访问控制(RAM)是阿里云提供的管理用户身份与资源访问权限的服务。使用RAM可以让您避免与其他用户共享阿里云账号密钥,并可按需为用户授予最小权限。RAM中使用权限策略描述授权的具体内容。
本文为您介绍关系型数据库(RDS)为RAM权限策略定义的操作(Action)、资源(Resource)和条件(Condition)。关系型数据库(RDS)的RAM代码(RamCode)为rds,支持的授权粒度为RESOURCE。
权限策略通用结构
权限策略支持JSON格式,其通用结构如下:
{
"Version": "1",
"Statement": [
{
"Effect": "<Effect>",
"Action": "<Action>",
"Resource": "<Resource>",
"Condition": {
"<Condition_operator>": {
"<Condition_key>": [
"<Condition_value>"
]
}
}
}
]
}- Effect:权限策略效果。取值:Allow(允许)、Deny(拒绝)。
- Action:授予允许或拒绝权限的具体操作。具体信息,请参见操作(Action)。
- Resource:受操作影响的具体对象,您可以使用资源ARN来描述指定资源。具体信息,请参见资源(Resource)。
- Condition:指授权生效的条件。可选字段。具体信息,请参见条件(Condition)。
- Condition_operator:条件运算符,不同类型的条件对应不同的条件运算符。具体信息,请参见权限策略基本元素。
- Condition_key:条件关键字。
- Condition_value:条件关键字对应的值。
操作(Action)
下表是关系型数据库(RDS)定义的操作,这些操作可以在RAM权限策略语句的Action元素中使用,用来授予执行该操作的权限。下面对表中的具体项提供说明:- 操作:是指具体的权限点。
- API:是指操作对应的API接口。
- 访问级别:是指每个操作的访问级别,取值为写入(Write)、读取(Read)或列出(List)。
- 资源类型:是指操作中支持授权的资源类型。具体说明如下:
- 对于必选的资源类型,用背景高亮的方式表示。
- 对于不支持资源级授权的操作,用
全部资源表示。
- 条件关键字:是指云产品自身定义的条件关键字。该列不体现适用于任何操作的通用条件关键字。
- 关联操作:是指成功执行操作所需要的其他权限。操作者必须同时具备关联操作的权限,操作才能成功。
| 操作 | API | 访问级别 | 资源类型 | 条件关键字 | 关联操作 |
|---|---|---|---|---|---|
| rds:ActivateMigrationTargetInstance | ActivateMigrationTargetInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:AddTagsToResource | AddTagsToResource | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:AllocateInstancePublicConnection | AllocateInstancePublicConnection | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:AllocateReadWriteSplittingConnection | AllocateReadWriteSplittingConnection | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CalculateDBInstanceWeight | CalculateDBInstanceWeight | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CancelImport | CancelImport | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:CheckAccountNameAvailable | CheckAccountNameAvailable | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CheckCloudResourceAuthorized | CheckCloudResourceAuthorized | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CheckCreateDdrDBInstance | CheckCreateDdrDBInstance | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:CheckDBNameAvailable | CheckDBNameAvailable | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CheckInstanceExist | CheckInstanceExist | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CheckServiceLinkedRole | CheckServiceLinkedRole | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:*:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:CloneDBInstance | CloneDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CloneParameterGroup | CloneParameterGroup | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:ConfirmNotify | ConfirmNotify | Write | 无 | 无 | |
| rds:CopyDatabase | CopyDatabase | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CopyDatabaseBetweenInstances | CopyDatabaseBetweenInstances | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:CreateAccount | CreateAccount | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateBackup | CreateBackup | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateCloudMigrationPrecheckTask | CreateCloudMigrationPrecheckTask | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateCloudMigrationTask | CreateCloudMigrationTask | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateDBInstance | CreateDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/* | rds:ResourceTag | 无 |
| rds:CreateDBInstanceEndpoint | CreateDBInstanceEndpoint | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/* | rds:ResourceTag | 无 |
| rds:CreateDBInstanceEndpointAddress | CreateDBInstanceEndpointAddress | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/* | rds:ResourceTag | 无 |
| rds:CreateDBProxyEndpointAddress | CreateDBProxyEndpointAddress | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:CreateDatabase | CreateDatabase | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateDdrInstance | CreateDdrInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/* | 无 | 无 |
| rds:CreateDiagnosticReport | CreateDiagnosticReport | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:CreateGADInstance | CreateGADInstance | Write | 全部资源 acs:rds::{#accountId}:* | 无 | 无 |
| rds:CreateGadInstanceMember | CreateGadInstanceMember | Write | 全部资源 acs:rds::{#accountId}:* | 无 | 无 |
| rds:CreateMigrateTask | CreateMigrateTask | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateOnlineDatabaseTask | CreateOnlineDatabaseTask | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateParameterGroup | CreateParameterGroup | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:CreateReadOnlyDBInstance | CreateReadOnlyDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:CreateServiceLinkedRole | CreateServiceLinkedRole | Write | 无 | 无 | |
