全部產品
Search

搜尋本產品

    Elastic Compute Service:授權信息

    文件中心

    Elastic Compute Service:授權信息

    更新時間:Aug 28, 2024
    访问控制(RAM)是阿里云提供的管理用户身份与资源访问权限的服务。使用RAM可以让您避免与其他用户共享阿里云账号密钥,并可按需为用户授予最小权限。RAM中使用权限策略描述授权的具体内容。
    本文为您介绍ECS为RAM权限策略定义的操作(Action)、资源(Resource)和条件(Condition)。ECS的RAM代码(RamCode)为ecs,vpc,支持的授权粒度为ECS RESOURCE

    权限策略通用结构

    权限策略支持JSON格式,其通用结构如下:
    {
  "Version": "1",
  "Statement": [
    {
      "Effect": "<Effect>",
      "Action": "<Action>",
      "Resource": "<Resource>",
      "Condition": {
        "<Condition_operator>": {
          "<Condition_key>": [
            "<Condition_value>"
          ]
        }
      }
    }
  ]
}
    各字段含义如下:
    • Effect:权限策略效果。取值:Allow(允许)、Deny(拒绝)。
    • Action:授予允许或拒绝权限的具体操作。具体信息,请参见操作(Action)
    • Resource:受操作影响的具体对象,您可以使用资源ARN来描述指定资源。具体信息,请参见资源(Resource)
    • Condition:指授权生效的条件。可选字段。具体信息,请参见条件(Condition)
      • Condition_operator:条件运算符,不同类型的条件对应不同的条件运算符。具体信息,请参见权限策略基本元素
      • Condition_key:条件关键字。
      • Condition_value:条件关键字对应的值。

    操作(Action)

