DescribeControlPolicy-获取所有访问控制策略的信息
操作 访问级别 资源类型 条件关键字 关联操作 yundun-cloudfirewall:DescribeControlPolicy Read 全部资源*无 无 请求参数 名称 类型 必填 描述 示例值 Lang string 否 接收消息的语言类型。取值:zh(默认):中文 en:英文 zh Direction ...
DeleteControlPolicy-删除访问控制策略
您可调用 DescribeControlPolicy 接口获取该 ID。00281255-d220-4db1-8f4f-c4df221ad84c Direction string 是 安全访问控制策略管控的流量方向。取值:in:流量从外到内。out:流量从内到外。in 返回参数 名称 类型 描述 示例值 object ...
AliyunServiceRolePolicyForGovernance
ram:CreateRole","ram:UpdateRole","ram:GetPolicy","ram:DeleteRole"],"Resource":["acs:ram:*:*:saml-provider/AliyunReservedGovernance*","acs:ram:*:*:role/aliyunreservedgovernance*","acs:ram:*:system:policy/*","acs:ram:*:*:...
授权信息
无 无 yundun-cloudfirewall:DescribeCfwRiskLevelSummary Read 全部资源 无 无 yundun-cloudfirewall:DescribeControlPolicy Read 全部资源 无 无 yundun-cloudfirewall:DescribeDomainResolve Read 全部资源 无 无 yundun-cloudfirewall:...
API概览
DescribeControlPolicy 获取所有访问控制策略的信息 获取所有访问控制策略的信息。ModifyControlPolicyPosition 修改访问控制策略的优先级 修改互联网边界防火墙IPv4访问控制策略(表示访问控制策略中的访问源IP、目的IP使用IPv4格式)的...
ModifyControlPolicy-修改安全访问控制策略的配置信息
说明 修改安全访问控制策略,需要提供该策略的唯一标识 ID,该 ID 可调用 DescribeControlPolicy 接口获取。00281255-d220-4db1-8f4f-c4df221ad84c SourceType string 是 安全访问控制策略中的源地址类型。取值:net:源网段(CIDR)group...
云防火墙的审计事件
DescribeControlPolicy 获取所有访问控制策略的信息。DescribeControlPolicyTemplate 获取ACL模板。DescribeCreatedNatFirewall 获取已经创建的NAT防火墙。DescribeCtrlInstanceMemberAccounts 获取成员账号列表。DescribeDefaultIPSConfig...
alicloud_cloud_firewall_control_policies
accept,drop,log.destination-(Optional,ForceNew)The destination address defined in the access control policy.ip_version-(Optional,ForceNew)The IP version of the address in the access control policy.proto-(Optional,ForceNew)...
alicloud_resource_manager_control_policy
Provides a Resource Manager Control Policy resource.For information about Resource Manager Control Policy and how to use it,see What is Control Policy.->NOTE:Available since v1.120.0.Example Usage Basic Usage variable"name...
alicloud_cloud_firewall_control_policy
Provides a Cloud Firewall Control Policy resource.For information about Cloud Firewall Control Policy and how to use it,see What is Control Policy.->NOTE:Available since v1.129.0.Example Usage Basic Usage resource"alicloud...
alicloud_cloud_firewall_control_policy_order
Provides a Cloud Firewall Control Policy resource.For information about Cloud Firewall Control Policy Order and how to use it,see What is Control Policy Order.->NOTE:Available in v1.130.0+.Example Usage Basic Usage ...
cloud_firewall_vpc_firewall_control_policy
Provides a Cloud Firewall Vpc Firewall Control Policy resource.For information about Cloud Firewall Vpc Firewall Control Policy and how to use it,see What is Vpc Firewall Control Policy.->NOTE:Available since v1.194.0....
alicloud_resource_manager_control_policy_...
This data source provides the Resource Manager Control Policy Attachments of the current Alibaba Cloud user.->NOTE:Available in v1.120.0+.Example Usage Basic Usage data"alicloud_resource_manager_control_policy_attachments...
alicloud_resource_manager_control_policy_...
Provides a Resource Manager Control Policy Attachment resource.For information about Resource Manager Control Policy Attachment and how to use it,see What is Control Policy Attachment.->NOTE:Available since v1.120.0....
访问控制
为保证您资源的数据安全,您可以通过访问控制的RAM Policy、资源目录的Control Policy、表格存储实例的Network ACL、表格存储实例的Instance Policy功能对云资源的访问进行控制,只允许被授权的用户访问表格存储资源。表格存储 支持使用的...
ALIYUN:CLOUDFW:VpcFirewallControlPolicy
String DestPort:Description:'The destination port in the access control policy.Note This parameter must be specified if the DestPortType parameter is set to port.' Type:String DestPortGroup:Description:'The address book of...
alicloud_cloud_firewall_vpc_firewall_control_...
ForceNew)The enabled status of the access control policy.The policy is enabled by default after it is created.Value:true:Enable access control policies false:does not enable access control policies.source-(Optional,...
ALIYUN:CLOUDFW:ControlPolicy
Type":"String","Description":"Security access control policy description information."},"Proto":{"Type":"String","Description":"The type of security protocol for traffic access in the security access control policy.Can be...
通过Control Policy授权
使用资源目录时,企业管理人员可以通过管控策略(Control Policy)统一管理资源目录各层级内资源访问的权限边界,建立企业整体访问控制原则或局部专用原则。资源目录管控策略是一种基于资源结构(资源夹或成员)的访问控制策略。管控策略只...
alicloud_resource_manager_resource_directory
0:1 status="Enabled"} Argument Reference The following arguments are supported:status-(Optional,Available since v1.120.0)The status of control policy.Valid values:Enabled and Disabled.member_deletion_status-(Optional,...
