108
英雄聯盟
鑒權規則__RAM子用戶訪問_API-Reference_日誌服務-阿裏雲
當子賬號通過 Log Service Open API 對主賬號的資源進行訪問時,Log Service後台向 RAM 進行權限檢查,以確保資源擁有者的確將相關資源的相關權限授予了調用者。
每個不同的 Log Service API 會根據涉及到的資源以及 API 的語義來確定需要檢查哪些資源的權限。具體地,各類 API 的鑒權規則見下表
Logstore
| Action | Resource |
|---|---|
| log:GetLogStore | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/${logstoreName} |
| log:ListLogStores | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/* |
| log:CreateLogStore | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/* |
| log:DeleteLogStore | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/${logstoreName} |
| log:UpdateLogStore | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/${logstoreName} |
Loghub
數據寫入以及消費類API,其中獲取數據遊標API GetCursor以及獲取數據API GetLogs共用同一個Action log:GetCursorOrData。
| Action | Resource |
|---|---|
| log:GetCursorOrData | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/${logstoreName} |
| log:ListShards | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/${logstoreName} |
| log:PostLogStoreLogs | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logstore/${logstoreName} |
Config
| Action | Resource |
|---|---|
| log:CreateConfig | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/* |
| log:UpdateConfig | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/${logtailConfigName} |
| log:DeleteConfig | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/${logtailConfigName} |
| log:GetConfig | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/${logtailConfigName} |
| log:ListConfig | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/* |
Machine Group
| Actions | Resources |
|---|---|
| log:CreateMachineGroup | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/* |
| log:UpdateMachineGroup | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/${machineGroupName} |
| log:DeleteMachineGroup | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/${machineGroupName} |
| log:GetMachineGroup | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/${machineGroupName} |
| log:ListMachineGroup | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/* |
| log:ListMachines | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/${machineGroupName} |
Config和Machine Group交互類API
| Actions | Resources |
|---|---|
| log:ApplyConfigToGroup | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/${logtailConfigName} acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/${machineGroupName} |
| log:RemoveConfigFromGroup | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/${logtailConfigName} acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/${machineGroupName} |
| log:GetAppliedMachineGroups | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/logtailconfig/${logtailConfigName} |
| log:GetAppliedConfigs | acs:log:${regionName}:${projectOwnerAliUid}:project/${projectName}/machinegroup/${machineGroupName} |
最後更新:2016-11-23 16:04:03
上一篇: 動作列表__RAM子用戶訪問_API-Reference_日誌服務-阿裏雲
下一篇: 數據模型__公共資源說明_API-Reference_日誌服務-阿裏雲
- 常見錯誤說明__附錄_大數據計算服務-阿裏雲
- 發送短信接口__API使用手冊_短信服務-阿裏雲
- 接口文檔__Android_安全組件教程_移動安全-阿裏雲
- 運營商錯誤碼(聯通)__常見問題_短信服務-阿裏雲
- 設置短信模板__使用手冊_短信服務-阿裏雲
- OSS 權限問題及排查__常見錯誤及排除_最佳實踐_對象存儲 OSS-阿裏雲
- 消息通知__操作指南_批量計算-阿裏雲
- 設備端快速接入(MQTT)__快速開始_阿裏雲物聯網套件-阿裏雲
- 查詢API調用流量數據__API管理相關接口_API_API 網關-阿裏雲
- 使用STS訪問__JavaScript-SDK_SDK 參考_對象存儲 OSS-阿裏雲