    下表是ECS定义的操作,这些操作可以在RAM权限策略语句的Action元素中使用,用来授予执行该操作的权限。下面对表中的具体项提供说明:
    • 操作:是指具体的权限点。
    • API:是指操作对应的API接口。
    • 访问级别:是指每个操作的访问级别,取值为写入(Write)、读取(Read)或列出(List)。
    • 资源类型:是指操作中支持授权的资源类型。具体说明如下:
      • 对于必选的资源类型,用背景高亮的方式表示。
      • 对于不支持资源级授权的操作,用全部资源表示。
    • 条件关键字:是指云产品自身定义的条件关键字。该列不体现适用于任何操作的通用条件关键字
    • 关联操作:是指成功执行操作所需要的其他权限。操作者必须同时具备关联操作的权限,操作才能成功。
    操作API访问级别资源类型条件关键字关联操作
    ecs:DescribePrefixListAssociationsDescribePrefixListAssociationsget
    PrefixList
    acs:ecs:{#regionId}:{#accountId}:prefixlist/{#PrefixListId}
    ecs:DescribeAutoProvisioningGroupInstancesDescribeAutoProvisioningGroupInstancesget
    AutoProvisioningGroup
    acs:ecs:{#regionId}:{#accountId}:autoprovisioninggroup/{#autoprovisioninggroupId}
    ecs:DescribeAutoProvisioningGroupsDescribeAutoProvisioningGroupsget
    全部资源
    *
    ecs:ListPluginStatusListPluginStatusget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#InstanceId}
    ecs:ModifyCloudAssistantSettingsModifyCloudAssistantSettingsupdate
    ServiceSettings
    acs:ecs:{#regionId}:{#accountId}:servicesettings/{#servicesettingId}
    ecs:DescribeDedicatedHostAutoRenewDescribeDedicatedHostAutoRenewget
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    ecs:DescribeCloudAssistantSettingsDescribeCloudAssistantSettingslist
    ServiceSettings
    acs:ecs:{#regionId}:{#accountId}:servicesettings/{#servicesettingId}
    ecs:DeleteAutoProvisioningGroupDeleteAutoProvisioningGroupdelete
    AutoProvisioningGroup
    acs:ecs:{#regionId}:{#accountId}:autoprovisioninggroup/{#autoprovisioninggroupId}
    ecs:ModifySnapshotAttributeModifySnapshotAttributeupdate
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:ResetDiskResetDiskupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:AcceptInquiredSystemEventAcceptInquiredSystemEventupdate
    全部资源
    *
    ecs:ModifyHpcClusterAttributeModifyHpcClusterAttributeupdate
    全部资源
    *
    ecs:DescribeInstanceTopologyDescribeInstanceTopologyget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeTagsDescribeTagsget
    全部资源
    *
    ecs:DescribeTerminalSessionsDescribeTerminalSessionslist
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#InstanceId}
    ecs:DescribeTaskAttributeDescribeTaskAttributeget
    全部资源
    *
    ecs:DescribeStorageCapacityUnitsDescribeStorageCapacityUnitsget
    StorageCapacityUnit
    acs:ecs:{#regionId}:{#accountId}:scu/*
    StorageCapacityUnit
    acs:ecs:{#regionId}:{#accountId}:scu/{#scuId}
    ecs:DeleteInstancesDeleteInstancesdelete
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeAutoSnapshotPolicyEXDescribeAutoSnapshotPolicyExget
    AutoSnapshotPolicy
    acs:ecs:{#regionId}:{#accountId}:snapshotpolicy/*
    AutoSnapshotPolicy
    acs:ecs:{#regionId}:{#accountId}:snapshotpolicy/{#snapshotpolicyId}
    ecs:ModifyInstanceAutoRenewAttributeModifyInstanceAutoRenewAttributeupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:RedeployDedicatedHostRedeployDedicatedHostupdate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    ecs:DeleteHpcClusterDeleteHpcClusterdelete
    全部资源
    *
    ecs:DescribeElasticityAssurancesDescribeElasticityAssurancesget
    ElasticityAssurance
    acs:ecs:{#regionId}:{#accountId}:elasticityassurance/*
    ecs:DeleteImageComponentDeleteImageComponentdelete
    ImageComponent
    acs:ecs:{#regionId}:{#accountId}:imagecomponent/{#imagecomponentId}
    ecs:AttachKeyPairAttachKeyPairupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/{#keypairName}
    ecs:DescribeImageFromFamilyDescribeImageFromFamilyget
    全部资源
    *
    ecs:DescribeInvocationsDescribeInvocationsget
    全部资源
    *
    ecs:AllocateDedicatedHostsAllocateDedicatedHostscreate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/*
    ecs:CreateDiagnosticMetricSetCreateDiagnosticMetricSetcreate
    全部资源
    *
    ecs:DescribeClassicLinkInstancesDescribeClassicLinkInstancesget
    全部资源
    *
    ecs:ReleaseCapacityReservationReleaseCapacityReservationdelete
    全部资源
    *
    ecs:DeleteStorageSetDeleteStorageSetdelete
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:DescribeDiskMonitorDataDescribeDiskMonitorDataget
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:ReplaceSystemDiskReplaceSystemDiskupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeImageSharePermissionDescribeImageSharePermissionget
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:DescribePriceDescribePriceget
    全部资源
    *
    ecs:CreateNetworkInterfaceCreateNetworkInterfacecreate
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/*
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    VSwitch
    acs:vpc:{#regionId}:{#accountId}:vswitch/{#vswitchId}
    vpc:IsDefaultVSwitch
    vpc:IsDefaultVpc
    vpc:VPC
    vpc:tag
    vpc:tag
    vpc:tag
    ecs:DescribeInstanceMaintenanceAttributesDescribeInstanceMaintenanceAttributesget
    全部资源
    *
    ecs:DescribeDisksDescribeDiskslist
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/*
    ecs:DescribeSnapshotMonitorDataDescribeSnapshotMonitorDataget
    全部资源
    *
    ecs:CreateNetworkInterfacePermissionCreateNetworkInterfacePermissioncreate
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:DescribeBandwidthLimitationDescribeBandwidthLimitationget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeDeploymentSetsDescribeDeploymentSetsget
    DeploymentSet
    acs:ecs:{#regionId}:{#accountId}:deploymentset/*
    ecs:CreateSimulatedSystemEventsCreateSimulatedSystemEventscreate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeSnapshotLinksDescribeSnapshotLinksget
    全部资源
    *
    ecs:ModifyImageShareGroupPermissionModifyImageShareGroupPermissionupdate
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:DescribeNetworkInterfacesDescribeNetworkInterfacesget
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:DescribeSnapshotPackageDescribeSnapshotPackageget
    全部资源
    *
    ecs:DetachInstanceRamRoleDetachInstanceRamRoleupdate
    全部资源
    *
    ecs:ConvertNatPublicIpToEipConvertNatPublicIpToEipupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:CreateSnapshotGroupCreateSnapshotGroupcreate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyInstanceDeploymentModifyInstanceDeploymentupdate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:CreateStorageSetCreateStorageSetcreate
    全部资源
    *
    ecs:CopySnapshotCopySnapshotcreate
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:RunInstancesRunInstancescreate
    全部资源
    *
    vpc:IsDefaultVSwitch
    vpc:IsDefaultVpc
    vpc:VPC
    ecs:IsDiskEncrypted
    ecs:InstanceTypeFamily
    ecs:InstanceType
    ecs:ImageOwnerId
    ecs:ImageSource
    ecs:NotSpecifySecurityGroupId
    ecs:CreateSnapshotCreateSnapshotcreate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/*
    ecs:DeleteDiskDeleteDiskdelete
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:ModifyStorageCapacityUnitAttributeModifyStorageCapacityUnitAttributeupdate
    StorageCapacityUnit
    acs:ecs:{#regionId}:{#accountId}:scu/{#scuId}
    ecs:DeleteDeploymentSetDeleteDeploymentSetdelete
    DeploymentSet
    acs:ecs:{#regionid}:{#accountId}:deploymentset/{#deploymentSetId}
    ecs:DescribeDedicatedHostClustersDescribeDedicatedHostClustersget
    DedicatedHostCluster
    acs:ecs:{#regionId}:{#accountId}:ddhcluster/{#ddhclusterId}
    DedicatedHostCluster
    acs:ecs:{#regionId}:{#accountId}:ddhcluster/*
    ecs:UntagResourcesUntagResourcesdelete
    全部资源
    *
    ecs:DeleteSecurityGroupDeleteSecurityGroupdelete
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:DeleteInstanceDeleteInstancedelete
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:RebootInstanceRebootInstanceupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyInstanceAutoReleaseTimeModifyInstanceAutoReleaseTimeupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyPrepayInstanceSpecModifyPrepayInstanceSpecupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:RemoveTagsRemoveTagsdelete
