RAM权限策略包含的操作资源条件-云原生数据仓库AnalyticDB-阿里云

访问控制（RAM）是阿里云提供的管理用户身份与资源访问权限的服务。使用 RAM 可以让您避免与其他用户共享阿里云账号密钥，并可按需为用户授予最小权限。RAM 中使用权限策略描述授权的具体内容。

本文为您介绍 云原生数据仓库AnalyticDB MySQL版 为 RAM 权限策略定义的操作（Action）、资源（Resource）和条件（Condition）。 云原生数据仓库AnalyticDB MySQL版 的 RAM 代码（RamCode）为 adb ，支持的授权粒度为 资源级 。

权限策略通用结构

权限策略支持 JSON 格式，其通用结构如下：

{
  "Version": "1",
  "Statement": [
    {
      "Effect": "<Effect>",
      "Action": "<Action>",
      "Resource": "<Resource>",
      "Condition": {
        "<Condition_operator>": {
          "<Condition_key>": [
            "<Condition_value>"
          ]
        }
      }
    }
  ]
}

各字段含义如下：

Effect：权限策略效果。取值：Allow（允许）、Deny（拒绝）。
Action：授予允许或拒绝权限的具体操作。具体信息，请参见操作（Action）。
Resource：受操作影响的具体对象，您可以使用资源 ARN 来描述指定资源。具体信息，请参见资源（Resource）。
Condition：指授权生效的条件。可选字段。具体信息，请参见条件（Condition）。
- Condition_operator：条件运算符，不同类型的条件对应不同的条件运算符。具体信息，请参见权限策略基本元素。
- Condition_key：条件关键字。
- Condition_value：条件关键字对应的值。

操作（Action）

下表是云原生数据仓库AnalyticDB MySQL版定义的操作，这些操作可以在 RAM 权限策略语句的Action元素中使用，用来授予执行该操作的权限。下面对表中的具体项提供说明：

操作：是指具体的权限点。
API：是指操作对应的 API 接口。
访问级别：是指每个操作的访问级别，取值为写入（Write）、读取（Read）或列出（List）。
资源类型：是指操作中支持授权的资源类型。具体说明如下：
- 对于必选的资源类型，用前面加 * 表示。
- 对于不支持资源级授权的操作，用全部资源表示。
条件关键字：是指云产品自身定义的条件关键字。该列不体现适用于任何操作的通用条件关键字。
关联操作：是指成功执行操作所需要的其他权限。操作者必须同时具备关联操作的权限，操作才能成功。

