_id}/fgs/dependencies/{depend_id} |
functiongraph:dependency:getDependency |
- |
|
POST /v2/{project_id}/fgs/dependencies/version |
functiongraph:dependency:createDependencyVersion |
obs:object:GetObject |
|
DELETE /v2/{project_id}/fgs/dependencies/{depend_id}/version/{version} |
functiongraph:dependency:deleteDependencyVersion |
- |
|
GET /v2/{project_id}/fgs/dependencies/{depend_id}/version |
functiongraph:dependency:listDependencyVersion |
- |
|
GET /v2/{project_id}/fgs/dependencies/{depend_id}/version/{version} |
functiongraph:dependency:getDependencyVersion |
- |
|
POST /v2/{project_id}/fgs/functions/{function_urn}/events |
functiongraph:function:createEvent |
- |
|
DELETE /v2/{project_id}/fgs/functions/{function_urn}/events/{event_id} |
functiongraph:function:deleteEvent |
- |
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/events/{event_id} |
functiongraph:function:updateEvent |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/events |
functiongraph:function:listEvent |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/events/{event_id} |
functiongraph:function:getEvent |
- |
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/tracing |
functiongraph:function:updateTracing |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/tracing |
functiongraph:function:getTracing |
- |
|
GET /v2/{project_id}/fgs/function/report |
functiongraph::listFunctionByMetric |
|
|
GET /v2/{project_id}/fgs/functions/statistics |
functiongraph::listStatistics |
aom:metric:get |
|
- |
functiongraph:function:getReservedInstanceMetrics |
|
|
POST /v2/{project_id}/fgs/functions/enable-lts-logs |
functiongraph::enableLtsLogs |
|
|
GET /v2/{project_id}/fgs/functions/{function_urn}/lts-log-detail |
functiongraph:function:getLtsLogConfiguration |
- |
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/reservedinstances |
functiongraph:function:updateReservedInstanceCount |
- |
|
GET /v2/{project_id}/fgs/functions/reservedinstances |
functiongraph::listReservedInstanceCount |
- |
|
GET /v2/{project_id}/fgs/functions/reservedinstanceconfigs |
functiongraph::listReservedInstanceConfig |
- |
|
GET /v2/{project_id}/fgs/functions/reservedinstances/state |
functiongraph::getReservedInstanceState |
- |
|
POST /v2/{project_id}/fgs/functions/{function_urn}/cancel |
functiongraph:function:stopAsyncInvoke |
lts:structConfig:get |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/async-invocations |
functiongraph:function:listAsyncInvocation |
|
|
DELETE /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-config |
functiongraph:function:deleteAsyncInvokeConfig |
- |
|
PUT /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-config |
functiongraph:function:updateAsyncInvokeConfig |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-configs |
functiongraph:function:listAsyncInvokeConfig |
- |
|
GET /v2/{project_id}/fgs/functions/{function_urn}/async-invoke-config |
functiongraph:function:getAsyncInvokeConfig |
- |
|
POST /v2/{project_id}/fgs/servicebridge |
functiongraph:bridge:createServiceBridge |
- |
|
DELETE /v2/{project_id}/fgs/servicebridge/{bridge_name} |
functiongraph:bridge:deleteServiceBridge |
- |
|
PUT /v2/{project_id}/fgs/servicebridge/{bridge_name}/config |
functiongraph:bridge:updateServiceBridgeConfig |
- |
|
GET /v2/{project_id}/fgs/servicebridge |
functiongraph:bridge:listServiceBridges |
- |
|
GET /v2/{project_id}/fgs/servicebridge/{bridge_name}/config |
functiongraph:bridge:getServiceBridgeConfig |
- |
资源类型(Resource)
资源类型(Resource)表示身份策略所作用的资源。如表3中的某些操作指定了可以在该操作指定的资源类型,则必须在具有该操作的身份策略语句中指定该资源的URN,身份策略仅作用于此资源;如未指定,Resource默认为“*”,则身份策略将应用到所有资源。您也可以在身份策略中设置条件,从而指定资源类型。
定义了以下可以在自定义身份策略的Resource元素中使用的资源类型。
