本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
DataSync API 权限:操作和资源
在创建Amazon Identity and Access Management (IAM) 策略时,此页面可以帮助您了解Amazon DataSync API 操作、您可授予执行的对应操作以及您可授予权限的Amazon资源。
通常,以下是您向策略添加 DataSync 权限的方式:
-
在
Action元素中指定操作。该值包括前datasync:缀和 API 操作名称。例如,datasync:CreateTask。 -
在
Resource元素中指定与操作相关的Amazon资源。
您也可以在 DataSync 策略中使用Amazon条件密钥。有关Amazon键的完整列表,请参阅 IAM 用户指南中的可用键。
有关 DataSync 资源及其亚马逊资源名称 (ARN) 格式的列表,请参阅DataSync 资源和运营。
DataSync API 操作和相应的操作
- CancelTaskExecution
-
操作:
datasync:CancelTaskExecution资源:
arn:aws:datasync:region:account-id:task/task-id/execution/exec-id - CreateAgent
-
操作:
datasync:CreateAgent资源:无
- CreateLocationEfs
-
操作:
datasync:CreateLocationEfs资源:无
- CreateLocationFsxLustre
-
操作:
datasync:CreateLocationFsxLustre资源:无
- CreateLocationFsxOntap
-
操作:
datasync:CreateLocationFsxOntap资源:无
- CreateLocationFsxOpenZfs
-
操作:
datasync:CreateLocationFsxOpenZfs资源:无
- CreateLocationFsxWindows
-
操作:
datasync:CreateLocationFsxWindows资源:无
- CreateLocationHdfs
-
操作:
dataSync:CreateLocationHdfs资源:
arn:aws:datasync:region:account-id:agent/agent-id - CreateLocationNfs
-
操作:
datasync:CreateLocationNfs资源:
arn:aws:datasync:region:account-id:agent/agent-id - CreateLocationObjectStorage
-
操作:
dataSync:CreateLocationObjectStorage资源:
arn:aws:datasync:region:account-id:agent/agent-id - CreateLocationS3
-
操作:
datasync:CreateLocationS3资源:
arn:aws:datasync:(仅适用于Outposts 基地上的 Amazon S3)region:account-id:agent/agent-id - CreateLocationSmb
-
操作:
datasync:CreateLocationSmb资源:
arn:aws:datasync:region:account-id:agent/agent-id - CreateTask
-
操作:
datasync:CreateTask资源:
-
arn:aws:datasync:region:account-id:location/source-location-id -
arn:aws:datasync:region:account-id:location/destination-location-id
-
- DeleteAgent
-
操作:
datasync:DeleteAgent资源:
arn:aws:datasync:region:account-id:agent/agent-id - DeleteLocation
-
操作:
datasync:DeleteLocation资源:
arn:aws:datasync:region:account-id:location/location-id - DeleteTask
-
操作:
datasync:DeleteTask资源:
arn:aws:datasync:region:account-id:task/task-id - DescribeAgent
-
操作:
datasync:DescribeAgent资源:
arn:aws:datasync:region:account-id:agent/agent-id - DescribeLocationEfs
-
操作:
datasync:DescribeLocationEfs资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationFsxLustre
-
操作:
datasync:DescribeLocationFsxLustre资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationFsxOntap
-
操作:
datasync:DescribeLocationFsxOntap资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationFsxOpenZfs
-
操作:
datasync:DescribeLocationFsxOpenZfs资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationFsxWindows
-
操作:
datasync:DescribeLocationFsxWindows资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationHdfs
-
操作:
datasync:DescribeLocationHdfs资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationNfs
-
操作:
datasync:DescribeLocationNfs资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationObjectStorage
-
操作:
datasync:DescribeLocationObjectStorage资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationS3
-
操作:
datasync:DescribeLocationS3资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeLocationSmb
-
操作:
datasync:DescribeLocationSmb资源:
arn:aws:datasync:region:account-id:location/location-id - DescribeTask
-
操作:
datasync:DescribeTask资源:
arn:aws:datasync:region:account-id:task/task-id - DescribeTaskExecution
-
操作:
datasync:DescribeTaskExecution资源:
arn:aws:datasync:region:account-id:task/task-id/execution/exec-id - ListAgents
-
操作:
datasync:ListAgents资源:无
- ListLocations
-
操作:
datasync:ListLocations资源:无
- ListTagsForResource
-
操作:
datasync:ListTagsForResource资源:
-
arn:aws:datasync:region:account-id:agent/agent-id -
arn:aws:datasync:region:account-id:task/task-id -
arn:aws:datasync:region:account-id:location/location-id
-
- ListTaskExecutions
-
操作:
datasync:ListTaskExecutions资源:
arn:aws:datasync:region:account-id:task/task-id - ListTasks
-
操作:
datasync:ListTasks资源:无
- StartTaskExecution
-
操作:
datasync:StartTaskExecution资源:
arn:aws:datasync:region:account-id:task/task-id - TagResource
-
操作:
datasync:TagResource资源:
-
arn:aws:datasync:region:account-id:agent/agent-id -
arn:aws:datasync:region:account-id:task/task-id -
arn:aws:datasync:region:account-id:location/location-id
-
- UntagResource
-
操作:
datasync:UntagResource资源:
-
arn:aws:datasync:region:account-id:agent/agent-id -
arn:aws:datasync:region:account-id:task/task-id -
arn:aws:datasync:region:account-id:location/location-id
-
- UpdateAgent
-
操作:
datasync:UpdateAgent资源:
arn:aws:datasync:region:account-id:agent/agent-id - UpdateLocationHdfs
-
操作:
datasync:UpdateLocationHdfs资源:
-
arn:aws:datasync:region:account-id:agent/agent-id -
arn:aws:datasync:region:account-id:location/location-id
-
- UpdateLocationNfs
-
操作:
datasync:UpdateLocationNfs资源:
arn:aws:datasync:region:account-id:location/location-id - UpdateLocationObjectStorage
-
操作:
datasync:UpdateLocationObjectStorage资源:
-
arn:aws:datasync:region:account-id:agent/agent-id -
arn:aws:datasync:region:account-id:location/location-id
-
- UpdateLocationSmb
-
操作:
datasync:UpdateLocationSmb资源:
-
arn:aws:datasync:region:account-id:agent/agent-id -
arn:aws:datasync:region:account-id:location/location-id
-
- UpdateTask
-
操作:
datasync:UpdateTask资源:
arn:aws:datasync:region:account-id:task/task-id - UpdateTaskExecution
-
操作:
datasync:UpdateTaskExecution资源:
arn:aws:datasync:region:account-id:task/task-id/execution/exec-id