本文属于机器翻译版本。若本译文内容与英语原文存在差异，则一律以英文原文为准。

# Amazon Cloud Directory API 权限：API 权限：操作、资源和条件参考
<a name="iam_auth_access_usingwith_iam_resourcepermissions"></a>

在设置[访问控制](iam_auth_access.md#iam_auth_access_accesscontrol)和编写您可挂载到 IAM 身份的权限策略 (基于身份的策略) 时，可以使用下表作为参考。该表列出的每个 Amazon Cloud Directory API 操作、您可授予操作执行权限的对应操作以及您可为其授予权限的 AWS 资源。您在策略的 `Action` 字段中指定操作，并在策略的 `Resource` 字段中指定资源值。

您可以在 Amazon Cloud Directory 策略中使用 AWS 范围的条件键来表达条件。有关 AWS 范围内的键的完整列表，请参阅[可用的全局条件键](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#AvailableKeys)中的*IAM 用户指南*。

**注意**  
要指定操作，请在 API 操作名称之前使用 `clouddirectory:` 前缀 (例如，`clouddirectory:CreateDirectory`)。


**Amazon Cloud Directory API 和所需操作权限**  

| Amazon Cloud Directory API 操作 | 所需权限（API 操作） | 资源 | 
| --- | --- | --- | 
| [AddFacetToObject](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_AddFacetToObject.html) |  `clouddirectory:AddFacetToObject`  | \$1 | 
| [ApplySchema](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ApplySchema.html) | clouddirectory:ApplySchema | \$1 | 
| [AttachObject](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_AttachObject.html)  | clouddirectory:AttachObject | \$1 | 
|   [AttachPolicy](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_AttachPolicy.html)   |  `clouddirectory:AttachPolicy`  |  \$1  | 
|   [AttachToIndex](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_AttachToIndex.html)   |  `clouddirectory:AttachToIndex`  |  \$1  | 
|   [AttachTypedLink](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_AttachTypedLink.html)   |  `clouddirectory:AttachTypedLink`  |  \$1  | 
|   [BatchRead](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_BatchRead.html)   |  `clouddirectory:BatchRead`  |  \$1  | 
|   [BatchWrite](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_BatchWrite.html)   |  `clouddirectory:BatchWrite`  |  \$1  | 
|   [CreateDirectory](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_CreateDirectory.html)   |  `clouddirectory:CreateDirectory`  |  \$1  | 
|   [CreateFacet](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_CreateFacet.html)   |  `clouddirectory:CreateFacet`  |  \$1  | 
|   [CreateIndex](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_CreateIndex.html)   |  `clouddirectory:CreateIndex`  |  \$1  | 
|   [CreateObject](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_CreateObject.html)   |  `clouddirectory:CreateObject`  |  \$1  | 
|   [CreateSchema](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_CreateSchema.html)   |  `clouddirectory:CreateSchema`  |  \$1  | 
|   [CreateTypedLinkFacet](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_CreateTypedLinkFacet.html)   |  `clouddirectory:CreateTypedLinkFacet`  |  \$1  | 
|   [DeleteDirectory](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DeleteDirectory.html)   |  `clouddirectory:DeleteDirectory`  |  \$1  | 
|   [DeleteFacet](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DeleteFacet.html)   |  `clouddirectory:DeleteFacet`  |  \$1  | 
|   [DeleteObject](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DeleteObject.html)   |  `clouddirectory:DeleteObject`  |  \$1  | 
|   [DeleteSchema](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DeleteSchema.html)   |  `clouddirectory:DeleteSchema`  |  \$1  | 
|   [DeleteTypedLinkFacet](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DeleteTypedLinkFacet.html)   |  `clouddirectory:DeleteTypedLinkFacet`  |  \$1  | 
|   [DetachFromIndex](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DetachFromIndex.html)   |  `clouddirectory:DetachFromIndex`  |  \$1  | 
|   [DetachObject](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DetachObject.html)   |  `clouddirectory:DetachObject`  |  \$1  | 
|   [DetachPolicy](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DetachPolicy.html)   |  `clouddirectory:DetachPolicy`  |  \$1  | 
|   [DetachedTypedLink](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DetachTypedLink.html)   |  `clouddirectory:DetachTypedLink`  |  \$1  | 
|   [DisableDirectory](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_DisableDirectory.html)   |  `clouddirectory:DisableDirectory`  |  \$1  | 
|   [EnableDirectory](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_EnableDirectory.html)   |  `clouddirectory:EnableDirectory`  |  \$1  | 
|   [GetAppliedSchemaVersion](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_GetAppliedSchemaVersion.html)   |  `clouddirectory:GetAppliedSchemaVersion`  |  \$1  | 
|   [GetDirectory](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_GetDirectory.html)   |  `clouddirectory:GetDirectory`  |  \$1  | 
|   [GetFacet](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_GetFacet.html)   |  `clouddirectory:GetFacet`  |  \$1  | 
|   [GetObjectAttributes](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_GetObjectAttributes.html)   |  `clouddirectory:GetObjectAttributes`  |  \$1  | 
|   [GetObjectInformation](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_GetObjectInformation.html)   |  `clouddirectory:GetObjectInformation`  |  \$1  | 
|   [GetSchemaAsJson](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_GetSchemaAsJson.html)   |  `clouddirectory:GetSchemaAsJson`  |  \$1  | 
