Resource Access Management (RAM) users or RAM roles must be granted permissions before they can access cloud resources. RAM uses policies to define permissions. A cloud service defines elements that can be used in a policy statement, such as Action, Resource, and Condition. This topic describes the permissions on Cloud enterprise network (CEN).
The code (RamCode) in RAM that is used to indicate CEN is cen. You can grant permissions on CEN at the resource level.
Action
The following table describes the values that you can use in theAction element of a policy statement. The values are defined by CEN. The following list describes the columns in the table:Action: the value that you can use in the
Actionelement to specify the operation on a resource.API: the API operation that you can call to perform the action. In most cases, only one API operation of a cloud service is required to perform an action. In some cases, multiple API operations must be called to perform an action, or an API operation can be called to perform multiple actions.
Access level: the access level of each action. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize a RAM user or a RAM role to perform the operation. Take note of the following items:
The required resource types are displayed in bold characters.
If the permissions cannot be granted at the resource level,
All resourcesis used in the Resource type column of the action.
Condition key: the condition keys that are defined by a cloud service. The Condition key column does not list the common condition keys that are defined by Alibaba Cloud. For more information about the common condition keys, see Policy elements.
Dependent action: other actions that a RAM user or a RAM role must have permissions to perform the action. To successfully call the action, a RAM user or a RAM role must have the permissions to perform the dependent action.
Actions | APIs | Access level | Resource types | Condition keys | Dependent actions |
|---|---|---|---|---|---|
cen:ActiveFlowLog | ActiveFlowLog | WRITE | Flowlog acs:cbn:{#regionId}:{#accountId}:flowlog/{#flowlogId} | N/A | N/A |
cen:AssociateCenBandwidthPackage | AssociateCenBandwidthPackage | WRITE | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/{#cenbandwidthpackageId} CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:AssociateTransitRouterAttachmentWithRouteTable | AssociateTransitRouterAttachmentWithRouteTable | Write | TransitRouterPeerAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:AttachCenChildInstance | AttachCenChildInstance | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} VPC:VPC acs:vpc:*:{#accountId}:vpc/{#vpcId} | N/A | N/A |
cen:CreateCen | CreateCen | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:CreateCenBandwidthPackage | CreateCenBandwidthPackage | WRITE | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/* | N/A | N/A |
cen:CreateCenChildInstanceRouteEntryToCen | CreateCenChildInstanceRouteEntryToCen | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:CreateCenRouteMap | CreateCenRouteMap | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:CreateFlowlog | CreateFlowlog | WRITE | Flowlog acs:cbn:{#regionId}:{#accountId}:flowlog/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:CreateTransitRouter | CreateTransitRouter | Write | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:CreateTransitRouterPeerAttachment | CreateTransitRouterPeerAttachment | Write | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:CreateTransitRouterRouteEntry | CreateTransitRouterRouteEntry | Write | TransitRouterRouteEntry acs:cen:*:{#accountId}:centransitrouterroutentry/* TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/{#centransitrouterroutetableId} | N/A | N/A |
cen:CreateTransitRouterRouteTable | CreateTransitRouterRouteTable | Write | TransitRouter acs:cen:*:{#accountId}:centransitrouter/{#centransitrouterId} TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/* | N/A | N/A |
cen:CreateTransitRouterVbrAttachment | CreateTransitRouterVbrAttachment | Write | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:CreateTransitRouterVpcAttachment | CreateTransitRouterVpcAttachment | Write | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DeactiveFlowLog | DeactiveFlowLog | WRITE | Flowlog acs:cbn:{#regionId}:{#accountId}:flowlog/{#flowlogId} | N/A | N/A |
