全部产品
弹性计算 会员服务 网络 安全 移动云 数加·大数据分析及展现 数加·大数据应用 管理与监控 云通信 阿里云办公 培训与认证 更多
存储与CDN 数据库 域名与网站(万网) 应用服务 数加·人工智能 数加·大数据基础服务 互联网中间件 视频服务 开发者工具 解决方案 物联网 智能硬件
云数据库 MongoDB 版

MongoDB API的鉴权规则

更新时间:2017-11-15 10:14:15

当子用户通过MongoDB Open API进行资源访问时,MongoDB后台向RAM进行权限检查,以确保调用者拥有响应权限。 每个不同的MongoDB API会根据涉及到的资源以及API的语义来确定需要检查哪些资源的权限。具体地,每个API的鉴权规则见下表。

Action鉴权规则
CreateDBInstanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifyDBInstanceSpecacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DeleteDBInstanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
RenewDBInstanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
CreateShardingDBInstanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DeleteNodeacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
CreateNodeacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifyNodeSpecacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeDBInstancesacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
RestartDBInstanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifyDBInstanceMaintainTimeacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifyDBInstanceDescriptionacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeDBInstanceAttributeacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeReplicaSetRoleacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeShardingNetworkAddressacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifyDBInstanceNetworkTypeacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifyDBInstanceNetExpireTimeacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeDBInstancePerformanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeAccountsacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ResetAccountPasswordacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeSecurityIpsacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifySecurityIpsacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeAuditRecordsacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeAuditFilesacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeBackupPolicyacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
ModifyBackupPolicyacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
CreateBackupacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
RestoreDBInstanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeBackupsacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
DescribeDBInstancePerformanceacs:dds:$regionid:$accountid:dbinstance/$dbinstanceid
本文导读目录