操作	API	访问级别	资源类型	条件关键字	关联操作
adb:DescribeBackups	DescribeBackups	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteSparkTemplate	DeleteSparkTemplate	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/template/{#TemplateId}`	无	无
adb:getTableObjects	GetTableObjects	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:EnableAdviceService	EnableAdviceService	update	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:StartSparkEngine	StartSparkSQLEngine	create	全部资源 ``	无	无
adb:DescribeTablePartitionDiagnose	DescribeTablePartitionDiagnose	get	DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteMaterializedViewRecommend	DeleteMaterializedViewRecommend	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAPSADBInstances	DescribeAPSADBInstances	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListSparkAppAttempts	ListSparkAppAttempts	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDBClusterPerformance	DescribeDBClusterPerformance	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateDBResourceGroup	CreateDBResourceGroup	create	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeTableStatistics	DescribeTableStatistics	get	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateApsHiveJob	CreateApsHiveJob	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyClusterAccessWhiteList	ModifyClusterAccessWhiteList	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyApsDatasoure	ModifyApsDatasoure	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListApsLifecycleStrategy	ListApsLifecycleStrategy	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateAPSJob	CreateAPSJob	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDBClusterSpaceSummary	DescribeDBClusterSpaceSummary	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDownloadRecords	DescribeDownloadRecords	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAdbMySqlSchemas	DescribeAdbMySqlSchemas	list	全部资源 ``	无	无
adb:describeAllDataSource	DescribeTables	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateLakeStorageBucket	CreateLakeStorage	create	全部资源 ``	无	无
adb:ListSparkApps	ListSparkApps	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListSparkLogAnalyzeTasks	ListSparkLogAnalyzeTasks	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyMaterializedView	ModifyMaterializedView	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeTableDetail	DescribeTableDetail	get	DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDiagnosisSQLInfo	DescribeDiagnosisSQLInfo	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateSparkTemplate	CreateSparkTemplate	create	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyDBClusterResourceGroup	ModifyDBClusterResourceGroup	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeSparkAppType	DescribeSparkAppType	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeExcessivePrimaryKeys	DescribeExcessivePrimaryKeys	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDBClusterHealthStatus	DescribeDBClusterHealthStatus	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:SubmitSparkApp	StartSparkReplSession	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#resourcegroup}`	无	无
adb:describeAllDataSource	DescribeColumns	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetActiveSparkSession	ExistRunningSQLEngine	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}`	无	无
adb:BatchApplyAdviceByIdList	BatchApplyAdviceByIdList	update	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeResourceGroupSpec	DescribeResourceGroupSpec	list	全部资源 ``	无	无
adb:getTableColumns	GetTableColumns	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:AttachUserENI	AttachUserENI	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyDBClusterSSL	ModifyDBClusterSSL	update	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeSparkCodeWebUi	DescribeSparkCodeWebUi	list	全部资源 ``	无	无
adb:DescribeMvRecommendTasks	DescribeMvRecommendTasks	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:getTableDDL	GetTableDDL	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyDBResourceGroup	ModifyDBResourceGroup	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ExecuteSparkReplStatement	ExecuteSparkReplStatement	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbClusterId}/resourcegroup/{#resourceGroupName}/sparkapp/{#sparkAppId}`	无	无
adb:GetSparkAppWebUiAddress	GetSparkAppWebUiAddress	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:DescribeWorkerDetection	DescribeWorkerDetection	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteAccount	DeleteAccount	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:SetSparkAppLogRootPath	SetSparkAppLogRootPath	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DownloadDiagnosisRecords	DownloadDiagnosisRecords	create	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyUserEniVswitchOptions	ModifyUserEniVswitchOptions	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateOssSubDirectory	CreateOssSubDirectory	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeSQLWebSocketDomain	DescribeSQLWebSocketDomain	get	全部资源 ``	无	无
adb:DisableElasticPlan	DisableElasticPlan	update	全部资源 ``	无	无
adb:DescribeClusterResourceUsage	DescribeClusterResourceUsage	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateApsWebhook	CreateApsWebhook	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeUserQuota	DescribeUserQuota	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAccountPrivilegeObjects	DescribeAccountPrivilegeObjects	list	全部资源 ``	无	无