| rds:CreateTempDBInstance | CreateTempDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DeleteAccount | DeleteAccount | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DeleteBackup | DeleteBackup | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DeleteBackupFile | DeleteBackupFile | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DeleteDBInstance | DeleteDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DeleteDBInstanceEndpoint | DeleteDBInstanceEndpoint | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | rds:ResourceTag | 无 |
| rds:DeleteDBInstanceEndpointAddress | DeleteDBInstanceEndpointAddress | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | rds:ResourceTag | 无 |
| rds:DeleteDBProxyEndpointAddress | DeleteDBProxyEndpointAddress | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DeleteDatabase | DeleteDatabase | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DeleteGadInstance | DeleteGadInstance | Write | 全部资源 acs:rds::{#accountId}:* | 无 | 无 |
| rds:DeleteUserBackupFile | DeleteUserBackupFile | Write | BackupFile acs:rds:*:{#accountId}:backupfile/{#BackupId} | 无 | 无 |
| rds:DescribeADInfo | DescribeADInfo | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeAccounts | DescribeAccounts | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeActionEventPolicy | DescribeActionEventPolicy | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeActiveOperationTasks | DescribeActiveOperationTasks | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | 无 | 无 |
| rds:DescribeAnalyticdbByPrimaryDBInstance | DescribeAnalyticdbByPrimaryDBInstance | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeAvailableClasses | DescribeAvailableClasses | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/* | rds:ResourceTag | 无 |
| rds:DescribeAvailableCrossRegion | DescribeAvailableCrossRegion | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeAvailableMetrics | DescribeAvailableMetrics | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeAvailableRecoveryTime | DescribeAvailableRecoveryTime | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeAvailableZones | DescribeAvailableZones | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeBackupDatabase | DescribeBackupDatabase | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeBackupPolicy | DescribeBackupPolicy | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeBackupTasks | DescribeBackupTasks | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeBackups | DescribeBackups | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeBinlogFiles | DescribeBinlogFiles | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeCharacterSetName | DescribeCharacterSetName | Read | 无 | 无 | |
| rds:DescribeCloudMigrationPrecheckResult | DescribeCloudMigrationPrecheckResult | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeCrossBackupMetaList | DescribeCrossBackupMetaList | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeCrossRegionBackupDBInstance | DescribeCrossRegionBackupDBInstance | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | rds:ResourceTag | 无 |
| rds:DescribeCrossRegionBackups | DescribeCrossRegionBackups | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeCrossRegionLogBackupFiles | DescribeCrossRegionLogBackupFiles | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceAttribute | DescribeDBInstanceAttribute | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceByTags | DescribeDBInstanceByTags | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceDetail | DescribeDBInstanceDetail | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeDBInstanceEncryptionKey | DescribeDBInstanceEncryptionKey | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceEndpoints | DescribeDBInstanceEndpoints | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceHAConfig | DescribeDBInstanceHAConfig | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceIPArrayList | DescribeDBInstanceIPArrayList | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceIpHostname | DescribeDBInstanceIpHostname | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceMetrics | DescribeDBInstanceMetrics | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceMonitor | DescribeDBInstanceMonitor | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceNetInfo | DescribeDBInstanceNetInfo | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceNetInfoForChannel | DescribeDBInstanceNetInfoForChannel | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstancePerformance | DescribeDBInstancePerformance | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceProxyConfiguration | DescribeDBInstanceProxyConfiguration | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceSSL | DescribeDBInstanceSSL | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstanceTDE | DescribeDBInstanceTDE | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstances | DescribeDBInstances | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstancesAsCsv | DescribeDBInstancesAsCsv | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstancesByExpireTime | DescribeDBInstancesByExpireTime | Read | 全部资源 acs:rds:*:*:*DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstancesByPerformance | DescribeDBInstancesByPerformance | Read | 全部资源 acs:rds:*:*:*DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBInstancesForClone | DescribeDBInstancesForClone | Read | 无 | 无 | |
