Resource-level permissions refer to the ability to specify which resources a user can perform operations on. Database Management Center (DMC) partially supports resource-level permissions, meaning that for cloud database operations that support resource-level permissions, you can control when users are allowed to perform operations or access specific resources. The resource types that can be authorized in Cloud Access Management (CAM) are as follows:
|
Resources | dmc:$region:uin/$uin:resource/$ResourceId
|
When specifying resource paths, you can use the * wildcard. For DMC API operations that do not support resource-level permissions, you can still grant permission to users for the use of these operations; however, the resource element in the policy statement should be set to *.
For the DMC API operations that currently support resource-level permissions and a comprehensive introduction to all DMC-supported CAM service APIs, see Database Management.