|   [GetTypedLinkFacetInformation](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_GetTypedLinkFacetInformation.html)   |  `clouddirectory:GetTypedLinkFacetInformation`  |  \$1  | 
|   [ListAppliedSchemaArns](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListAppliedSchemaArns.html)   |  `clouddirectory:ListAppliedSchemaArns`  |  \$1  | 
|  [ListAttachedIndices](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListAttachedIndices.html)  |  `clouddirectory:ListAttachedIndices`  |  \$1  | 
|  [ListDevelopmentSchemaArns](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListDevelopmentSchemaArns.html)  |  `clouddirectory:ListDevelopmentSchemaArns`  |  \$1  | 
|  [ListDirectories](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListDirectories.html)  |  `clouddirectory:ListDirectories`  |  \$1  | 
|   [ListFacetAttributes](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListFacetAttributes.html)   |  `clouddirectory:ListFacetAttributes`  |  \$1  | 
|  [ListFacetNames](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListFacetNames.html)  |  `clouddirectory:ListFacetNames`  |  \$1  | 
|   [ListIncomingTypedLinks](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListIncomingTypedLinks.html)   |  `clouddirectory:ListIncomingTypedLinks`  |  \$1  | 
|  [ListIndex](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListIndex.html)  |  `clouddirectory:ListIndex`  |  \$1  | 
|   [ListObjectAttributes](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListObjectAttributes.html)   |  `clouddirectory:ListObjectAttributes`  |  \$1  | 
|  [ListObjectChildren](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListObjectChildren.html)  |  `clouddirectory:ListObjectChildren`  |  \$1  | 
|   [ListObjectParentPaths](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListObjectParentPaths.html)   |  `clouddirectory:ListObjectParentPaths`  |  \$1  | 
|   [ListObjectParents](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListObjectParents.html)   |  `clouddirectory:ListObjectParents`  |  \$1  | 
|   [ListObjectPolicies](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListObjectPolicies.html)   |  `clouddirectory:ListObjectPolicies`  |  \$1  | 
|   [ListOutgoingTypedLinks](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListOutgoingTypedLinks.html)   |  `clouddirectory:ListOutgoingTypedLinks`  |  \$1  | 
|   [ListPolicyAttachments](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListPolicyAttachments.html)   |  `clouddirectory:ListPolicyAttachments`  |  \$1  | 
|   [ListPublishedSchemaArns](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListPublishedSchemaArns.html)   |  `clouddirectory:ListPublishedSchemaArns`  |  \$1  | 
|   [ListTagsForResource](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListTagsForResource.html)   |  `clouddirectory:ListTagsForResource`  |  \$1  | 
|   [ListTypedLinkFacetAttributes](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListTypedLinkFacetAttributes.html)   |  `clouddirectory:ListTypedLinkFacetAttributes`  |  \$1  | 
|   [ListTypedLinkFacetNames](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_ListTypedLinkFacetNames.html)   |  `clouddirectory:ListTypedLinkFacetNames`  |  \$1  | 
|   [LookupPolicy](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_LookupPolicy.html)   |  `clouddirectory:LookupPolicy`  |  \$1  | 
|   [PublishSchema](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_PublishSchema.html)   |  `clouddirectory:PublishSchema`  |  \$1  | 
|   [PutSchemaFromJson](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_PutSchemaFromJson.html)   |  `clouddirectory:PutSchemaFromJson`  |  \$1  | 
|   [RemoveFacetFromObject](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_RemoveFacetFromObject.html)   |  `clouddirectory:RemoveFacetFromObject`  |  \$1  | 
|   [TagResource](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_TagResource.html)   |  `clouddirectory:TagResource`  |  \$1  | 
|   [UntagResource](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_UntagResource.html)   |  `clouddirectory:UntagResource`  |  \$1  | 
|   [UpdateFacet](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_UpdateFacet.html)   |  `clouddirectory:UpdateFacet`  |  \$1  | 
|   [UpdateObjectAttributes](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_UpdateObjectAttributes.html)   |  `clouddirectory:UpdateObjectAttributes`  |  \$1  | 
|   [UpdateSchema](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_UpdateSchema.html)   |  `clouddirectory:UpdateSchema`  |  \$1  | 
|   [UpdateTypedLinkFacet](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_UpdateTypedLinkFacet.html)   |  `clouddirectory:UpdateTypedLinkFacet`  |  \$1  | 
|   [UpgradeAppliedSchema](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_UpgradeAppliedSchema.html)   |  `clouddirectory:UpgradeAppliedSchema`  |  \$1  | 
|   [UpgradePublishedSchema](https://docs.aws.amazon.com/clouddirectory/latest/APIReference/API_UpgradePublishedSchema.html)   |  `clouddirectory:UpgradePublishedSchema`  |  \$1  |