cen:DeleteCen | DeleteCen | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DeleteCenBandwidthPackage | DeleteCenBandwidthPackage | WRITE | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/{#cenbandwidthpackageId} | N/A | N/A |
cen:DeleteCenChildInstanceRouteEntryToAttachment | N/A | Write | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DeleteCenChildInstanceRouteEntryToCen | DeleteCenChildInstanceRouteEntryToCen | Write | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DeleteCenRouteMap | DeleteCenRouteMap | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DeleteFlowlog | DeleteFlowlog | WRITE | Flowlog acs:cbn:{#regionId}:{#accountId}:flowlog/{#flowlogId} | N/A | N/A |
cen:DeleteRouteServiceInCen | DeleteRouteServiceInCen | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DeleteTransitRouter | N/A | Write | TransitRouter acs:cen:*:{#accountId}:centransitrouter/{#centransitrouterId} | N/A | N/A |
cen:DeleteTransitRouterPeerAttachment | DeleteTransitRouterPeerAttachment | Write | TransitRouterPeerAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:DeleteTransitRouterRouteEntry | DeleteTransitRouterRouteEntry | Write | TransitRouterRouteEntry acs:cen:*:{#accountId}:centransitrouterroutentry/* TransitRouterRouteEntry acs:cen:*:{#accountId}:centransitrouterroutentry/{#centransitrouterroutentryId} TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/* TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutentry/{#transitrouterroutetableId} | N/A | N/A |
cen:DeleteTransitRouterRouteTable | DeleteTransitRouterRouteTable | Write | TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/{#centransitrouterroutetableId} | N/A | N/A |
cen:DeleteTransitRouterVbrAttachment | DeleteTransitRouterVbrAttachment | Write | TransitRouterVbrAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:DeleteTransitRouterVpcAttachment | DeleteTransitRouterVpcAttachment | Write | TransitRouterVpcAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:DescribeCenAttachedChildInstanceAttribute | DescribeCenAttachedChildInstanceAttribute | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenAttachedChildInstances | DescribeCenAttachedChildInstances | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenBandwidthPackages | DescribeCenBandwidthPackages | LIST | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/* | N/A | N/A |
cen:DescribeCenChildInstanceRouteEntries | DescribeCenChildInstanceRouteEntries | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenGeographicSpanRemainingBandwidth | DescribeCenGeographicSpanRemainingBandwidth | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenGeographicSpans | DescribeCenGeographicSpans | Read | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:DescribeCenInterRegionBandwidthLimits | DescribeCenInterRegionBandwidthLimits | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenPrivateZoneRoutes | DescribeCenPrivateZoneRoutes | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenRegionDomainRouteEntries | DescribeCenRegionDomainRouteEntries | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenRouteMaps | DescribeCenRouteMaps | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeCenVbrHealthCheck | DescribeCenVbrHealthCheck | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/* VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} | N/A | N/A |
cen:DescribeCens | DescribeCens | LIST | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:DescribeFlowlogs | DescribeFlowlogs | LIST | Flowlog acs:cbn:{#regionId}:{#accountId}:flowlog/* | N/A | N/A |
cen:DescribeGrantRulesToCen | DescribeGrantRulesToCen | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribePublishedRouteEntries | DescribePublishedRouteEntries | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} VPC:VPC acs:vpc:*:{#accountId}:vpc/{#vpcId} | N/A | N/A |
cen:DescribeRouteConflict | DescribeRouteConflict | READ | VPC:VPC acs:vpc:*:{#accountId}:vpc/{#vpcId} | N/A | N/A |
cen:DescribeRouteServicesInCen | DescribeRouteServicesInCen | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:DescribeTagKeys | N/A | Read | CenInstance acs:cen:*:{#accountId}:ceninstance/{#CenId} CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/{#CenBandwidthPackageId} | N/A | N/A |
cen:DetachCenChildInstance | DetachCenChildInstance | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} VPC:VPC acs:vpc:*:{#accountId}:vpc/{#vpcId} | N/A | N/A |