    全部资源
    *
    ecs:ModifyImageSharePermissionModifyImageSharePermissionupdate
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:CancelImagePipelineExecutionCancelImagePipelineExecutionupdate
    ImagePipeline
    acs:ecs:{#regionId}:{#accountId}:imagepipeline/{#imagepipelineId}
    ecs:ModifyLaunchTemplateDefaultVersionModifyLaunchTemplateDefaultVersionupdate
    全部资源
    *
    ecs:DescribeSendFileResultsDescribeSendFileResultsget
    全部资源
    *
    ecs:DescribeNetworkInterfaceAttributeDescribeNetworkInterfaceAttributeget
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:DeleteNetworkInterfaceDeleteNetworkInterfacedelete
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:ModifyReservedInstancesModifyReservedInstancesupdate
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/{#reservedinstanceId}
    ecs:DescribeSecurityGroupReferencesDescribeSecurityGroupReferencesget
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:CopyImageCopyImageupdate
    全部资源
    *
    ecs:AssignIpv6AddressesAssignIpv6Addressescreate
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:DeletePrefixListDeletePrefixListdelete
    PrefixList
    acs:ecs:{#regionId}:{#accountId}:prefixlist/{#PrefixListId}
    ecs:DescribeSnapshotsDescribeSnapshotsget
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/*
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:DetachClassicLinkVpcDetachClassicLinkVpcupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    VPC
    acs:vpc:{#regionId}:{#accountId}:vpc/{#vpcId}
    ecs:DeleteNetworkInterfacePermissionDeleteNetworkInterfacePermissiondelete
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:DetachKeyPairDetachKeyPairupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/{#keypairName}
    ecs:DeleteLaunchTemplateVersionDeleteLaunchTemplateVersiondelete
    LaunchTemplate
    acs:ecs:{#regionId}:{#accountId}:launchtemplate/{#launchtemplateId}
    ecs:ExportImageExportImageupdate
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:DescribeInstancesFullStatusDescribeInstancesFullStatusget
    全部资源
    *
    ecs:DetachDiskDetachDiskupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ExportSnapshotExportSnapshotcreate
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:ModifySecurityGroupEgressRuleModifySecurityGroupEgressRuleupdate
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:tag
    ecs:tag
    ecs:SecurityGroupIpProtocols
    ecs:SecurityGroupSourceCidrIps
    ecs:DeleteDiagnosticMetricSetsDeleteDiagnosticMetricSetsdelete
    全部资源
    *
    ecs:ImportKeyPairImportKeyPaircreate
    全部资源
    *
    ecs:RenewReservedInstancesRenewReservedInstancescreate
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/{#ReservedInstanceId}
    ecs:PurchaseReservedInstancesOfferingPurchaseReservedInstancesOfferingcreate
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/*
    ecs:CreateInstanceCreateInstancecreate
    全部资源
    *
    vpc:VPC
    vpc:IsDefaultVSwitch
    vpc:IsDefaultVpc
    ecs:IsDiskEncrypted
    ecs:InstanceType
    ecs:InstanceTypeFamily
    ecs:ImageOwnerId
    ecs:ImageSource
    ecs:NotSpecifySecurityGroupId
    ecs:DeleteImageDeleteImagedelete
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:DescribeCapacityReservationInstancesDescribeCapacityReservationInstancesget
    全部资源
    *
    ecs:DescribeEniMonitorDataDescribeEniMonitorDataget
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:CancelTaskCancelTaskupdate
    全部资源
    *
    ecs:DescribeImagesDescribeImagesget
    Image
    acs:ecs:{#regionId}:{#accountId}:image/*
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:DeleteDemandDeleteDemanddelete
    全部资源
    *
    ecs:CreateDedicatedHostClusterCreateDedicatedHostClustercreate
    全部资源
    *
    ecs:DeleteDiagnosticReportsDeleteDiagnosticReportsdelete
    全部资源
    *
    ecs:CreateAutoSnapshotPolicyCreateAutoSnapshotPolicycreate
    AutoSnapshotPolicy
    acs:ecs:{#regionId}:{#accountId}:snapshotpolicy/*
    ecs:ReleasePublicIpAddressReleasePublicIpAddressdelete
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeInstanceMonitorDataDescribeInstanceMonitorDataget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DeleteLaunchTemplateDeleteLaunchTemplatedelete
    全部资源
    *
    ecs:CreateDemandCreateDemandcreate
    全部资源
    *
    ecs:DescribeActivationsDescribeActivationsget
    Activation
    acs:ecs:{#regionId}:{#accountId}:activation/*
    Activation
    acs:ecs:{#regionId}:{#accountId}:activation/{#activationId}
    ecs:CreateElasticityAssuranceCreateElasticityAssurancecreate
    ElasticityAssurance
    acs:ecs:{#regionId}:{#accountId}:elasticityassurance/*
    ecs:DescribeLaunchTemplatesDescribeLaunchTemplatesget
    LaunchTemplate
    acs:ecs:{#regionId}:{#accountId}:launchtemplate/*
    LaunchTemplate
    acs:ecs:{#regionId}:{#accountId}:launchtemplate/{#launchtemplateId}
    ecs:AttachInstanceRamRoleAttachInstanceRamRoleupdate
    全部资源
    *
    ecs:DescribeRenewalPriceDescribeRenewalPriceget
    全部资源
    *
    ecs:GetInstanceConsoleOutputGetInstanceConsoleOutputget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyAutoProvisioningGroupModifyAutoProvisioningGroupupdate
    autoprovisioninggroup
    acs:ecs:{#regionId}:{#accountId}:autoprovisioninggroup/{#autoprovisioninggroupId}
    ecs:DeleteKeyPairsDeleteKeyPairsdelete
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/{#keypairName}
    ecs:ModifyDiskAttributeModifyDiskAttributeupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:StopInvocationStopInvocationupdate
    全部资源
    *
    ecs:ModifyImageAttributeModifyImageAttributeupdate
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:RevokeSecurityGroupRevokeSecurityGroupdelete
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:tag
    ecs:tag
    ecs:tag
    ecs:StartTerminalSessionStartTerminalSessionupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:CancelAutoSnapshotPolicyCancelAutoSnapshotPolicyupdate
    全部资源
    *
    ecs:ModifyInstanceMaintenanceAttributesModifyInstanceMaintenanceAttributesupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:StartImagePipelineExecutionStartImagePipelineExecutionupdate
    ImagePipeline
    acs:ecs:{#regionId}:{#accountId}:imagepipeline/{#imagepipelineId}
    ecs:ModifyInstanceNetworkSpecModifyInstanceNetworkSpecupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:UnassignPrivateIpAddressesUnassignPrivateIpAddressesdelete
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:DescribeUserDataDescribeUserDataget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyReservedInstanceAttributeModifyReservedInstanceAttributeupdate
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/{#reservedinstanceId}
    ecs:RenewInstanceRenewInstanceupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifySnapshotGroupModifySnapshotGroupupdate
    SnapshotGroup
    acs:ecs:{#regionId}:{#accountId}:snapshotgroup/{#SnapshotGroupId}
    ecs:ModifyAutoSnapshotPolicyExModifyAutoSnapshotPolicyExupdate
    全部资源
    *
    ecs:DescribeResourcesModificationDescribeResourcesModificationget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:StartInstancesStartInstancesupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:AuthorizeSecurityGroupEgressAuthorizeSecurityGroupEgresscreate
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:SecurityGroupIpProtocols
    ecs:SecurityGroupSourceCidrIps
    ecs:ModifyDiskChargeTypeModifyDiskChargeTypeupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeSecurityGroupsDescribeSecurityGroupsget
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/*
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:DescribeDiagnosticMetricsDescribeDiagnosticMetricsget
    全部资源
    *
    ecs:CreateLaunchTemplateVersionCreateLaunchTemplateVersioncreate
    LaunchTemplate