adb:StartApsJob	StartApsJob	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeHistoryTasks	DescribeHistoryTasks	get	全部资源 ``	无	无
adb:SubmitSparkLogAnalyzeTask	SubmitSparkLogAnalyzeTask	create	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAdbMySqlIndexes	DescribeAdbMySqlIndexes	get	全部资源 ``	无	无
adb:SuspendApsJob	SuspendApsJob	none	全部资源 ``	无	无
adb:KillProcess	KillProcess	list	DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyDBClusterMaintainTime	ModifyDBClusterMaintainTime	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifySqlTemplatePosition	ModifySqlTemplatePosition	get	全部资源 ``	无	无
adb:RevokeOperatorPermission	RevokeOperatorPermission	update	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbclusterId}`	无	无
adb:DescribeApsJobs	DescribeApsJobs	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:DisableAdviceService	DisableAdviceService	update	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CheckSampleDataSet	CheckSampleDataSet	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:UpdateApsWebhook	UpdateApsWebhook	none	全部资源 ``	无	无
adb:SubmitSparkApp	SubmitSparkApp	create	*SparkApplication `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}`	无	无
adb:GetSparkConfigLogPath	GetSparkConfigLogPath	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeElasticPlanJobs	DescribeElasticPlanJobs	list	全部资源 ``	无	无
adb:CreateApsKafkaHudiJob	CreateApsKafkaHudiJob	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:PreloadSparkAppMetrics	PreloadSparkAppMetrics	create	*SparkApplication `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:DescribeApsProgress	DescribeApsProgress	none	全部资源 ``	无	无
adb:CreateApsDatasoure	CreateApsDatasoure	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:UnbindAccount	UnbindAccount	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeBadSqlDetection	DescribeBadSqlDetection	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAccountAllPrivileges	DescribeAccountAllPrivileges	list	全部资源 ``	无	无
adb:DescribePerformanceViews	DescribePerformanceViews	list	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ResetAccountPassword	ResetAccountPassword	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeApsJobDetail	DescribeApsJobDetail	none	全部资源 ``	无	无
adb:KillSparkEngine	KillSparkSQLEngine	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}`	无	无
adb:ModifyPerformanceView	ModifyPerformanceView	update	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeSparkSQLDiagnosisAttribute	DescribeSparkSQLDiagnosisAttribute	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeApsHiveWorkload	DescribeApsHiveWorkload	none	全部资源 ``	无	无
adb:DescribeMVRecommendResults	DescribeMVRecommendResults	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeApsDatasource	DescribeApsDatasource	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetSparkTemplateFolderTree	GetSparkTemplateFolderTree	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDiagnosisDimensions	DescribeDiagnosisDimensions	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeViewJobs	DescribeViewJobs	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyCompactionServiceSwitch	ModifyCompactionServiceSwitch	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:EnableElasticPlan	EnableElasticPlan	update	全部资源 ``	无	无
adb:GetSparkAppState	GetSparkAppState	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:CreateElasticPlan	CreateElasticPlan	create	全部资源 ``	无	无
adb:ConfigureResultExport	ConfigureResultExport	create	全部资源 ``	无	无
adb:GetSparkAppAttemptLog	GetSparkAppAttemptLog	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:DeleteApsDatasoure	DeleteApsDatasoure	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetADBSparkNecessaryRAMPermissions	GetADBSparkNecessaryRAMPermissions	get	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeElasticPlanSpecifications	DescribeElasticPlanSpecifications	list	全部资源 ``	无	无
adb:DescribeDBClusterSSL	DescribeDBClusterSSL	get	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAccounts	DescribeAccounts	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListTagResources	ListTagResources	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetSparkTemplateFileContent	GetSparkTemplateFileContent	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyDBClusterDescription	ModifyDBClusterDescription	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyClusterConnectionString	ModifyClusterConnectionString	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateDBCluster	CreateDBCluster	create	全部资源 ``	adb:DiskEncryption adb:EnableSSL	无
adb:ModifyAutoRenewalAttribute	ModifyAutoRenewalAttribute	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAppliedAdvices	DescribeAppliedAdvices	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetCreateTableSQL	GetCreateTableSQL	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyDBCluster	ModifyDBCluster	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyAuditLogConfig	ModifyAuditLogConfig	update	DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CancelSparkReplStatement	CancelSparkReplStatement	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbClusterId}/resourcegroup/{#resourceGroupName}/sparkapp/{#sparkAppId}/{#sparkStatmentId}`	无	无
adb:DescribeAdbMySqlTables	DescribeAdbMySqlTables	list	全部资源 ``	无	无
adb:DescribeEnabledPrivileges	DescribeEnabledPrivileges	list	全部资源 ``	无	无
adb:GetSparkLogAnalyzeTask	GetSparkLogAnalyzeTask	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/task/{#SparkTaskId}`	无	无