cen:DisableCenVbrHealthCheck | DisableCenVbrHealthCheck | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} | N/A | N/A |
cen:DisableTransitRouterRouteTablePropagation | DisableTransitRouterRouteTablePropagation | Write | TransitRouterPeerAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:DissociateTransitRouterAttachmentFromRouteTable | DissociateTransitRouterAttachmentFromRouteTable | Write | TransitRouterVpcAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:EnableCenChildInstanceIpv6 | N/A | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} | N/A | N/A |
cen:EnableCenVbrHealthCheck | EnableCenVbrHealthCheck | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} | N/A | N/A |
cen:EnableTransitRouterRouteTablePropagation | EnableTransitRouterRouteTablePropagation | Write | TransitRouterPeerAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:GetCenVbrRoutePriority | N/A | Read | CenInstance acs:cen:*:{#accountId}:ceninstance/{#CenId} | N/A | N/A |
cen:ListCenInterRegionTrafficQosPolicies | N/A | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:ListGrantVSwitchesToCen | N/A | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:ListTagResources | ListTagResources | READ | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ListTransitRegionBandwidthLimits | N/A | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:ListTransitRouterAttachmentSummary | N/A | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:ListTransitRouterAttachments | N/A | List | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ListTransitRouterAvailableResource | ListTransitRouterAvailableResource | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* | N/A | N/A |
cen:ListTransitRouterPeerAttachments | ListTransitRouterPeerAttachments | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ListTransitRouterRouteEntries | ListTransitRouterRouteEntries | List | TransitRouterRouteEntry acs:cen:*:{#accountId}:centransitrouterroutentry/{#centransitrouterroutentryId} TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/{#centransitrouterroutetableId} TransitRouterRouteEntry acs:cen:*:{#accountId}:centransitrouterroutentry/* | N/A | N/A |
cen:ListTransitRouterRouteTableAssociations | ListTransitRouterRouteTableAssociations | List | TransitRouterPeerAttachment acs:cen:*:{#accountId}:centransitrouterattachment/* TransitRouterPeerAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:ListTransitRouterRouteTablePropagations | ListTransitRouterRouteTablePropagations | List | TransitRouterPeerAttachment acs:cen:*:{#accountid}:centransitrouterattachment/* | N/A | N/A |
cen:ListTransitRouterRouteTables | ListTransitRouterRouteTables | List | TransitRouter acs:cen:{#regionId}:{#accountId}:centransitrouter/* TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/{#centransitrouterroutetableId} TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/* TransitRouter acs:cen:{#regionId}:{#accountId}:transitrouter/{#centransitrouterId} | N/A | N/A |
cen:ListTransitRouterVbrAttachments | ListTransitRouterVbrAttachments | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ListTransitRouterVpcAttachments | ListTransitRouterVpcAttachments | List | CenInstance acs:cen:*:{#accountId}:ceninstance/* CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ListTransitRouters | ListTransitRouters | List | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ListVpcRelatedTransitRouterAttachments | N/A | List | TransitRouterVpcAttachment acs:cen:{#regionId}:{#accountId}:centransitrouterattachment/* | N/A | N/A |
cen:ModifyCenAttribute | ModifyCenAttribute | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ModifyCenBandwidthPackageAttribute | ModifyCenBandwidthPackageAttribute | WRITE | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/{#cenbandwidthpackageId} | N/A | N/A |
cen:ModifyCenBandwidthPackageSpec | ModifyCenBandwidthPackageSpec | WRITE | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/{#cenbandwidthpackageId} | N/A | N/A |
cen:ModifyCenRouteMap | ModifyCenRouteMap | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:ModifyFlowLogAttribute | ModifyFlowLogAttribute | WRITE | Flowlog acs:cbn:{#regionId}:{#accountId}:flowlog/{#flowlogId} | N/A | N/A |