    acs:ecs:{#regionId}:{#accountId}:launchtemplate/{#launchtemplateId}
    ecs:DescribeTasksDescribeTasksget
    全部资源
    *
    ecs:DescribeHpcClustersDescribeHpcClustersget
    HpcCluster
    acs:ecs:{#regionId}:{#accountId}:hpc/*
    ecs:DescribeInstanceHistoryEventsDescribeInstanceHistoryEventsget
    全部资源
    *
    ecs:ModifyPrefixListModifyPrefixListupdate
    PrefixList
    acs:ecs:{#regionId}:{#accountId}:prefixlist/{#PrefixListId}
    ecs:ModifyDedicatedHostAttributeModifyDedicatedHostAttributeupdate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    DedicatedHostCluster
    acs:ecs:{#regionId}:{#accountId}:ddhcluster/{#ddhclusterId}
    ecs:AddTagsAddTagscreate
    全部资源
    *
    ecs:DescribeDiagnosticReportsDescribeDiagnosticReportsget
    全部资源
    *
    ecs:ModifyDiskSpecModifyDiskSpecupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:DescribeDedicatedHostsDescribeDedicatedHostsget
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/*
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    ecs:AttachClassicLinkVpcAttachClassicLinkVpcupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    VPC
    acs:vpc:{#regionId}:{#accountId}:vpc/{#vpcId}
    vpc:tag
    ecs:DescribeNetworkInterfacePermissionsDescribeNetworkInterfacePermissionsget
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:DeleteAutoSnapshotPolicyDeleteAutoSnapshotPolicydelete
    AutoSnapshotPolicy
    acs:ecs:{#regionId}:{#accountId}:snapshotpolicy/{#SnapshotPolicyId}
    ecs:DetachNetworkInterfaceDetachNetworkInterfaceupdate
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:RedeployInstanceRedeployInstanceupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DeleteImagePipelineDeleteImagePipelinedelete
    ImagePipeline
    acs:ecs:{#regionId}:{#accountId}:imagepipeline/{#imagepipelineId}
    ecs:ModifyCapacityReservationModifyCapacityReservationupdate
    全部资源
    *
    ecs:DescribeInstanceAttributeDescribeInstanceAttributeget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyDedicatedHostAutoReleaseTimeModifyDedicatedHostAutoReleaseTimeupdate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    ecs:DescribePrefixListAttributesDescribePrefixListAttributesget
    PrefixList
    acs:ecs:{#regionId}:{#accountId}:prefixlist/{#PrefixListId}
    ecs:DescribeInvocationResultsDescribeInvocationResultsget
    全部资源
    *
    ecs:ReInitDiskReInitDiskupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:TagResourcesTagResourcescreate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/{#keypairId}
    LaunchTemplate
    acs:ecs:{#regionId}:{#accountId}:launchtemplate/{#launchtemplateId}
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/{#reservedinstanceId}
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    AutoSnapshotPolicy
    acs:ecs:{#regionId}:{#accountId}:snapshotpolicy/{#SnapshotPolicyId}
    ecs:ModifySecurityGroupAttributeModifySecurityGroupAttributeupdate
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:DescribeReservedInstancesDescribeReservedInstancesget
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/*
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/{#reservedinstanceId}
    ecs:UnassignIpv6AddressesUnassignIpv6Addressesdelete
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:ReActivateInstancesReActivateInstancesupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:JoinSecurityGroupJoinSecurityGroupupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:RenewDedicatedHostsRenewDedicatedHostsupdate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    ecs:CancelSimulatedSystemEventsCancelSimulatedSystemEventsupdate
    全部资源
    *
    ecs:AuthorizeSecurityGroupAuthorizeSecurityGroupcreate
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:SecurityGroupIpProtocols
    ecs:SecurityGroupSourceCidrIps
    ecs:DescribeInstanceVncUrlDescribeInstanceVncUrlget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:CreateActivationCreateActivationcreate
    Activation
    acs:ecs:{#regionId}:{#accountId}:activation/*
    ecs:StartInstanceStartInstanceupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeSnapshotsUsageDescribeSnapshotsUsageget
    全部资源
    *
    ecs:DescribeSecurityGroupAttributeDescribeSecurityGroupAttributeget
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:tag
    ecs:CreateCommandCreateCommandcreate
    Command
    acs:ecs:{#regionId}:{#accountId}:command/*
    ecs:CreateHpcClusterCreateHpcClustercreate
    HpcCluster
    acs:ecs:{#regionId}:{#accountId}:hpc/*
    ecs:GetInstanceScreenshotGetInstanceScreenshotget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyDeploymentSetAttributeModifyDeploymentSetAttributeupdate
    DeploymentSet
    acs:ecs:{#regionId}:{#accountId}:deploymentset/{#DeploymentSetId}
    ecs:StopInstancesStopInstancesupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyInstanceAttachmentAttributesModifyInstanceAttachmentAttributesupdate
    全部资源
    *
    ecs:DeleteActivationDeleteActivationdelete
    activation
    acs:ecs:{#regionId}:{#accountId}:activation/{#activationId}
    ecs:DeleteDedicatedHostClusterDeleteDedicatedHostClusterdelete
    DedicatedHostCluster
    acs:ecs:{#regionId}:{#accountId}:ddhcluster/{#ddhclusterId}
    ecs:DescribeLaunchTemplateVersionsDescribeLaunchTemplateVersionsget
    全部资源
    *
    ecs:DeleteCommandDeleteCommanddelete
    Command
    acs:ecs:{#regionId}:{#accountId}:command/{#commandId}
    ecs:RebootInstancesRebootInstancesupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeSnapshotGroupsDescribeSnapshotGroupsget
    SnapshotGroup
    acs:ecs:{#regionId}:{#accountId}:snapshotgroup/*
    SnapshotGroup
    acs:ecs:{#regionId}:{#accountId}:snapshotgroup/{#snapshotgroupId}
    ecs:DescribePrefixListsDescribePrefixListsget
    PrefixList
    acs:ecs:{#regionId}:{#accountId}:prefixlist/{#PrefixListId}
    ecs:DescribeDiagnosticReportAttributesDescribeDiagnosticReportAttributesget
    全部资源
    *
    ecs:CreateImageCreateImagecreate
    Image
    acs:ecs:{#regionId}:{#accountId}:image/*
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:DescribeCapacityReservationsDescribeCapacityReservationsget
    CapacityReservation
    acs:ecs:{#regionId}:{#accountId}:capacityreservation/*
    ecs:ModifyCommandModifyCommandupdate
    Command
    acs:ecs:{#regionId}:{#accountId}:command/{#commandId}
    ecs:LeaveSecurityGroupLeaveSecurityGroupupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:CreateImagePipelineCreateImagePipelinecreate
    ImagePipeline
    acs:ecs:{#regionId}:{#accountId}:imagepipeline/*
    ecs:ModifyNetworkInterfaceAttributeModifyNetworkInterfaceAttributeupdate
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:DescribeInstanceRamRoleDescribeInstanceRamRoleget
    全部资源
    *
    ecs:CreateLaunchTemplateCreateLaunchTemplatecreate
    LaunchTemplate
    acs:ecs:{#regionId}:{#accountId}:launchtemplate/*
    ecs:RunCommandRunCommandupdate
    全部资源
    *
    ecs:CommandRunAs
    ecs:DescribeReservedInstanceAutoRenewAttributeDescribeReservedInstanceAutoRenewAttributeget
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/{#ReservedInstanceId}
    ecs:ModifyDedicatedHostClusterAttributeModifyDedicatedHostClusterAttributeupdate
    ddhcluster
    acs:ecs:{#regionId}:{#accountId}:ddhcluster/{#ddhclusterId}
    ecs:CreatePrefixListCreatePrefixListcreate
    全部资源
    *
    ecs:DescribeInstanceStatusDescribeInstanceStatusget
    全部资源
    *
    ecs:ModifyInstanceVpcAttributeModifyInstanceVpcAttributeupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    VSwitch
    acs:vpc:{#regionId}:{#accountId}:vswitch/{#vswitchId}
    vpc:tag
    vpc:VPC
    ecs:ModifyManagedInstanceModifyManagedInstanceupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifySecurityGroupRuleModifySecurityGroupRuleupdate
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:SecurityGroupIpProtocols