adb:DescribeOperatorPermission	DescribeOperatorPermission	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbclusterId}`	无	无
adb:ModifyAccountDescription	ModifyAccountDescription	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyMaterializedViewRecommend	ModifyMaterializedViewRecommend	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteLakeStorage	DeleteLakeStorage	delete	全部资源 ``	无	无
adb:DescribeElasticPlans	DescribeElasticPlans	list	全部资源 ``	无	无
adb:DescribeDBResourceGroup	DescribeDBResourceGroup	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeEssdCacheConfig	DescribeEssdCacheConfig	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetSparkReplSession	GetSparkReplSession	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbClusterId}/resourcegroup/{#resourceGroupName}/sparkapp/{#sparkAppId}/{#sessionid}`	无	无
adb:BindDBResourceGroupWithUser	BindDBResourceGroupWithUser	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeletePerformanceView	DeletePerformanceView	delete	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:UnbindDBResourceGroupWithUser	UnbindDBResourceGroupWithUser	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeSparkCodeOutput	DescribeSparkCodeOutput	list	全部资源 ``	无	无
adb:DescribeHistoryTasksStat	DescribeHistoryTasksStat	update	全部资源 ``	无	无
adb:DescribeAdbMySqlColumns	DescribeAdbMySqlColumns	list	全部资源 ``	无	无
adb:ApplyAdviceById	ApplyAdviceById	update	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeInclinedTables	DescribeInclinedTables	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DownloadInstanceCACertificate	DownloadInstanceCACertificate	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteBackups	DeleteBackups	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteApsWebhook	DeleteApsWebhook	delete	全部资源 ``	无	无
adb:GetActiveSparkSession	GetSparkSQLEngineState	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}`	无	无
adb:ExecuteSparkWarehouseBatchSQL	ExecuteSparkWarehouseBatchSQL	none	全部资源 ``	无	无
adb:getViewDDL	GetViewDDL	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:UpgradeKernelVersion	UpgradeKernelVersion	none	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeControllerDetection	DescribeControllerDetection	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeResultExportConfig	DescribeResultExportConfig	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeApsResourceGroups	DescribeApsResourceGroups	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetLakeStorage	GetLakeStorage	get	全部资源 ``	无	无
adb:getViewObjects	GetViewObjects	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyClickhouseEngine	ModifyClickhouseEngine	update	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:KillSparkApp	KillSparkApp	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:DescribeSqlPattern	DescribeSqlPattern	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAbnormalPatternDetection	DescribeAbnormalPatternDetection	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetSparkAppInfo	GetSparkAppInfo	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:DescribeDiagnosisRecords	DescribeDiagnosisRecords	list	全部资源 ``	无	无
adb:ModifyElasticPlan	ModifyElasticPlan	update	全部资源 ``	无	无
adb:DescribeBackupPolicy	DescribeBackupPolicy	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeClusterNetInfo	DescribeClusterNetInfo	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteElasticPlan	DeleteElasticPlan	delete	全部资源 ``	无	无
adb:DescribePerformanceViewAttribute	DescribePerformanceViewAttribute	get	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CheckBindRamUser	CheckBindRamUser	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyLakeCacheSize	ModifyLakeCacheSize	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListApsWebhook	ListApsWebhook	none	全部资源 ``	无	无
adb:DeleteDBResourceGroup	DeleteDBResourceGroup	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeApsMigrationWorkloads	DescribeApsMigrationWorkloads	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeSparkSQLDiagnosisList	DescribeSparkSQLDiagnosisList	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDBClusters	DescribeDBClusters	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateApsCopyWorkload	CreateApsCopyWorkload	none	全部资源 ``	无	无
adb:DescribeSparkAuditLogRecords	DescribeSparkAuditLogRecords	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:BindAccount	BindAccount	update	*AccountLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:SubmitResultExportJob	SubmitResultExportJob	create	全部资源 ``	无	无
adb:DescribeSparkCodeLog	DescribeSparkCodeLog	list	全部资源 ``	无	无
adb:DescribeMvRecommendSubTasks	DescribeMvRecommendSubTasks	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ReleaseClusterPublicConnection	ReleaseClusterPublicConnection	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeCompactionServiceSwitch	DescribeCompactionServiceSwitch	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeJobResourceUsage	DescribeJobResourceUsage	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetSparkAppMetrics	GetSparkAppMetrics	get	*SparkApplication `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:DescribeExecutorDetection	DescribeExecutorDetection	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeOversizeNonPartitionTableInfos	DescribeOversizeNonPartitionTableInfos	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeStorageResourceUsage	DescribeStorageResourceUsage	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListSparkTemplateFileIds	ListSparkTemplateFileIds	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListLakeStorages	ListLakeStorages	list	全部资源 ``	无	无
