Application authorization rule list-OpenSearch(Open Search)-阿里云帮助中心

This topic describes the authorization rules for management APIs and traffic APIs.

Management API authorization rules

POP Action	Description	RAM Action	Resource Pattern
ListApps	Gets all application versions.	opensearch:ListApp	apps/*
CreateAppGroup	Creates an application.	opensearch:CreateAppGroup	app-groups/*
DescribeAppGroupDataReport	Queries the Data Quality report of an application.	opensearch:DescribeApp	apps/$appGroupName
RemoveAppGroup	Deletes an application.	opensearch:RemoveAppGroup	app-groups/$appGroupName
ListAppGroupErrors	Queries the error logs of an application.	opensearch:ListAppGroupErrors	app-groups/$appGroupName
ListAppGroups	Gets the application list.	opensearch:ListAppGroup	app-groups/*
ListAppGroupMetrics	Query application data reports	opensearch:ListAppGroupMetric	app-groups/$appGroupName
RenewAppGroup	Renews an application.	opensearch:UpdateApp	apps/$appGroupName
DescribeAppGroup	Gets the details of an application.	opensearch:DescribeAppGroup	app-groups/$appGroupName
ReplaceAppGroupCommodityCode	Converts an application from service-based to instance-based.	opensearch:UpdateApp	apps/$appGroupName
ModifyAppGroup	Modifies application properties or switches the online version.	opensearch:ModifyAppGroup	app-groups/$appGroupName
ModifyAppGroupQuota	Modifies the quota of an application.	opensearch:updateAppGroupQuota	app-groups/$appGroupName
CreateApp	Creates an application version.	opensearch:CreateApp	app-groups/$appGroupName
RemoveApp	Deletes an application version.	opensearch:RemoveApp	app-groups/$appGroupName
DescribeApps	Gets the version list of an application.	opensearch:ListApp	app-groups/$appGroupName
DescribeApp	Views the details of an application version.	opensearch:DescribeApp	app-groups/$appGroupName
DescribeAppStatistics	Gets the statistics of an application version.	opensearch:DescribeAppStatistics	app-groups/$appGroupName
UpdateFetchFields	Updates the default display fields of an application version.	opensearch:UpdateApp	apps/$appGroupName
CreateFirstRank	Creates the rough sort expression configuration for an application version.	opensearch:WriteFirstRank	apps/$appGroupName
RemoveFirstRank	Deletes the rough sort expression configuration of an application version.	opensearch:WriteFirstRank	apps/$appGroupName
ListFirstRanks	Gets the list of rough sort expression configurations for an application version.	opensearch:ListFirstRank	apps/$appGroupName
DescribeFirstRank	Gets the details of the rough sort expression configuration for an application version.	opensearch:DescribeFirstRank	apps/$appGroupName
ModifyFirstRank	Modifies the rough sort expression configuration of an application version.	opensearch:WriteFirstRank	apps/$appGroupName
ListSlowQueryCategories	Gets the checklist of slow query optimization suggestions from Query Optimizer.	opensearch:ListOptimizerSlowQueryCategories	apps/$appGroupName
StartSlowQueryAnalyzer	Starts a slow query analysis immediately.	opensearch:WriteOptimizerSlowQueryCategories	apps/$appGroupName
ListSlowQueryQueries	Lists the checklist of slow queries from Query Optimizer.	opensearch:ListOptimizerSlowQueries	apps/$appGroupName
DisableSlowQuery	Disables the slow query service of Query Optimizer.	opensearch:WriteOptimizerSlowQuery	apps/$appGroupName
EnableSlowQuery	Enables the slow query service of Query Optimizer.	opensearch:WriteOptimizerSlowQuery	apps/$appGroupName
DescribeSlowQueryStatus	Gets the activation status of the slow query service of Query Optimizer.	opensearch:DescribeOptimizerSlowQuery	apps/$appGroupName
CreateScheduledTask	Creates a scheduled task for an application.	opensearch:CreateScheduledTask	app-groups/$appGroupName
RemoveScheduledTask	Deletes a scheduled task of an application.	opensearch:RemoveScheduledTask	app-groups/$appGroupName
ListScheduledTasks	Gets the list of scheduled tasks for an application.	opensearch:ListScheduledTask	app-groups/$appGroupName
DescribeScheduledTask	Gets the details of a scheduled task for an application.	opensearch:DescribeScheduledTask	app-groups/$appGroupName
ModifyScheduledTask	Modifies a scheduled task of an application.	opensearch:ModifyScheduledTask	app-groups/$appGroupName
CreateSecondRank	Creates the fine sort expression configuration for an application version.	opensearch:WriteSecondRank	apps/$appGroupName
RemoveSecondRank	Deletes the fine sort expression configuration of an application version.	opensearch:WriteSecondRank	apps/$appGroupName
ListSecondRanks	Gets the list of fine sort expression configurations for an application version.	opensearch:ListSecondRank	apps/$appGroupName
DescribeSecondRank	Gets the details of the fine sort expression configuration for an application version.	opensearch:DescribeSecondRank	apps/$appGroupName
ModifySecondRank	Modifies the fine sort expression configuration of an application version.	opensearch:WriteSecondRank	apps/$appGroupName
ListSortExpressions	Gets the list of sort expressions for an application version.	opensearch:ListSortExpression	apps/$appGroupName
UpdateSummaries	Modifies the summary of an application version.	opensearch:WriteSummary	apps/$appGroupName
PushUserAnalyzerEntries	Accepts changes to custom analyzer entries.	opensearch:WriteUserAnalyzer	user-analyzers/$analyzerName
ListUserAnalyzerEntries	Gets the checklist of custom analyzer entries.	opensearch:DescribeUserAnalyzer	user-analyzers/$analyzerName
CreateUserAnalyzer	Creates a custom analyzer.	opensearch:CreateUserAnalyzer	user-analyzers/$analyzerName
DeleteUserAnalyzer	Deletes a custom analyzer.	opensearch:DeleteUserAnalyzer	user-analyzers/$analyzerName
ListUserAnalyzers	Gets the list of custom tokenizers for a user.	opensearch:ListUserAnalyzers	user-analyzers/*
DescribeUserAnalyzer	Gets the details of a custom analyzer.	opensearch:DescribeUserAnalyzer	user-analyzers/$analyzerName

Traffic API authorization rules

POP Action	Action Description	RAM Action	Resource Pattern
PushDoc	Push a document	opensearch:PushDoc	acs:opensearch:$regionId:$accountId:apps/$appGroupName
SearchApp	Document Retrieval	opensearch:SearchApp	acs:opensearch:$regionId:$accountId:apps/$appGroupName