    ecs:SecurityGroupSourceCidrIps
    ecs:ModifyStorageSetAttributeModifyStorageSetAttributeupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:ReportInstancesStatusReportInstancesStatusget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeManagedInstancesDescribeManagedInstancesget
    全部资源
    *
    ecs:PurchaseStorageCapacityUnitPurchaseStorageCapacityUnitcreate
    StorageCapacityUnit
    acs:ecs:{#regionId}:{#accountId}:scu/*
    ecs:CreateDiskCreateDiskcreate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/*
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:IsDiskEncrypted
    ecs:InstallCloudAssistantInstallCloudAssistantupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ReleaseDedicatedHostReleaseDedicatedHostdelete
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    ecs:DescribeAccountAttributesDescribeAccountAttributesget
    全部资源
    *
    ecs:AssignPrivateIpAddressesAssignPrivateIpAddressescreate
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    ecs:CreateImageComponentCreateImageComponentcreate
    ImageComponent
    acs:ecs:{#regionId}:{#accountId}:imagecomponent/*
    ecs:DescribeKeyPairsDescribeKeyPairsget
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/{#keypairName}
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/*
    ecs:AttachNetworkInterfaceAttachNetworkInterfaceupdate
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeStorageSetDetailsDescribeStorageSetDetailsget
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:DescribeElasticityAssuranceInstancesDescribeElasticityAssuranceInstancesget
    全部资源
    *
    ecs:ImportImageImportImageupdate
    全部资源
    *
    ecs:DescribeImagePipelineExecutionsDescribeImagePipelineExecutionsget
    全部资源
    *
    ecs:DescribeStorageSetsDescribeStorageSetsget
    全部资源
    *
    ecs:ModifyInstanceChargeTypeModifyInstanceChargeTypeupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:InvokeCommandInvokeCommandupdate
    Command
    acs:ecs:{#regionId}:{#accountId}:command/{#commandId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:CommandRunAs
    ecs:ModifyDedicatedHostsChargeTypeModifyDedicatedHostsChargeTypeupdate
    全部资源
    *
    ecs:ModifyInstanceAttributeModifyInstanceAttributeupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#SecurityGroupId}
    ecs:tag
    ecs:tag
    ecs:tag
    ecs:tag
    ecs:ModifyInstanceVncPasswdModifyInstanceVncPasswdupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:AttachDiskAttachDiskupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ModifyInstanceMetadataOptionsModifyInstanceMetadataOptionsupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeInstanceAutoRenewAttributeDescribeInstanceAutoRenewAttributeget
    全部资源
    *
    ecs:CreateAutoProvisioningGroupCreateAutoProvisioningGroupcreate
    全部资源
    *
    ecs:ModifyElasticityAssuranceModifyElasticityAssuranceupdate
    全部资源
    *
    ecs:CreateKeyPairCreateKeyPaircreate
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/*
    ecs:DescribeImageSupportInstanceTypesDescribeImageSupportInstanceTypesget
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:ModifyInstanceSpecModifyInstanceSpecupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:AllocatePublicIpAddressAllocatePublicIpAddresscreate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:ResetDisksResetDisksupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:DeleteSnapshotDeleteSnapshotdelete
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    ecs:ResizeDiskResizeDiskupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    ecs:DescribeInstanceModificationPriceDescribeInstanceModificationPriceget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#InstanceId}
    ecs:DescribeInstancesDescribeInstancesget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/*
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ResourceOwner
    ecs:DescribeInstanceAttachmentAttributesDescribeInstanceAttachmentAttributesget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:StopInstanceStopInstanceupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeResourceByTagsDescribeResourceByTagsget
    全部资源
    *
    ecs:RevokeSecurityGroupEgressRevokeSecurityGroupEgressdelete
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:tag
    ecs:tag
    ecs:tag
    ecs:ModifyDedicatedHostAutoRenewAttributeModifyDedicatedHostAutoRenewAttributeupdate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    ecs:JoinResourceGroupJoinResourceGroupupdate
    DedicatedHost
    acs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    NetworkInterface
    acs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    KeyPair
    acs:ecs:{#regionId}:{#accountId}:keypair/{#keypairId}
    LaunchTemplate
    acs:ecs:{#regionId}:{#accountId}:launchtemplate/{#launchtemplateId}
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    Snapshot
    acs:ecs:{#regionId}:{#accountId}:snapshot/{#SnapshotId}
    ecs:SendFileSendFileupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DeregisterManagedInstanceDeregisterManagedInstanceupdate
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:DescribeUserBusinessBehaviorDescribeUserBusinessBehaviorget
    全部资源
    *
    ecs:ModifyAutoSnapshotPolicyModifyAutoSnapshotPolicyupdate
    全部资源
    *
    ecs:DescribeCloudAssistantStatusDescribeCloudAssistantStatusget
    Instance
    acs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    ecs:CreateCapacityReservationCreateCapacityReservationcreate
    CapacityReservation
    acs:ecs:{#regionId}:{#accountId}:capacityreservation/*
    ecs:DescribeDemandsDescribeDemandsget
    全部资源
    *
    ecs:CancelCopyImageCancelCopyImageupdate
    Image
    acs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    ecs:DeleteSnapshotGroupDeleteSnapshotGroupdelete
    SnapshotGroup
    acs:ecs:{#regionId}:{#accountId}:snapshotgroup/{#snapshotgroupId}
    ecs:ApplyAutoSnapshotPolicyApplyAutoSnapshotPolicyupdate
    Disk
    acs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    AutoSnapshotPolicy
    acs:ecs:{#regionId}:{#accountId}:snapshotpolicy/{#snapshotpolicyId}
    ecs:DescribeImageComponentsDescribeImageComponentsget
    ImageComponent
    acs:ecs:{#regionId}:{#accountId}:imagecomponent/*
    ImageComponent
    acs:ecs:{#regionId}:{#accountId}:imagecomponent/{#imagecomponentId}
    ecs:CreateDeploymentSetCreateDeploymentSetcreate
    全部资源
    *
    ecs:DescribeAutoProvisioningGroupHistoryDescribeAutoProvisioningGroupHistoryget
    全部资源
    *
    ecs:CreateSecurityGroupCreateSecurityGroupcreate
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/*
    VPC
    acs:vpc:{#regionId}:{#accountId}:vpc/{#vpcId}
    ecs:ListTagResourcesListTagResourcesget
    全部资源
    *
    ecs:DescribeImagePipelinesDescribeImagePipelinesget
    ImagePipeline
    acs:ecs:{#regionId}:{#accountId}:imagepipeline/*
    ImagePipeline
    acs:ecs:{#regionId}:{#accountId}:imagepipeline/{#imagepipelineId}
    ecs:DisableActivationDisableActivationupdate
    Activation
    acs:ecs:{#regionId}:{#accountId}:activation/{#ActivationId}
    ecs:ModifyInvocationAttributeModifyInvocationAttributeupdate
    全部资源
    *
    ecs:ModifyReservedInstanceAutoRenewAttributeModifyReservedInstanceAutoRenewAttributeupdate
    ReservedInstance
    acs:ecs:{#regionId}:{#accountId}:reservedinstance/{#ReservedInstanceId}
    ecs:CreateDiagnosticReportCreateDiagnosticReportcreate
    全部资源
    *
    ecs:ModifyDiagnosticMetricSetModifyDiagnosticMetricSetupdate
    全部资源
    *
    ecs:ModifyUserBusinessBehaviorModifyUserBusinessBehaviorupdate
    全部资源
    *
    ecs:DescribeCommandsDescribeCommandsget
    Command
    acs:ecs:{#regionId}:{#accountId}:command/*
    Command
    acs:ecs:{#regionId}:{#accountId}:command/{#commandId}
    ecs:ModifySecurityGroupPolicyModifySecurityGroupPolicyupdate
    SecurityGroup