adb:CreateAccount	CreateAccount	create	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListResultExportJobHistory	ListResultExportJobHistory	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyDBClusterVip	ModifyDBClusterVip	update	*DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ListApsOptimizationStrategy	ListApsOptimizationStrategy	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreatePerformanceView	CreatePerformanceView	create	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:LoadSampleDataSet	LoadSampleDataSet	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAuditLogRecords	DescribeAuditLogRecords	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CancelSparkWarehouseBatchSQL	CancelSparkWarehouseBatchSQL	update	全部资源 ``	无	无
adb:CreateBackup	CreateBackup	create	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyApsWorkloadName	ModifyApsWorkloadName	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:AllocateClusterPublicConnection	AllocateClusterPublicConnection	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeKernelVersion	DescribeKernelVersion	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAdbMySqlTableMeta	DescribeAdbMySqlTableMeta	get	全部资源 ``	无	无
adb:DescribeTableAccessCount	DescribeTableAccessCount	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeSQLPatterns	DescribeSQLPatterns	list	全部资源 ``	无	无
adb:ModifyAccountPrivileges	ModifyAccountPrivileges	update	全部资源 ``	无	无
adb:ListApsOptimizationTasks	ListApsOptimizationTasks	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAdviceServiceEnabled	DescribeAdviceServiceEnabled	get	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:getTable	GetTable	get	全部资源 ``	无	无
adb:getDatabaseObjectsByFilter	GetDatabaseObjects	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyApsJob	ModifyApsJob	update	全部资源 ``	无	无
adb:describeAllDataSource	DescribeAllDataSource	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GrantOperatorPermission	GrantOperatorPermission	update	DBCluster `acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbclusterId}`	无	无
adb:DeleteSparkTemplate	DeleteSparkTemplateFile	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/template/{#TemplateId}`	无	无
adb:DetachUserENI	DetachUserENI	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:UpdateLakeStorage	UpdateLakeStorage	update	全部资源 ``	无	无
adb:DescribeAvailableAdvices	DescribeAvailableAdvices	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteDBCluster	DeleteDBCluster	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeLakeCacheSize	DescribeLakeCacheSize	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:UpdateSparkTemplateFile	UpdateSparkTemplateFile	update	*SparkTemplate `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/template/{#TemplateId}`	无	无
adb:GetSparkWarehouseBatchSQL	GetSparkWarehouseBatchSQL	get	全部资源 ``	无	无
adb:ListSparkWarehouseBatchSQL	ListSparkWarehouseBatchSQL	list	全部资源 ``	无	无
adb:DescribeSparkAppDiagnosisInfo	DescribeSparkAppDiagnosisInfo	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyApsSlsADBJob	ModifyApsSlsADBJob	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:ModifyBackupPolicy	ModifyBackupPolicy	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeClusterResourceDetail	DescribeClusterResourceDetail	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateMaterializedViewRecommend	CreateMaterializedViewRecommend	create	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:CreateApsSlsADBJob	CreateApsSlsADBJob	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAutoRenewalAttribute	DescribeAutoRenewalAttribute	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeDBClusterAttribute	DescribeDBClusterAttribute	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetApsManagedDatabases	GetApsManagedDatabases	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:describeAllDataSource	DescribeSchemas	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:KillSparkLogAnalyzeTask	KillSparkLogAnalyzeTask	delete	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/task/{#SparkTaskId}`	无	无
adb:GetSparkTemplateFullTree	GetSparkTemplateFullTree	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeClusterAccessWhiteList	DescribeClusterAccessWhiteList	list	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeApsActionLogs	DescribeApsActionLogs	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeElasticPlanAttribute	DescribeElasticPlanAttribute	list	全部资源 ``	无	无
adb:DescribePatternPerformance	DescribePatternPerformance	list	全部资源 ``	无	无
adb:GetSparkAppLog	GetSparkAppLog	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}`	无	无
adb:DescribeApsDatasources	DescribeApsDatasources	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeAccountPrivileges	DescribeAccountPrivileges	list	全部资源 ``	无	无
adb:ModifyEssdCacheConfig	ModifyEssdCacheConfig	update	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeComputeResourceUsage	DescribeComputeResourceUsage	get	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:DeleteApsJob	DeleteApsJob	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#AccountId}:dbcluster/{#DBClusterId}`	无	无
adb:DescribeInclinedNodes	DescribeInclinedNodes	get	DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}`	无	无
adb:GetSparkReplStatement	GetSparkReplStatement	none	*DBClusterLakeVersion `acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbClusterId}/resourcegroup/{#resourceGroupName}/sparkapp/{#sparkAppId}/{#sparkStatmentId}`	无	无

