What Types of APIs Does ELB Provide? What Are Permissions of ELB?
ELB supports the following policies:
Policy Type | Policy Name | Description |
|---|---|---|
RBAC policy | ELB Administrator | Has all permissions on ELB Before assigning the RBAC policy to a user group, check whether the user group has a dependent policy. If yes, set the dependent permission to make the RBAC policy take effect. |
Fine-grained policy | ELB FullAccess | Has all permissions on ELB. If this function is not enabled, you cannot assign a fine-grained policy to a user group. |
ELB ReadOnlyAccess | Has the read-only permission on ELB. |
Operation | ELB FullAccess | ELB ReadOnlyAccess | ELB Administrator |
|---|---|---|---|
Creating a load balancer | √ | × | √ |
Querying a load balancer | √ | √ | √ |
Querying a load balancer and associated resources | √ | √ | √ |
Querying load balancers | √ | √ | √ |
Modifying a load balancer | √ | × | √ |
Deleting a load balancer | √ | × | √ |
Adding a listener | √ | × | √ |
Querying a listener | √ | √ | √ |
Modifying a listener | √ | × | √ |
Deleting a listener | √ | × | √ |
Creating a backend server group | √ | × | √ |
Querying a backend server group | √ | √ | √ |
Modifying a backend server group | √ | × | √ |
Deleting a backend server group | √ | × | √ |
Adding a backend server | √ | × | √ |
Querying a backend server | √ | √ | √ |
Modifying a backend server | √ | × | √ |
Removing a backend server | √ | × | √ |
Configuring a health check | √ | × | √ |
Querying a health check | √ | √ | √ |
Modifying a health check | √ | × | √ |
Disabling a health check | √ | × | √ |
Assigning an EIP | × | × | √ |
Binding an EIP to a load balancer | × | × | √ |
Querying an EIP | √ | √ | √ |
Unbinding an EIP from a load balancer | × | × | √ |
Viewing metrics | × | × | √ |
Viewing access logs | × | × | √ |
- To unbind an EIP, you also need to configure the vpc:bandwidths:update and vpc:publicIps:update permissions for the VPC service. For details, see the Virtual Private Cloud API Reference.
- To view metrics, obtain the CES ReadOnlyAccess permissions. For details, see the Cloud Eye API Reference.
- To view access logs, you also need to configure the LTS ReadOnlyAccess permission. For details, see the Log Tank Service API Reference.
For details about fine-grained permissions, see the Elastic Load Balance API Reference.