Before a Resource Access Management (RAM) user can call City Visual Intelligence Engine APIs, an Alibaba Cloud account must grant permissions to the user by creating an authorization policy. This policy uses a resource descriptor, an Alibaba Cloud Resource Name (ARN), to specify the authorized resources.
Custom policies
You can create a custom policy in the RAM console or by calling the RAM API operation CreatePolicy. When you configure a custom policy with a script, specify the policy content in a JSON template file. The values for the Action and Resource parameters are listed in the table of authorizable City Visual Intelligence Engine API operations in this topic. For more information, see Account access control and Basic elements of an access policy.
{
"Version": "1",
"Statement": [
{
"Action": [
"cityvisual:DescribeInstances"
],
"Resource": [
"acs:cityvisual:$regionid:135696343788****:instance/cityvisual-*****"
],
"Effect": "Allow"
}
]
}Authorizable City Visual Intelligence Engine API operations
The following table lists the authorizable City Visual Intelligence Engine API operations and their resource descriptions.
| API | Resource description |
| AttachStream | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid
acs:cityvisual:$regionid:$accountid:camera/$cameraid |
| BatchModifyCameraStatus | acs:cityvisual:$regionid:$accountid:camera/$cameraid |
| CreateInstance | acs:cityvisual:$regionid:$accountid:instance/* |
| CreateAlgoLib | acs:cityvisual:$regionid:$accountid:instance/$instanceid
acs:cityvisual:$regionid:$accountid:algolib/* |
| CreateCapability | acs:cityvisual:$regionid:$accountid:instance/$instanceid
acs:cityvisual:$regionid:$accountid:capability/* |
| CreateResourceProfile | acs:cityvisual:$regionid:$accountid:instance/$instanceid
acs:cityvisual:$regionid:$accountid:resourceprofile/* |
| CreateJobGroup | acs:cityvisual:$regionid:$accountid:instance/$instanceid
acs:cityvisual:$regionid:$accountid:jobgroup/* acs:cityvisual:$regionid:$accountid:resourceprofile/$resourceprofileid acs:cityvisual:$regionid:$accountid:algolib/$algolibid |
| CreateCamera | acs:cityvisual:$regionid:$accountid:instance/$instanceid
acs:cityvisual:$regionid:$accountid:camera/* |
| CreateWorkGroup | acs:cityvisual:$regionid:$accountid:instance/$instanceid
acs:cityvisual:$regionid:$accountid:workgroup/* |
| DescribeInstances | acs:cityvisual:$regionid:$accountid:instance/*
acs:cityvisual:$regionid:$accountid:instance/$instanceid |
| DeleteInstance | acs:cityvisual:$regionid:$accountid:instance/$instanceid |
| DescribeAlgoLibs | acs:cityvisual:$regionid:$accountid:algolib/*
acs:cityvisual:$regionid:$accountid:algolib/$algolibid |
| DeleteAlgoLib | acs:cityvisual:$regionid:$accountid:algolib/$algolibid |
| DescribeCapabilities | acs:cityvisual:$regionid:$accountid:capability/*
acs:cityvisual:$regionid:$accountid:capability/$capabilityid |
| DeleteCapability | acs:cityvisual:$regionid:$accountid:capability/$capabilityid |
| DescribeResourceProfiles | acs:cityvisual:$regionid:$accountid:resourceprofile/*
acs:cityvisual:$regionid:$accountid:resourceprofile/$resourceprofileid |
| DeleteResourceProfile | acs:cityvisual:$regionid:$accountid:resourceprofile/$resourceprofileid |
| DescribeJobGroups | acs:cityvisual:$regionid:$accountid:jobgroup/*
acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid |
| DeleteJobGroup | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid |
| DescribeStreams | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid
acs:cityvisual:$regionid:$accountid:camera/* |
| DetachStream | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid
acs:cityvisual:$regionid:$accountid:camera/$cameraid |
| DescribeCameras | acs:cityvisual:$regionid:$accountid:camera/*
acs:cityvisual:$regionid:$accountid:camera/$cameraid |
| DeleteCamera | acs:cityvisual:$regionid:$accountid:camera/$cameraid |
| DescribeWorkGroups | acs:cityvisual:$regionid:$accountid:workgroup/*
acs:cityvisual:$regionid:$accountid:workgroup/$workgroupid |
| DeleteWorkGroup | acs:cityvisual:$regionid:$accountid:workgroup/$workgroupid |
| DescribeProtocols | acs:cityvisual:$regionid:$accountid:workgroup/$workgroupid |
| GetComputeJobLog | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid |
| GetStreamsForCameras | acs:cityvisual:$regionid:$accountid:camera/$cameraid |
| ListComputeJobLogs | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid |
| ModifyInstance | acs:cityvisual:$regionid:$accountid:instance/$instanceid |
| ModifyAlgoLib | acs:cityvisual:$regionid:$accountid:algolib/$algolibid |
| ModifyCapability | acs:cityvisual:$regionid:$accountid:capability/$capabilityid |
| ModifyResourceProfile | acs:cityvisual:$regionid:$accountid:resourceprofile/$resourceprofileid |
| ModifyJobGroup | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid
acs:cityvisual:$regionid:$accountid:resourceprofile/$resourceprofileid acs:cityvisual:$regionid:$accountid:algolib/$algolibid |
| ModifyCamera | acs:cityvisual:$regionid:$accountid:camera/$cameraid |
| ModifyWorkGroup | acs:cityvisual:$regionid:$accountid:workgroup/$workgroupid |
| SearchImages | acs:cityvisual:$regionid:$accountid:* |
| StartJobGroup | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid |
| StopJobGroup | acs:cityvisual:$regionid:$accountid:jobgroup/$jobgroupid |