资源（Resource）

下表是云原生数据仓库AnalyticDB MySQL版定义的资源，这些资源可以在 RAM 权限策略语句的Resource元素中使用，用来授予对该资源执行具体操作的权限。其中，资源 ARN 是资源在阿里云上的唯一标识。具体说明如下：

{#}为变量标识，需要您替换为实际值。例如：{#ramcode}需要您替换为实际的云服务RAM代码。
*表示全部。例如：
- {#resourceType}为*时：表示全部资源。
- {#regionId}为*时：表示全部地域。
- {#accountId}为*时：表示全部阿里云账号。

资源类型	资源 ARN
DBClusterLakeVersion	acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId} acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/template/{#TemplateId} acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#resourcegroup} acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbClusterId}/resourcegroup/{#resourceGroupName}/sparkapp/{#sparkAppId} acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId} acs:adb:{#regionId}:{#accountId}:DBClusterLakeVersion/DBClusterLakeVersionId acs:adb:{#regionId}:{#accountId}:DBClusterLakeVersion/* acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbClusterId}/resourcegroup/{#resourceGroupName}/sparkapp/{#sparkAppId}/{#sparkStatmentId} acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/task/{#SparkTaskId} acs:adb:{#regionId}:{#accountId}:dbcluster/{#dbClusterId}/resourcegroup/{#resourceGroupName}/sparkapp/{#sparkAppId}/{#sessionid} acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourceGroupName/{#ResrouceGroupName} acs:adb:{#Region}:{#AccountId}:dbcluster/{#DBClusterId} acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourceGroupName/{#ResrouceGroupName}/query/{#QueryId}
DBCluster	acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}
ResourceGroup	acs:adb:*:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}
LakeAccount	acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/account/{#AccountName}
SparkApplication	acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup} acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/resourcegroup/{#ResourceGroup}/sparkapp/{#SparkAppId}
AccountLakeVersion	acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}
SparkTemplate	acs:adb:{#regionId}:{#accountId}:dbcluster/{#DBClusterId}/template/{#TemplateId}

条件（Condition）

下表是云原生数据仓库AnalyticDB MySQL版 定义的产品级条件关键字，这些条件关键字可以在 RAM 权限策略语句的Condition元素中使用，用来描述授予权限的条件。以下仅列举产品级的条件关键字，阿里云定义的通用条件关键字也同样适用云原生数据仓库AnalyticDB MySQL版。

其中，数据类型决定了您可以使用哪些条件运算符将请求中的值与权限策略语句中的值进行比较。您必须使用与数据类型匹配的条件运算符，否则无法匹配策略语句，授权行为无效。数据类型与条件运算符的对应关系，请参见条件操作类型。

条件关键字	描述	类型
adb:DiskEncryption	是否开启云盘加密	String
adb:EnableSSL	是否开启SSL加密链接	String

授权信息

权限策略通用结构

操作（Action）

资源（Resource）

条件（Condition）

相关操作