RAM鑒權(quán)
云消息隊(duì)列 MQTT 版權(quán)限管理是通過阿里云的訪問控制RAM(Resource Access Management)產(chǎn)品實(shí)現(xiàn)的。使用RAM可以讓您避免與其他用戶共享云賬號(hào)密鑰,即AccessKey(包含AccessKey ID和AccessKey Secret),按需為用戶分配最小權(quán)限。在使用RAM用戶調(diào)用阿里云OpenAPI前,需要阿里云賬號(hào)通過創(chuàng)建授權(quán)策略對(duì)RAM用戶進(jìn)行授權(quán)。
云消息隊(duì)列 MQTT 版的Resource與Action的對(duì)應(yīng)規(guī)則
在云消息隊(duì)列 MQTT 版中,實(shí)例、Topic、Group和規(guī)則各為一種Resource,對(duì)這些Resource授予的權(quán)限即為Action。
可授權(quán)的云消息隊(duì)列 MQTT 版OpenAPI
下表列舉了云消息隊(duì)列 MQTT 版中可授權(quán)的OpenAPI及其描述方式。
如需訪問云消息隊(duì)列 MQTT 版的OpenAPI,則需有訪問云消息隊(duì)列 MQTT 版實(shí)例的權(quán)限,即mq:MqttInstanceAccess權(quán)限。
更多信息請(qǐng)參見權(quán)限策略。
API | Resource命名格式 | Resource命名示例 | Action描述 |
acs:mq:*:*:* | acs:mq:*:*:* |
| |
acs:mq:*:*:* | acs:mq:*:*:* |
| |
|
|
| |
| |||
|
|
| |
| |||
| |||
|
|
| |
| |||
| |||
| |||
| |||
| |||
| |||
| |||
| |||
實(shí)例:acs:mq:*:*:instance/{mqttInstanceId} | 實(shí)例:acs:mq:*:*:instance/post-cn-09k1noy**** |
| |
| |||
實(shí)例:acs:mq:*:*:instance/{mqttInstanceId} | 實(shí)例:acs:mq:*:*:instance/post-cn-09k1noy**** |
| |
| |||
| |||
| |||
| |||
| |||
| |||
實(shí)例:acs:mq:*:*:instance/{mqttInstanceId} | 實(shí)例:acs:mq:*:*:instance/post-cn-09k1noy**** |
| |
| |||
| |||
| |||
| |||
| |||
實(shí)例:acs:mq:*:*:instance/{mqttInstanceId} | 實(shí)例:acs:mq:*:*:instance/post-cn-09k1noy**** |
| |
| |||
| |||
| |||
| |||
| |||
| |||
| |||
| |||
| |||
| |||
CreateTopic |
|
|
|
ListTopics |
| ||
DeleteTopic |
| ||
UpdateTopic |
| ||
UpdateMqttOutboundRule |
|
|
|
CreateMqttInboundRule |
| ||
DeleteMqttOutboundRule |
| ||
UpdateClientStatusNotifyRule |
| ||
ListClientStatusNotifyRuleInPages |
| ||
ListMqttInboundRuleInPages |
| ||
DeleteClientStatusNotifyRule |
| ||
CreateClientStatusNotifyRule |
| ||
CreateMqttOutboundRule |
| ||
UpdateMqttInboundRule |
| ||
DeleteMqttInboundRule |
| ||
ListMqttOutboundRuleInPages |
|