允许通过42.120.88.0/24, 42.120.66.0/24两个IP段访问MNS
{"Version": "1","Statement": [{"Action": "mns:*","Effect": "Allow","Resource": "acs:mns:*:*:*","Condition":{"IpAddress": {"acs:SourceIp": ["42.120.88.0/24", "42.120.66.0/24"]}}}]}
如果源IP不在42.120.88.0/24中则禁止对MNS执行任何操作;
{"Version": "1","Statement": [{"Action": "mns:*","Effect": "Deny","Resource": "acs:mns:*:*:*","Condition":{"NotIpAddress": {"acs:SourceIp": ["42.120.88.0/24"]}}}]}
注意:因为Policy的鉴权规则是Deny优先(即如果用户的访问操作命中任意一条Deny规则,则禁止访问),所以访问者从42.120.88.0/24以外的IP地址访问时,MNS服务会报没有权限。
仅允许子账号拥有查看队列、主题属性以及列表的权限
{"Version": "1","Statement": [{"Effect": "Allow","Action": ["mns:ListQueue","mns:ListTopic","mns:GetQueueAttributes","mns:GetTopicAttributes"],"Resource": "acs:mns:*:*:*"}]}
在文档使用中是否遇到以下问题
更多建议
匿名提交