| rds:DescribeDBMiniEngineVersions | DescribeDBMiniEngineVersions | Read | 无 | 无 | |
| rds:DescribeDBProxy | DescribeDBProxy | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBProxyEndpoint | DescribeDBProxyEndpoint | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDBProxyPerformance | DescribeDBProxyPerformance | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDTCSecurityIpHostsForSQLServer | DescribeDTCSecurityIpHostsForSQLServer | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDatabases | DescribeDatabases | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeDedicatedHostGroups | DescribeDedicatedHostGroups | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeDedicatedHosts | DescribeDedicatedHosts | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeDetachedBackups | DescribeDetachedBackups | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeDiagnosticReportList | DescribeDiagnosticReportList | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeErrorLogs | DescribeErrorLogs | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeEvents | DescribeEvents | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeGadInstances | DescribeGadInstances | List | 全部资源 acs:rds::{#accountId}:* | 无 | 无 |
| rds:DescribeHADiagnoseConfig | DescribeHADiagnoseConfig | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeHASwitchConfig | DescribeHASwitchConfig | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeInstanceAutoRenewalAttribute | DescribeInstanceAutoRenewalAttribute | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeInstanceCrossBackupPolicy | DescribeInstanceCrossBackupPolicy | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeInstanceKeywords | DescribeInstanceKeywords | Read | 无 | 无 | |
| rds:DescribeLocalAvailableRecoveryTime | DescribeLocalAvailableRecoveryTime | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeLogBackupFiles | DescribeLogBackupFiles | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeMetaList | DescribeMetaList | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeMigrateTaskById | DescribeMigrateTaskById | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeMigrateTasks | DescribeMigrateTasks | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeModifyParameterLog | DescribeModifyParameterLog | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeOssDownloads | DescribeOssDownloads | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeParameterGroup | DescribeParameterGroup | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeParameterGroups | DescribeParameterGroups | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | ResourceOwner | 无 |
| rds:DescribeParameters | DescribeParameters | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeRdsResourceSettings | DescribeRdsResourceSettings | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeReadDBInstanceDelay | DescribeReadDBInstanceDelay | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:DescribeRenewalPrice | DescribeRenewalPrice | Read | 无 | 无 | |
| rds:DescribeResourceUsage | DescribeResourceUsage | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeSQLCollectorPolicy | DescribeSQLCollectorPolicy | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeSQLCollectorRetention | DescribeSQLCollectorRetention | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:DescribeSQLLogFiles | DescribeSQLLogFiles | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeSQLLogRecords | DescribeSQLLogRecords | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeSQLLogReportList | DescribeSQLLogReportList | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeSecurityGroupConfiguration | DescribeSecurityGroupConfiguration | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeSlowLogRecords | DescribeSlowLogRecords | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeSlowLogs | DescribeSlowLogs | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeTags | DescribeTags | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeTasks | DescribeTasks | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeUpgradeMajorVersionPrecheckTask | DescribeUpgradeMajorVersionPrecheckTask | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DescribeUpgradeMajorVersionTasks | DescribeUpgradeMajorVersionTasks | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DestroyDBInstance | DestroyDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:DetachGadInstanceMember | DetachGadInstanceMember | Write | 全部资源 acs:rds::{#accountId}:* | 无 | 无 |