    acs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    ecs:DescribeDiagnosticMetricSetsDescribeDiagnosticMetricSetsget
    全部资源
    *
    ecs:DescribeDisksFullStatusDescribeDisksFullStatusget
    全部资源
    *
    vpc:AllocateEipAddressAllocateEipAddressupdate
    全部资源
    *
    vpc:ModifyEipAddressAttributeModifyEipAddressAttributeupdate
    Address
    acs:vpc:{#regionId}:{#accountId}:eip/{#AllocationId}
    vpc:CreateHaVipCreateHaVipcreate
    全部资源
    *
    vpc:DeleteNatGatewayDeleteNatGatewaydelete
    NatGateway
    acs:vpc:{#regionId}:{#accountId}:natgateway/{#natgatewayid}
    vpc:CreateVpcCreateVpccreate
    全部资源
    *
    vpc:DeletePhysicalConnectionDeletePhysicalConnectiondelete
    PhysicalConnection
    acs:vpc:{#regionId}:{#accountId}:physicalconnection/{#PhysicalConnectionId}
    vpc:DeleteForwardEntryDeleteForwardEntrydelete
    ForwardTable
    acs:vpc:{#regionId}:{#accountId}:forwardtable/{#ForwardTableId}
    vpc:CreateForwardEntryCreateForwardEntrycreate
    ForwardTable
    acs:vpc:{#regionId}:{#accountId}:forwardtable/{#ForwardTableId}
    vpc:DeleteHaVipDeleteHaVipdelete
    HaVip
    acs:vpc:{#regionId}:{#accountId}:havip/{#HaVipId}
    vpc:DescribePhysicalConnectionsDescribePhysicalConnectionsget
    全部资源
    *
    vpc:AssociateEipAddressAssociateEipAddressupdate
    全部资源
    *
    vpc:ModifyPhysicalConnectionAttributeModifyPhysicalConnectionAttributeupdate
    PhysicalConnection
    acs:vpc:{#regionId}:{#accountId}:physicalconnection/{#PhysicalConnectionId}
    vpc:ConnectRouterInterfaceConnectRouterInterfaceupdate
    RouterInterface
    acs:vpc:{#regionId}:{#accountId}:routerinterface/{#RouterInterfaceId}
    vpc:DescribeForwardTableEntriesDescribeForwardTableEntriesget
    ForwardTable
    acs:vpc:{#regionId}:{#accountId}:forwardtable/{#ForwardTableId}
    vpc:EnablePhysicalConnectionEnablePhysicalConnectionupdate
    PhysicalConnection
    acs:vpc:{#regionId}:{#accountId}:physicalconnection/{#PhysicalConnectionId}
    vpc:ModifyVSwitchAttributeModifyVSwitchAttributeupdate
    VSwitch
    acs:vpc:{#regionId}:{#accountId}:vswitch/{#VSwitchId}
    vpc:RemoveBandwidthPackageIpsRemoveBandwidthPackageIpsdelete
    BandwidthPackage
    acs:vpc:{#regionId}:{#accountId}:bandwidthpackage/{#BandwidthPackageId}
    vpc:DeactivateRouterInterfaceDeactivateRouterInterfaceupdate
    RouterInterface
    acs:vpc:{#regionId}:{#accountId}:routerinterface/{#RouterInterfaceId}
    vpc:ModifyForwardEntryModifyForwardEntryupdate
    ForwardTable
    acs:vpc:{#regionId}:{#accountId}:forwardtable/{#ForwardTableId}
    vpc:DescribeEipAddressesDescribeEipAddressesget
    Address
    acs:vpc:{#regionId}:{#accountId}:eip/{#AllocationId}
    vpc:DescribeRouterInterfacesDescribeRouterInterfacesget
    全部资源
    *
    vpc:UnassociateEipAddressUnassociateEipAddressupdate
    全部资源
    *
    vpc:DescribeVpcsDescribeVpcsget
    全部资源
    *
    vpc:tag
    vpc:DescribeHaVipsDescribeHaVipsget
    全部资源
    *
    vpc:DescribeRouteTablesDescribeRouteTablesget
    RouteTable
    acs:vpc:{#regionId}:{#accountId}:routetable/{#RouteTableId}
    vpc:VBR
    vpc:VRouter
    vpc:RecoverVirtualBorderRouterRecoverVirtualBorderRouterupdate
    VirtualBorderRouter
    acs:vpc:{#regionId}:{#accountId}:virtualborderrouter/{#VirtualBorderRouterId}
    vpc:DescribeVRoutersDescribeVRoutersget
    全部资源
    *
    vpc:VPC
    vpc:AssociateHaVipAssociateHaVipupdate
    Instance
    acs:vpc:{#regionId}:{#accountId}:instance/{#InstanceId}
    HaVip
    acs:vpc:{#regionId}:{#accountId}:havip/{#HaVipId}
    vpc:DescribeVSwitchesDescribeVSwitchesget
    全部资源
    *
    vpc:VPC
    vpc:CreateRouterInterfaceCreateRouterInterfacecreate
    全部资源
    *
    vpc:TargetAccountRDId
    vpc:TerminateVirtualBorderRouterTerminateVirtualBorderRouterupdate
    VirtualBorderRouter
    acs:vpc:{#regionId}:{#accountId}:virtualborderrouter/{#VirtualBorderRouterId}
    vpc:ModifyVpcAttributeModifyVpcAttributeupdate
    VPC
    acs:vpc:{#regionId}:{#accountId}:vpc/{#VpcId}
    vpc:tag
    vpc:ModifyHaVipAttributeModifyHaVipAttributeupdate
    HaVip
    acs:vpc:{#regionId}:{#accountId}:havip/{#HaVipId}
    vpc:CreateNatGatewayCreateNatGatewaycreate
    全部资源
    *
    vpc:DescribeNewProjectEipMonitorDataDescribeNewProjectEipMonitorDataget
    全部资源
    *
    vpc:ModifyRouterInterfaceSpecModifyRouterInterfaceSpecupdate
    RouterInterface
    acs:vpc:{#regionId}:{#accountId}:routerinterface/{#RouterInterfaceId}
    vpc:ModifyRouterInterfaceAttributeModifyRouterInterfaceAttributeupdate
    RouterInterface
    acs:vpc:{#regionId}:{#accountId}:routerinterface/{#RouterInterfaceId}
    vpc:TargetAccountRDId
    vpc:DeleteRouterInterfaceDeleteRouterInterfacedelete
    RouterInterface
    acs:vpc:{#regionId}:{#accountId}:routerinterface/{#RouterInterfaceId}
    vpc:DescribeNatGatewaysDescribeNatGatewaysget
    全部资源
    *
    vpc:ReleaseEipAddressReleaseEipAddressupdate
    Address
    acs:vpc:{#regionId}:{#accountId}:eip/{#AllocationId}
    vpc:tag
    vpc:ModifyBandwidthPackageSpecModifyBandwidthPackageSpecupdate
    BandwidthPackage
    acs:vpc:{#regionId}:{#accountId}:bandwidthpackage/{#BandwidthPackageId}
    vpc:DeleteVirtualBorderRouterDeleteVirtualBorderRouterdelete
    VirtualBorderRouter
    acs:vpc:{#regionId}:{#accountId}:virtualborderrouter/{#VirtualBorderRouterId}
    vpc:CreateVSwitchCreateVSwitchcreate
    全部资源
    *
    vpc:tag
    vpc:DescribeVirtualBorderRoutersDescribeVirtualBorderRoutersget
    全部资源
    *
    vpc:ModifyVRouterAttributeModifyVRouterAttributeupdate
    VRouter
    acs:vpc:{#regionId}:{#accountId}:vrouter/{#VRouterId}
    vpc:DeleteVpcDeleteVpcdelete
    VPC
    acs:vpc:{#regionId}:{#accountId}:vpc/{#VpcId}
    vpc:tag
    vpc:ModifyVirtualBorderRouterAttributeModifyVirtualBorderRouterAttributeupdate
    VirtualBorderRouter
    acs:vpc:{#regionId}:{#accountId}:virtualborderrouter/{#VirtualBorderRouterId}
    vpc:UnassociateHaVipUnassociateHaVipdelete
    Instance
    acs:vpc:{#regionId}:{#accountId}:instance/{#InstanceId}
    HaVip
    acs:vpc:{#regionId}:{#accountId}:havip/{#HaVipId}
    vpc:DeleteBandwidthPackageDeleteBandwidthPackagedelete
    BandwidthPackage
    acs:vpc:{#regionId}:{#accountId}:bandwidthpackage/{#BandwidthPackageId}
    vpc:DeleteRouteEntryDeleteRouteEntrydelete
    RouteTable
    acs:vpc:{#regionId}:{#accountId}:routetable/{#RouteTableId}
    vpc:DescribeVirtualBorderRoutersForPhysicalConnectionDescribeVirtualBorderRoutersForPhysicalConnectionget
    PhysicalConnection
    acs:vpc:{#regionId}:{#accountId}:physicalconnection/{#PhysicalConnectionId}
    vpc:PhysicalConnection
    vpc:DescribeAccessPointsDescribeAccessPointsget
    全部资源
    *
    vpc:DeleteVSwitchDeleteVSwitchdelete
    VSwitch
    acs:vpc:{#regionId}:{#accountId}:vswitch/{#VSwitchId}
    vpc:CreatePhysicalConnectionCreatePhysicalConnectioncreate
    全部资源
    *
    vpc:CreateRouteEntryCreateRouteEntrycreate
    RouteTable
    acs:vpc:{#regionId}:{#accountId}:routetable/{#RouteTableId}
    vpc:TerminatePhysicalConnectionTerminatePhysicalConnectionupdate
    PhysicalConnection
    acs:vpc:{#regionId}:{#accountId}:physicalconnection/{#PhysicalConnectionId}
    vpc:ActivateRouterInterfaceActivateRouterInterfaceupdate
    RouterInterface
    acs:vpc:{#regionId}:{#accountId}:routerinterface/{#RouterInterfaceId}
    vpc:CreateVirtualBorderRouterCreateVirtualBorderRoutercreate
    全部资源
    *
    vpc:DescribeBandwidthPackagesDescribeBandwidthPackagesget
    全部资源
    *
    vpc:DescribeEipMonitorDataDescribeEipMonitorDataget
    Address
    acs:vpc:{#regionId}:{#accountId}:eip/{#AllocationId}
    vpc:AddBandwidthPackageIpsAddBandwidthPackageIpscreate
    BandwidthPackage
    acs:vpc:{#regionId}:{#accountId}:bandwidthpackage/{#BandwidthPackageId}
    vpc:CancelPhysicalConnectionCancelPhysicalConnectionupdate
    PhysicalConnection
    acs:vpc:{#regionId}:{#accountId}:physicalconnection/{#PhysicalConnectionId}

