全部产品
存储与CDN 数据库 域名与网站(万网) 应用服务 数加·人工智能 数加·大数据基础服务 互联网中间件 视频服务 开发者工具 解决方案 物联网 钉钉智能硬件
访问控制

SLB授权样例

更新时间:2018-02-01 16:38:11

SLB授权样例

  • Use Case #1

如果您的租户账号购买了10个SLB实例。而作为RAM管理员,您希望仅仅授权其中的2个SLB实例给某个RAM用户。那么您可以创建如下的授权策略:

注意:授予该策略的RAM用户是可以列出所有的SLB实例,但只能操作(比如DeleteLoadBalancer操作)其中的两台。目前,不支持RAM用户仅仅查看自己有访问权限的SLB实例。

  1. {
  2. "Statement": [
  3. {
  4. "Effect": "Allow",
  5. "Action": "slb:*",
  6. "Resource": [
  7. "acs:slb:*:*:loadbalancer/i-001",
  8. "acs:slb:*:*:loadbalancer/i-002"
  9. ]
  10. },
  11. {
  12. "Effect": "Allow",
  13. "Action": "slb:Describe*",
  14. "Resource": "*"
  15. }
  16. ],
  17. "Version": "1"
  18. }
  • Use Case #2

The following policy allows a RAM user to add a backend ECS server (for example, i-001) to a Server Load Balancer (for example, slb-001).

  1. {
  2. "Statement": [
  3. {
  4. "Effect": "Allow",
  5. "Action": "slb:AddBackendServers",
  6. "Resource": ["acs:slb:*:*:loadbalancer/slb-001"]
  7. },
  8. {
  9. "Effect": "Allow",
  10. "Action": "slb:AddBackendServers",
  11. "Resource": "acs:ecs:*:*:instance/i-001"
  12. }
  13. ],
  14. "Version": "1"
  15. }
  • Use Case #3

The following policy allows a RAM user to add any backend ECS server in your tenant account to a Server Load Balancer (for example, slb-001).

  1. {
  2. "Statement": [
  3. {
  4. "Effect": "Allow",
  5. "Action": "slb:*",
  6. "Resource": ["acs:slb:*:*:loadbalancer/slb-001"]
  7. },
  8. {
  9. "Effect": "Allow",
  10. "Action": "slb:Describe*",
  11. "Resource": "*"
  12. },
  13. {
  14. "Effect": "Allow",
  15. "Action": "slb:*",
  16. "Resource": "acs:ecs:*:*:*"
  17. }
  18. ],
  19. "Version": "1"
  20. }
本文导读目录