Amazon Cloud Directory 許可：動作、資源和條件參考

當您在設定 存取控制 並撰寫可連接到 IAM 身分 (以身分為基礎的政策) 的許可政策時，可以使用下列資料表做為參考。所以此表格清單 每個 Amazon Cloud Directory Directory API 操作、您可以授予執行動作許可的相應動作，以及您可以授予許可的 AWS 資源。您要在政策的 Action 欄位中指定動作，並在政策的 Resource 欄位中指定資源值。

您可以在 Amazon Cloud Directory Directory 政策中使用全 AWS 條件金鑰來表達條件。如需全 AWS 鍵的完整清單，請參閱可用的全球條件金鑰中的IAM 使用者指南。

注意

若要指定動作，請使用後接 API 操作名稱的 clouddirectory: 字首 (例如，clouddirectory:CreateDirectory)。

Amazon Cloud Directory API 和動作所需的許可
Amazon Cloud Directory 操作	所需的許可 (API 動作)	資源
AddFacetToObject	clouddirectory:AddFacetToObject	*
ApplySchema	clouddirectory:ApplySchema	*
AttachObject	clouddirectory:AttachObject	*
AttachPolicy	clouddirectory:AttachPolicy	*
AttachToIndex	clouddirectory:AttachToIndex	*
AttachTypedLink	clouddirectory:AttachTypedLink	*
BatchRead	clouddirectory:BatchRead	*
BatchWrite	clouddirectory:BatchWrite	*
CreateDirectory	clouddirectory:CreateDirectory	*
CreateFacet	clouddirectory:CreateFacet	*
CreateIndex	clouddirectory:CreateIndex	*
CreateObject	clouddirectory:CreateObject	*
CreateSchema	clouddirectory:CreateSchema	*
CreateTypedLinkFacet	clouddirectory:CreateTypedLinkFacet	*
DeleteDirectory	clouddirectory:DeleteDirectory	*
DeleteFacet	clouddirectory:DeleteFacet	*
DeleteObject	clouddirectory:DeleteObject	*
DeleteSchema	clouddirectory:DeleteSchema	*
DeleteTypedLinkFacet	clouddirectory:DeleteTypedLinkFacet	*
DetachFromIndex	clouddirectory:DetachFromIndex	*
DetachObject	clouddirectory:DetachObject	*
DetachPolicy	clouddirectory:DetachPolicy	*
DetachedTypedLink	clouddirectory:DetachTypedLink	*
DisableDirectory	clouddirectory:DisableDirectory	*
EnableDirectory	clouddirectory:EnableDirectory	*
GetAppliedSchemaVersion	clouddirectory:GetAppliedSchemaVersion	*
GetDirectory	clouddirectory:GetDirectory	*
GetFacet	clouddirectory:GetFacet	*
GetObjectAttributes	clouddirectory:GetObjectAttributes	*
GetObjectInformation	clouddirectory:GetObjectInformation	*
GetSchemaAsJson	clouddirectory:GetSchemaAsJson	*
GetTypedLinkFacetInformation	clouddirectory:GetTypedLinkFacetInformation	*
ListAppliedSchemaArns	clouddirectory:ListAppliedSchemaArns	*
ListAttachedIndices	clouddirectory:ListAttachedIndices	*
ListDevelopmentSchemaArns	clouddirectory:ListDevelopmentSchemaArns	*
ListDirectories	clouddirectory:ListDirectories	*
ListFacetAttributes	clouddirectory:ListFacetAttributes	*
ListFacetNames	clouddirectory:ListFacetNames	*
ListIncomingTypedLinks	clouddirectory:ListIncomingTypedLinks	*
ListIndex	clouddirectory:ListIndex	*
ListObjectAttributes	clouddirectory:ListObjectAttributes	*
ListObjectChildren	clouddirectory:ListObjectChildren	*
ListObjectParentPaths	clouddirectory:ListObjectParentPaths	*
ListObjectParents	clouddirectory:ListObjectParents	*
ListObjectPolicies	clouddirectory:ListObjectPolicies	*
ListOutgoingTypedLinks	clouddirectory:ListOutgoingTypedLinks	*
ListPolicyAttachments	clouddirectory:ListPolicyAttachments	*
ListPublishedSchemaArns	clouddirectory:ListPublishedSchemaArns	*
ListTagsForResource	clouddirectory:ListTagsForResource	*
ListTypedLinkFacetAttributes	clouddirectory:ListTypedLinkFacetAttributes	*
ListTypedLinkFacetNames	clouddirectory:ListTypedLinkFacetNames	*
LookupPolicy	clouddirectory:LookupPolicy	*
PublishSchema	clouddirectory:PublishSchema	*
PutSchemaFromJson	clouddirectory:PutSchemaFromJson	*
RemoveFacetFromObject	clouddirectory:RemoveFacetFromObject	*
TagResource	clouddirectory:TagResource	*
UntagResource	clouddirectory:UntagResource	*
UpdateFacet	clouddirectory:UpdateFacet	*
UpdateObjectAttributes	clouddirectory:UpdateObjectAttributes	*
UpdateSchema	clouddirectory:UpdateSchema	*
UpdateTypedLinkFacet	clouddirectory:UpdateTypedLinkFacet	*
UpgradeAppliedSchema	clouddirectory:UpgradeAppliedSchema	*
UpgradePublishedSchema	clouddirectory:UpgradePublishedSchema	*