检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
ecs:KmsKeyId ecs:VolumeId - ecs:cloudServers:showServer Grants permission to query ECS details. read instance * - ecs:cloudServers:get ecs:cloudServers:attach Grants permission to attach disks to an ECS. write instance * evs:Encrypted ecs:KmsKeyId ecs:VolumeId - ecs:cloudServers:
Table 4 Service-specific condition keys supported by IMS Condition Key Value Type Single-valued/Multivalued Description ims:TargetOrgPaths string Multivalued Filters access based on the Organizations Path of the specified sharing account. ims:Encrypted boolean Single-valued Controls
Table 4 Service-specific condition keys supported by RDS Service-specific Condition Key Type Single-valued/Multivalued Description rds:Encrypted Boolean Single-valued Filters access permissions based on the tag key of whether to enable disk encryption transferred in the request parameter
Write cluster * - cce:node:create - cce:ClusterId evs:Encrypted g:EnterpriseProjectId cce:KmsKeys cce:node:add Grants permission to add nodes.
Write volume * - - - g:RequestTag/<tag-key> g:TagKeys g:EnterpriseProjectId evs:Encrypted cbr:VaultId evs:KmsKeyId evs:ImageId evs:BackupId evs:SnapshotId evs:AvailabilityZone evs:VolumeType evs:VolumeSize evs:VolumeIops evs:VolumeThroughput evs:ChargingMode evs:ServerServiceType
Examples of Condition Keys dds:Encrypted For example, it indicates that disk encryption is required. { "Version": "5.0", "Statement": [ { "Effect": "Allow", "Action": [ "dds:instance:create" ], "Condition": { "Bool": { "dds
requests by the time when the request is received by the server, which is the number of non-leap seconds that have elapsed since 1970.01.01 00:00:00 UTC. obs:BucketEncrypted boolean Single-valued Filters requests by the encryption status of the bucket after the bucket is created, encrypted
- bms:servers:updateMetadata Grants permission to update BMS metadata. write instance* g:EnterpriseProjectId g:ResourceTag/<tag-key> - bms:servers:reInstallOS Grants permission to reinstall a BMS OS. write instance* g:EnterpriseProjectId g:ResourceTag/<tag-key> bms:KmsKeyId evs:Encrypted
Select Default for Qualifier. gaussdb:Encrypted boolean Single-valued Filter access permissions based on the tag key of whether to enable disk encryption transferred in the request parameter. Select Default for Qualifier. Parent topic: Databases
swr:SubnetId string Single-valued Controls permissions based on subnet IDs. swr:EnablePublicNameSpace boolean Single-valued Controls whether public organizations can be created in SWR Enterprise Edition. swr:EnableObsEncrypt boolean Single-valued Controls whether buckets must be encrypted