cen:PublishRouteEntries | PublishRouteEntries | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:virtualborderrouter acs:vpc:*:{#accountId}:virtualborderrouter/{#virtualborderrouterId} VPC:VPC acs:vpc:*:{#accountId}:vpc/{#vpcId} | N/A | N/A |
cen:ResolveAndRouteServiceInCen | ResolveAndRouteServiceInCen | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:RoutePrivateZoneInCenToVpc | RoutePrivateZoneInCenToVpc | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:SetCenInterRegionBandwidthLimit | SetCenInterRegionBandwidthLimit | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:TagResources | TagResources | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:TempUpgradeCenBandwidthPackageSpec | TempUpgradeCenBandwidthPackageSpec | WRITE | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/{#cenbandwidthpackageId} | N/A | N/A |
cen:UnassociateCenBandwidthPackage | UnassociateCenBandwidthPackage | WRITE | CenBandwidthPackage acs:cen:*:{#accountId}:cenbandwidthpackage/{#cenbandwidthpackageId} CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:UnroutePrivateZoneInCenToVpc | UnroutePrivateZoneInCenToVpc | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:UntagResources | UntagResources | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} | N/A | N/A |
cen:UpdateTransitRouter | UpdateTransitRouter | Write | TransitRouter acs:cen:*:{#accountId}:centransitrouter/{#centransitrouterId} | N/A | N/A |
cen:UpdateTransitRouterPeerAttachmentAttribute | UpdateTransitRouterPeerAttachmentAttribute | Write | TransitRouterPeerAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:UpdateTransitRouterRouteEntry | UpdateTransitRouterRouteEntry | Write | TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/{#TransitRouterRouteTableId} | N/A | N/A |
cen:UpdateTransitRouterRouteTable | UpdateTransitRouterRouteTable | Write | TransitRouterRouteTable acs:cen:*:{#accountId}:centransitrouterroutetable/{#centransitrouterroutetableId} | N/A | N/A |
cen:UpdateTransitRouterVbrAttachmentAttribute | UpdateTransitRouterVbrAttachmentAttribute | Write | TransitRouterVbrAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:UpdateTransitRouterVpcAttachmentAttribute | UpdateTransitRouterVpcAttachmentAttribute | Write | TransitRouterVpcAttachment acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId} | N/A | N/A |
cen:UpgradeTransitRouter | N/A | Write | TransitRouter acs:cen:*:{#accountId}:centransitrouter/{#centransitrouterId} | N/A | N/A |
cen:WithdrawPublishedRouteEntries | WithdrawPublishedRouteEntries | WRITE | CenInstance acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId} VPC:VPC acs:vpc:*:{#accountId}:vpc/{#vpcId} | N/A | N/A |
resource
The following table describes the values that you can use in theResource element of a policy statement. The values are defined by CEN. The Alibaba Cloud Resource Name (ARN) is the unique identifier of the resource on Alibaba Cloud. Take note of the following items:
{#}indicates a variable. {#} must be replaced with an actual value. For example,{#regionId}must be replaced with the actual ID of the region where your resource resides.An asterisk (
*) is used as a wildcard. Examples:If you specify
{#resourceType}/*, all resources are specified.If
{#regionId}is set to*, all regions are specified.If
{#accountId}is set to*, all Alibaba Cloud accounts are specified.
Resource type | ARN |
|---|---|
Flowlog | acs:cen:{#regionId}:{#accountId}:flowlog/{#FlowLogId} |
CenBandwidthPackage | acs:cen:*:{#accountId}:cenbandwidthpackage/{#CenBandwidthPackageId} |
CenInstance | acs:cen:*:{#accountId}:ceninstance/{#CeninstanceId} |
TransitRouterVpcAttachment | acs:cen:{#regionId}:{#accountId}:centransitrouterattachment/{#TransitRouterAttachmentId} |
TransitRouterPeerAttachment | acs:cen:{#regionId}:{#accountId}:centransitrouterattachment/{#TransitRouterAttachmentId} |
TransitRouterVbrAttachment | acs:cen:{#regionId}:{#accountId}:centransitrouterattachment/{#TransitRouterAttachmentId} |
TransitRouter | acs:cen:{#regionId}:{#accountId}:centransitrouter/{#TransitRouterId} |
TransitRouterRouteTable | acs:cen:*:{#accountId}:centransitrouterroutetable/{#TransitRouterRouteTableId} |
TransitRouterRouteEntry | acs:cen:*:{#accountId}:centransitrouterrouteentry/{#TransitRouterRouteEntryId} |
Condition
CEN does not define service-specific condition keys. For more information about common condition keys that are defined by Alibaba Cloud, see Policy elements.