This document describes the operations (Action) and resources (Resource) for Mhub. It specifies the permissions included in the AliyunMHubFullAccess and AliyunMHubReadOnlyAccess policies. You can use this information to add operations and resources to your custom policies as needed.
Resource description
The Resource element is required for identity-based policies. It describes one or more objects that are granted permissions. The value of the Resource element is the Alibaba Cloud Resource Name (ARN) defined by the Alibaba Cloud service.
The Mhub Resource element uses the following format: acs:mhub:<region>:<account-id>:<relative-id>.
Parameter name | Description |
acs | An acronym for Alibaba Cloud Service. It indicates the public cloud platform of Alibaba Cloud. |
mhub | The RAM code for the Alibaba Cloud service. |
region | The region. For global resources that can be accessed without specifying a region, use an asterisk (*). Because Mhub uses centralized resource management, you can use an asterisk (*) for this field. |
account-id | The Alibaba Cloud account ID. For example: |
relative-id | The service-related resource. For Mhub, resources include app and product. The app resource manages application AppKeys, and the product resource manages product IDs. For example: app/*, app/#{app-key}, product/*, product/#{product-id} |
For example:
"Resource": [
"acs:mhub:*:139450:app/*", // Grants permissions on all apps created in the EMAS console by the user with account ID 139450.
"acs:mhub:*:139450:product/*", // Grants permissions on all EMAS products available to the user with account ID 139450.
"acs:mhub:*:139450:app/233588xxx", // Grants permissions on the application with AppKey 233588xxx, created in the EMAS console by the user with account ID 139450.
"acs:mhub:*:139450:product/39022xxx" // Grants permissions on the product with product ID 3902xxx, available to the user with account ID 139450.
]Operations and resources
Name | Operation | Resource |
Create application | mhub:createApp | acs:mhub:*:#{account-id}:app/* |
List applications | mhub:ListApps | acs:mhub:*:#{account-id}:app/* |
List products | mhub:ListProducts | acs:mhub:*:#{account-id}:product/* |
List historically used services | mhub:ListOpenService | acs:mhub:*:#{account-id}:product/#{product-id} |
EMAS: Product Data Dashboard | mhub:DescribeDashboard | acs:mhub:*:#{account-id}:product/#{product-id} |
View published SDK information | mhub:QuerySdkInfos | acs:mhub:*:#{account-id}/* |