Policy Change
- API Overview
- Update History
- API Information
- Sub-user Management APIs
- User Group Management APIs
- Role Management APIs
- Policy Management APIs
- Policy Management APIs
- addPermissionsToSubUser (the old version is about to be offline)
- createPermission (the old version is about to be offline)
- describePermissionDetail (the old version is about to be offline)
- describePermissions (the old version is about to be offline)
- describeSubUserPermissions (the old version is about to be offline)
- removePermissionOfSubUser (the old version is about to be offline)
- updatePermission (the old version is about to be offline)
- AKSK Management APIs of Primary Accounts
- AKSK Management APIs of Sub-users
- Security
- Security Service
- Baseline Check ServicePenetration Test ServiceIncident Response ServiceVulnerability Scan ServiceCybersecurity Classified Protection Consulting ServiceImportant Cybersecurity Guarantees ServiceInformation Security TrainingSecurity Notification ServiceSecurity Attack and Defense Drill Service
Products
NeuHub
Cloud Essentials
Enterprise Applications
Developer Services
不展示在产品目录下
Security
Big Data
数据库
网络与 CDN
容器与中间件
IAM
- Introduction
- Quick Start
- Operation Guide
- Api reference
- API Overview
- Update History
- API Information
- Sub-user Management APIs
- User Group Management APIs
- Role Management APIs
- Policy Management APIs
- Policy Management APIs
- addPermissionsToSubUser (the old version is about to be offline)
- createPermission (the old version is about to be offline)
- describePermissionDetail (the old version is about to be offline)
- describePermissions (the old version is about to be offline)
- describeSubUserPermissions (the old version is about to be offline)
- removePermissionOfSubUser (the old version is about to be offline)
- updatePermission (the old version is about to be offline)
- AKSK Management APIs of Primary Accounts
- AKSK Management APIs of Sub-users
2022-02-22 01:40:18
Policy variables
JD Cloud IAM supports using variables as placeholders to implement generalization policies.
Location of policy variables
JD Cloud supports the use of policy variables in the Condition element.
Types of policy variables
Using variables as placeholders, policy variables are replaced with values from the request context when determining permissions. That is, the values populating the policy variables must come from the current request context. The following policy variable types are currently supported by the JD Cloud Condition element:
| Variable Name | Variable Description |
|---|---|
| ${accountId} | The current IAM user's master account accountId |
| ${name} | Subusername of current IAM user |
Scenarios for the use of policy variables
The policy variables work with the JD Cloud resource tag, mainly to achieve the function of authorization based on the creator tag (jdc-createdby). Example application scenario:
Create a policy that allows all Subusers under the master account 859150329790 to manage their own cloud virtual machines that they have created. Details of the policy are as follows:
json
{
"Version": "3",
"Statement": [
{
"Effect": "Allow",
"Action": [
"vm:*"
],
"Resource": [
"*"
],
"Condition": {
"StringEquals": {
"JDCloud:ResourceTag/jdc-createdby": [
"${name}"
]
}
}
}
]
}
开始与售前顾问沟通
可直接拨打电话 400-098-8505转1
我们的产品专家为您找到最合适的产品/解决⽅案
1v1线上咨询获取售前专业咨询
专业产品顾问,随时随地沟通