| rds:GetDBInstanceTopology | GetDBInstanceTopology | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:GetDbProxyInstanceSsl | GetDbProxyInstanceSsl | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:GrantAccountPrivilege | GrantAccountPrivilege | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:GrantOperatorPermission | GrantOperatorPermission | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ImportDatabaseBetweenInstances | ImportDatabaseBetweenInstances | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ImportUserBackupFile | ImportUserBackupFile | Read | 无 | 无 | |
| rds:ListClasses | ListClasses | Read | 无 | 无 | |
| rds:ListTagResources | ListTagResources | Read | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ListUserBackupFiles | ListUserBackupFiles | Read | 无 | 无 | |
| rds:LockAccount | LockAccount | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:MigrateDBInstance | MigrateDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:MigrateSecurityIPMode | MigrateSecurityIPMode | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:MigrateToOtherZone | MigrateToOtherZone | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyAccountDescription | ModifyAccountDescription | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyActionEventPolicy | ModifyActionEventPolicy | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ModifyActiveOperationTasks | ModifyActiveOperationTasks | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | 无 | 无 |
| rds:ModifyBackupPolicy | ModifyBackupPolicy | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyCollationTimeZone | ModifyCollationTimeZone | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ModifyDBDescription | ModifyDBDescription | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceAutoUpgradeMinorVersion | ModifyDBInstanceAutoUpgradeMinorVersion | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceConnectionMode | ModifyDBInstanceConnectionMode | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ModifyDBInstanceConnectionString | ModifyDBInstanceConnectionString | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceDelayedReplicationTime | ModifyDBInstanceDelayedReplicationTime | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceDeletionProtection | ModifyDBInstanceDeletionProtection | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceDescription | ModifyDBInstanceDescription | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceEndpoint | ModifyDBInstanceEndpoint | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceEndpointAddress | ModifyDBInstanceEndpointAddress | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceHAConfig | ModifyDBInstanceHAConfig | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceMaintainTime | ModifyDBInstanceMaintainTime | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceMetrics | ModifyDBInstanceMetrics | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceMonitor | ModifyDBInstanceMonitor | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceNetworkExpireTime | ModifyDBInstanceNetworkExpireTime | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceNetworkType | ModifyDBInstanceNetworkType | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstancePayType | ModifyDBInstancePayType | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceProxyConfiguration | ModifyDBInstanceProxyConfiguration | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceSSL | ModifyDBInstanceSSL | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceSpec | ModifyDBInstanceSpec | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBInstanceTDE | ModifyDBInstanceTDE | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBProxy | ModifyDBProxy | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBProxyEndpoint | ModifyDBProxyEndpoint | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBProxyEndpointAddress | ModifyDBProxyEndpointAddress | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDBProxyInstance | ModifyDBProxyInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDTCSecurityIpHostsForSQLServer | ModifyDTCSecurityIpHostsForSQLServer | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ModifyDasInstanceConfig | ModifyDasInstanceConfig | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyDbProxyInstanceSsl | ModifyDbProxyInstanceSsl | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyHADiagnoseConfig | ModifyHADiagnoseConfig | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyHASwitchConfig | ModifyHASwitchConfig | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyInstanceAutoRenewalAttribute | ModifyInstanceAutoRenewalAttribute | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyInstanceCrossBackupPolicy | ModifyInstanceCrossBackupPolicy | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyParameter | ModifyParameter | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyParameterGroup | ModifyParameterGroup | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/* | 无 | 无 |