    资源(Resource)

    下表是ECS定义的资源,这些资源可以在RAM权限策略语句的Resource元素中使用,用来授予对该资源执行具体操作的权限。 其中,资源ARN是资源在阿里云上的唯一标识。具体说明如下:
    • {#}为变量标识,需要您替换为实际值。例如:{#ramcode}需要您替换为实际的云服务RAM代码。
    • *表示全部。例如:
      • {#resourceType}*时:表示全部资源。
      • {#regionId}*时:表示全部地域。
      • {#accountId}*时:表示全部阿里云账号。
    资源类型资源ARN
    PrefixListacs:ecs:{#regionId}:{#accountId}:prefixlist/{#PrefixListId}
    AutoProvisioningGroupacs:ecs:{#regionId}:{#accountId}:autoprovisioninggroup/{#autoprovisioninggroupId}
    AutoProvisioningGroupacs:ecs:{#regionId}:{#accountId}:autoprovisioninggroup/*
    Instanceacs:ecs:{#regionId}:{#accountId}:instance/{#InstanceId}
    ServiceSettingsacs:ecs:{#regionId}:{#accountId}:servicesettings/{#servicesettingId}
    DedicatedHostacs:ecs:{#regionId}:{#accountId}:ddh/{#ddhId}
    Snapshotacs:ecs:{#regionId}:{#accountId}:snapshot/{#snapshotId}
    DedicatedHostacs:ecs:{#regionId}:{#accountId}:ddh/*
    DedicatedHostClusteracs:ecs:{#regionId}:{#accountId}:ddhcluster/*
    Diskacs:ecs:{#regionId}:{#accountId}:disk/*
    NetworkInterfaceacs:ecs:{#regionId}:{#accountId}:eni/*
    Imageacs:ecs:{#regionId}:{#accountId}:image/*
    Instanceacs:ecs:{#regionId}:{#accountId}:instance/*
    KeyPairacs:ecs:{#regionId}:{#accountId}:keypair/*
    SecurityGroupacs:ecs:{#regionId}:{#accountId}:securitygroup/*
    Snapshotacs:ecs:{#regionId}:{#accountId}:snapshot/*
    AutoSnapshotPolicyacs:ecs:{#regionId}:{#accountId}:snapshotpolicy/*
    Diskacs:ecs:{#regionId}:{#accountId}:disk/{#diskId}
    HpcClusteracs:ecs:{#regionId}:{#accountId}:hpc/*
    Instanceacs:ecs:{#regionId}:{#accountId}:instance/{#instanceId}
    NetworkInterfaceacs:ecs:{#regionId}:{#accountId}:eni/{#eniId}
    Imageacs:ecs:{#regionId}:{#accountId}:image/{#imageId}
    SecurityGroupacs:ecs:{#regionId}:{#accountId}:securitygroup/{#securitygroupId}
    StorageCapacityUnitacs:ecs:{#regionId}:{#accountId}:scu/*
    StorageCapacityUnitacs:ecs:{#regionId}:{#accountId}:scu/{#scuId}
    AutoSnapshotPolicyacs:ecs:{#regionId}:{#accountId}:snapshotpolicy/{#snapshotpolicyId}
    ElasticityAssuranceacs:ecs:{#regionId}:{#accountId}:elasticityassurance/*
    ImageComponentacs:ecs:{#regionId}:{#accountId}:imagecomponent/{#imagecomponentId}
    KeyPairacs:ecs:{#regionId}:{#accountId}:keypair/{#keypairName}
    Commandacs:ecs:{#regionId}:{#accountId}:command/*
    Commandacs:ecs:{#regionId}:{#accountId}:command/{#CommandId}
    CapacityReservationacs:ecs:{#regionId}:{#accountId}:capacityreservation/*
    VSwitchacs:vpc:{#regionId}:{#accountId}:vswitch/{#vswitchId}
    Volumeacs:ecs:{#regionId}:{#accountId}:volume/{#volumeId}
    DeploymentSetacs:ecs:{#regionId}:{#accountId}:deploymentset/*
    Volumeacs:ecs:{#regionId}:{#accountId}:volume/*
    Roleacs:ram:*:{#accountId}:role/{#roleName}
    KeyPairacs:ecs:{#regionId}:{#accountId}:keypair/{#keypairId}
    VSwitchacs:vpc:{#regionId}:{#accountId}:vswitch/*
    DeploymentSetacs:ecs:{#regionid}:{#accountId}:deploymentset/{#deploymentSetId}
    DedicatedHostClusteracs:ecs:{#regionId}:{#accountId}:ddhcluster/{#ddhclusterId}
    ReservedInstanceacs:ecs:{#regionId}:{#accountId}:reservedinstance/{#reservedinstanceId}
    LaunchTemplateacs:ecs:{#regionId}:{#accountId}:launchtemplate/{#launchtemplateId}
    AutoSnapshotPolicyacs:ecs:{#regionId}:{#accountId}:snapshotpolicy/{#SnapshotPolicyId}
    snapshotpolicyacs:ecs:{#regionId}:{#accountId}:snapshotpolicy/{#snapshotpolicyId}
    ImagePipelineacs:ecs:{#regionId}:{#accountId}:imagepipeline/{#imagepipelineId}
    LaunchTemplateacs:ecs:{#regionId}:{#accountId}:launchtemplate/*
    VPCacs:vpc:{#regionId}:{#accountId}:vpc/{#vpcId}
    ReservedInstanceacs:ecs:{#regionId}:{#accountId}:reservedinstance/{#ReservedInstanceId}
    ReservedInstanceacs:ecs:{#regionId}:{#accountId}:reservedinstance/*
    ElasticityAssuranceacs:ecs:{#regionId}:{#accountId}:elasticityassurance/{#ElasticityAssuranceId}
    ddhclusteracs:ecs:{#regionId}:{#accountId}:ddhcluster/*
    DeploymentSetacs:ecs:{#regionId}:{#accountId}:deploymentset/{#DeploymentSetId}
    Activationacs:ecs:{#regionId}:{#accountId}:activation/*
    Activationacs:ecs:{#regionId}:{#accountId}:activation/{#activationId}
    autoprovisioninggroupacs:ecs:{#regionId}:{#accountId}:autoprovisioninggroup/{#autoprovisioninggroupId}
    SnapshotGroupacs:ecs:{#regionId}:{#accountId}:snapshotgroup/{#SnapshotGroupId}
    activationacs:ecs:{#regionId}:{#accountId}:activation/{#activationId}
    Commandacs:ecs:{#regionId}:{#accountId}:command/{#commandId}
    SnapshotGroupacs:ecs:{#regionId}:{#accountId}:snapshotgroup/*
    SnapshotGroupacs:ecs:{#regionId}:{#accountId}:snapshotgroup/{#snapshotgroupId}
    ImagePipelineacs:ecs:{#regionId}:{#accountId}:imagepipeline/*
    ddhclusteracs:ecs:{#regionId}:{#accountId}:ddhcluster/{#ddhclusterId}
    AutoSnapshotPolicyacs:ecs:{#regionId}:{#accountId}:autosnapshotpolicy/*
    ImageComponentacs:ecs:{#regionId}:{#accountId}:imagecomponent/*
    Demandacs:ecs:*:{#accountId}:*
    SecurityGroupacs:ecs:{#regionId}:{#accountId}:securitygroup/{#SecurityGroupId}
    Fleetacs:ecs:{#regionId}:{#accountId}:fleet/*
    Snapshotacs:ecs:{#regionId}:{#accountId}:snapshot/{#SnapshotId}
    Demandacs:ecs:{#regionId}:{#accountId}:ecsdemand/*
    Activationacs:ecs:{#regionId}:{#accountId}:activation/{#ActivationId}
    Invocationacs:ecs:{#regionId}:{#accountId}:invocation/{#InvocationId}
    Addressacs:vpc:{#regionId}:{#accountId}:eip/*
    Addressacs:vpc:{#regionId}:{#accountId}:eip/{#AllocationId}
    HaVipacs:vpc:{#regionId}:{#accountId}:havip/*
    VSwitchacs:vpc:{#regionId}:{#accountId}:vswitch/{#VSwitchId}
    NatGatewayacs:vpc:{#regionId}:{#accountId}:natgateway/{#natgatewayid}
    VPCacs:vpc:{#regionId}:{#accountId}:vpc/*
    PhysicalConnectionacs:vpc:{#regionId}:{#accountId}:physicalconnection/{#PhysicalConnectionId}
    ForwardTableacs:vpc:{#regionId}:{#accountId}:forwardtable/{#ForwardTableId}
    HaVipacs:vpc:{#regionId}:{#accountId}:havip/{#HaVipId}
    PhysicalConnectionacs:vpc:{#regionId}:{#accountId}:physicalconnection/*
    NatGatewayacs:vpc:{#regionId}:{#accountId}:natgateway/{#NatGatewayId}
    Instanceacs:vpc:{#regionId}:{#accountId}:instance/{#InstanceId}
    Associationacs:vpc:{#regionId}:{#accountId}:havip/{#HaVipId}
    RouterInterfaceacs:vpc:{#regionId}:{#accountId}:routerinterface/{#RouterInterfaceId}
    BandwidthPackageacs:vpc:{#regionId}:{#accountId}:bandwidthpackage/{#BandwidthPackageId}
    VPCacs:vpc:{#regionId}:{#accountId}:vpc/{#VPCId}
    RouteTableacs:vpc:{#regionId}:{#accountId}:routetable/{#RouteTableId}
    VirtualBorderRouteracs:vpc:{#regionId}:{#accountId}:virtualborderrouter/{#VirtualBorderRouterId}
    VRouteracs:vpc:{#regionId}:{#accountId}:vrouter/*
    VirtualBorderRouteracs:vpc:{#regionId}:{#accountId}:virtualborderrouter/{#VbrId}
    RouterInterfaceacs:vpc:{#regionId}:{#accountId}:routerinterface/*
    VPCacs:vpc:{#regionId}:{#accountId}:vpc/{#VpcId}
    NatGatewayacs:vpc:{#regionId}:{#accountId}:natgateway/*
    VirtualBorderRouteracs:vpc:{#regionId}:{#AccountId}:virtualborderrouter/{#VbrId}
    VRouteracs:vpc:{#regionId}:{#accountId}:vrouter/{#VRouterId}
    VirtualBorderRouteracs:vpc:{#regionId}:{#AccountId}:virtualborderrouter/*
    BandwidthPackageacs:vpc:{#regionId}:{#accountId}:bandwidthpackage/*