公共错误码
诊断 409 DeleteConflict.Policy.Group The policy cannot be attached to any group when you delete it.删除权限策略前,此权限策略不能被授予任何组。诊断 409 DeleteConflict.ResourceDir.Account This resource directory has ...
功能特性
RAM Policy Control Policy 资源管理Resource Management中的资源目录的管控策略(Control Policy)是一种基于资源结构(资源夹或成员)的访问控制策略,可以统一管理资源目录各层级内资源访问的权限边界。如果希望对企业成员进行统一授权...
alicloud_ddoscoo_domain_resources
True:Opened,False:Not enabled.cc_rule_enabled-Whether custom frequency control guard(CC guard)is enabled.Values:True:Opened,False:Not enabled.cc_template-The mode of the Frequency Control policy.cert_name-The name of the ...
网络安全管理
表格存储 默认允许任意网络的访问,您可以通过为实例绑定 VPC 并更改网络访问类型实现在 专有网络 VPC 中使用 表格存储 资源,保证网络访问安全。实例网络类型 表格存储...更多信息,请参见 通过Control Policy授权 和 自定义Control Policy。
alicloud_security_group
From version 1.115.0,resource_group_id can be modified.inner_access_policy-(Optional,Available since v1.55.3)The internal access control policy of the security group.Valid values:Accept,Drop.tags-(Optional)A mapping of ...
alicloud_alb_acls
The entry is added and available.Removing:The entry is being removed.acl_id-Access Control Policy ID.acl_name-The ACL Name.address_ip_version-Address Protocol Version.id-The ID of the Acl.resource_group_id-Resource Group ...
权限策略判定流程
一次完整的权限策略判定流程包含以下步骤:判定程序收集访问请求涉及的所有类型的权限策略,包括:资源目录的 管控策略(Control Policy)、RAM角色的会话策略(Session Policy)、基于身份的策略(Identity-based Policy)和基于资源的...
自定义Control Policy
通过自定义管控策略(Control Policy)限制访问资源的权限边界。表格存储 支持限制访问时的TLS版本、限制只能创建使用非公网访问的实例等管控策略,请根据实际配置。背景信息 资源目录管控策略是一种基于资源结构(资源夹或成员)的访问...
权限管理
管控策略(Control Policy):管控策略是一种针对启用了资源目录(Resource Directory,简称 RD)的多账号组织,基于资源结构(资源夹或成员)的访问控制策略,可以统一管理资源目录各层级内资源访问的权限边界,建立企业整体访问控制原则...
扮演RAM角色时的权限策略判定流程
RAM角色扮演请求涉及多种类型的权限策略,每种权限策略内部的判定都遵从 最小单元判定流程,完整的判定流程如下:管控策略判定 管控策略(Control Policy)是资源目录中对成员账号访问定义的权限边界。如果请求扮演的RAM角色所属账号是 ...
错误代码表
T429SR 429 Throttled by SERVER Flow Control T429MR 429 Too Many Requests,throttle by `${Description}` A403IP 403 Access denied by IP Control Policy 被`IP访问控制插件`阻止访问 A403IN 403 Access from internet is disabled${...
alicloud_resource_manager_control_policies
type-(Optional,ForceNew)The policy type of control policy.Valid values System and Custom.Argument Reference The following attributes are exported in addition to the arguments listed above:names-A list of Control Policy ...
权限控制概述
表格存储 支持通过RAM Policy、Control Policy、Network ACL和Instance Policy实现对 表格存储 资源的权限控制。权限控制方式 表格存储 支持使用的权限控制方式包括RAM权限策略RAM Policy、管控策略Control Policy、Network ACL和实例策略...
调整互联网防火墙访问控制策略优先级
Terraform will perform the actions described above.Only 'yes' will be accepted to approve.Enter a value:yes alicloud_cloud_firewall_control_policy_order.example:Creating.alicloud_cloud_firewall_control_policy_order.example...
配置互联网访问控制策略
Terraform will perform the actions described above.Only 'yes' will be accepted to approve.Enter a value:yes alicloud_cloud_firewall_control_policy.example:Creating.alicloud_cloud_firewall_control_policy.example:Creation ...
数据安全
表格存储支持通过自定义RAM Policy、Control Policy等方式限制用户访问表格存储时使用的TLS版本。更高的TLS版本对应的传输加密算法更安全,推荐使用TLS 1.2及以上版本。更多信息,请参见 自定义RAM Policy、Control Policy管控策略示例、...
为指定VPC防火墙策略组添加访问控制策略
注意事项 Terraform运行环境:阿里云Cloud Shell Terraform版本:0.12 alicloud版本:1.203.0 resource定义:cloud_firewall_vpc_firewall_control_policy 前提条件 已创建阿里云账号和访问密钥(AccessKey)。具体操作,请参见 创建...
服务目录支持的云服务
访问控制策略 alicloud_cloud_firewall_control_policy_order:调整访问控制策略优先级 alicloud_cloud_firewall_instance:实例 堡垒机 alicloud_bastionhost_host:主机 alicloud_bastionhost_host_account:主机账号 alicloud_...
备份中心FAQ
备份任务 kubectl-n csdr describe applicationbackup转换存储类(原制作快照)任务 kubectl-n csdr describe converttosnapshot恢复任务 kubectl-n csdr describe applicationrestore控制台界面提示当前数据拉取失败,请刷新重试!...
项目级别角色授权
通过ACL语法实现Policy授权 grant Describe|Select|Alter|Update|Drop|ShowHistory|All on table[()]to ROLE<role_name>privilegeproperties("policy"="true","{allow}"="{true|false}"[,"conditions"="<conditions>","expires"="<days>"])...
- 产品推荐
- 这些文档可能帮助您