| rds:ModifyReadWriteSplittingConnection | ModifyReadWriteSplittingConnection | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifyReadonlyInstanceDelayReplicationTime | ModifyReadonlyInstanceDelayReplicationTime | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | 无 | 无 |
| rds:ModifyResourceGroup | ModifyResourceGroup | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifySQLCollectorPolicy | ModifySQLCollectorPolicy | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifySQLCollectorRetention | ModifySQLCollectorRetention | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ModifySecurityGroupConfiguration | ModifySecurityGroupConfiguration | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ModifySecurityIps | ModifySecurityIps | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:PurgeDBInstanceLog | PurgeDBInstanceLog | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:RebuildDBInstance | RebuildDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ReceiveDBInstance | ReceiveDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:RecoveryDBInstance | RecoveryDBInstance | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ReleaseInstanceConnection | ReleaseInstanceConnection | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:ReleaseInstancePublicConnection | ReleaseInstancePublicConnection | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ReleaseReadWriteSplittingConnection | ReleaseReadWriteSplittingConnection | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:RemoveTagsFromResource | RemoveTagsFromResource | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:RenewInstance | RenewInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ResetAccount | ResetAccount | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:ResetAccountPassword | ResetAccountPassword | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:RestartDBInstance | RestartDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:RestoreDdrTable | RestoreDdrTable | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:RestoreTable | RestoreTable | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:RevokeAccountPrivilege | RevokeAccountPrivilege | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:RevokeOperatorPermission | RevokeOperatorPermission | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:StartDBInstance | StartDBInstance | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | 无 | 无 |
| rds:StopDBInstance | StopDBInstance | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:SwitchDBInstanceHA | SwitchDBInstanceHA | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:SwitchDBInstanceNetType | SwitchDBInstanceNetType | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | 无 | 无 |
| rds:SwitchDBInstanceVpc | SwitchDBInstanceVpc | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:TagResources | TagResources | Write | 全部资源 acs:rds:{#regionId}:{#accountId}:*DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:TerminateMigrateTask | TerminateMigrateTask | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | 无 | 无 |
| rds:TransformDBInstancePayType | TransformDBInstancePayType | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:UnlockAccount | UnlockAccount | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:UntagResources | UntagResources | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:UpdateUserBackupFile | UpdateUserBackupFile | Write | BackupFile acs:rds:*:{#accountId}:backupfile/{#BackupId} | 无 | 无 |
| rds:UpgradeDBInstanceEngineVersion | UpgradeDBInstanceEngineVersion | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:UpgradeDBInstanceKernelVersion | UpgradeDBInstanceKernelVersion | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:UpgradeDBInstanceMajorVersion | UpgradeDBInstanceMajorVersion | Write | DBInstance acs:rds:*:{#accountId}:dbinstance/{#DBInstanceId} | 无 | 无 |
| rds:UpgradeDBInstanceMajorVersionPrecheck | UpgradeDBInstanceMajorVersionPrecheck | Read | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
| rds:UpgradeDBProxyInstanceKernelVersion | UpgradeDBProxyInstanceKernelVersion | Write | DBInstance acs:rds:{#regionId}:{#accountId}:dbinstance/{#dbinstanceId} | rds:ResourceTag | 无 |
资源(Resource)
下表是关系型数据库(RDS)定义的资源,这些资源可以在RAM权限策略语句的Resource元素中使用,用来授予对该资源执行具体操作的权限。 其中,资源ARN是资源在阿里云上的唯一标识。具体说明如下:{#}为变量标识,需要您替换为实际值。例如:{#ramcode}需要您替换为实际的云服务RAM代码。*表示全部。例如:{#resourceType}为*时:表示全部资源。{#regionId}为*时:表示全部地域。{#accountId}为*时:表示全部阿里云账号。
| 资源类型 | 资源ARN |
|---|---|
| DBInstance | acs:{#ramcode}:{#regionId}:{#accountId}:dbinstance/{#DbInstanceId} |
| BackupFile | acs:{#ramcode}:*:{#accountId}:backupfile/{#BackupId} |