    条件(Condition)

    下表是ECS定义的产品级条件关键字,这些条件关键字可以在RAM权限策略语句的Condition元素中使用,用来描述授予权限的条件。以下仅列举产品级的条件关键字,阿里云定义的ECS也同样适用通用条件关键字
    其中,数据类型决定了您可以使用哪些条件运算符将请求中的值与权限策略语句中的值进行比较。您必须使用与数据类型匹配的条件运算符,否则无法匹配策略语句,授权行为无效。数据类型与条件运算符的对应关系,请参见条件操作类型
    条件关键字描述类型
    vpc:VPCVPC InformationString
    vpc:IsDefaultVSwitchWhether it is the default VSwitch and whether the default VSwitch can be usedBoolean
    vpc:IsDefaultVpcWhether it is the default VPCBoolean
    ecs:IsDiskEncryptedWhether it is an encrypted data diskString
    ecs:InstanceTypeInstance specificationsString
    ecs:InstanceTypeFamilyinstance specification familyString
    ecs:ImagePlatformOperating system type of the imageString
    ecs:ImageSourceImage SourceString
    ecs:CommandRunAsUser in the operating system that executes cloud assistant commandsString
    ecs:IsSystemDiskEncryptedWhether it is an encryption system diskString
    ecs:ImageOwnerIdOwner UID of the image.String
    ecs:AssociatePublicIpAddressWhether to support the allocation of public network IP in the process of resource creation and change, that is, whether to allow the operation of resources to make the public network bandwidth greater than 0.Boolean
    ecs:PasswordCustomizedWhether a custom password is usedBoolean
    ecs:PasswordInheritWhether the instance inherits the image password.Boolean
    ecs:SecurityEnhancementStrategyWhether to open security reinforcement.String
    ecs:SecurityHardeningModeWhether to enforce hardened mode (IMDSv2) when accessing instance metadataBoolean
    vpc:CreateDefaultVpcWhether a default VPC can be createdBoolean
    ecs:SecurityGroupIpProtocolsTransport layer protocol with security group openString
    ecs:SecurityGroupSourceCidrIpsThe source IPv4 CIDR segment of the security group that sets access permissionsString
    ecs:NotSpecifySecurityGroupIdWhether the security group ID is not specifiedBoolean

    相关操作

    您可以创建自定义权限策略,并将权限策略授予RAM用户、RAM用户组或RAM角色。具体操作如下: