Mechanism to manage group of resources using virtual resource containers
摘要
說明書
Referring to the above code, “Version” may denote the version of the resource container policy, and “Statement” may be utilized to denote a specific policy of the resource container policy. The resource container policy may comprise various policies of the resource container policy, each separated with the heading “Statement,” “Sid,” or statement id, may be an identifier generated by the customer A 202A to denote the specific policy of the “Statement,” which in this case is permissions for the customer B 202B (e.g., “AddPermissionsFor456”), associated with Account 456. “Principal” may denote the user the specific policy pertains to, which may be a user of the Account 456, which may be operated by a user “Bob.” “Action” may denote the action or functionality the specific policy pertains to, which in this case is the attach resource functionality, in the form of “RCs:AttachResource.” “Resource” may denote the resource container the specific policy applies to, which in this case is “ProjectPhobos.” “Condition” may specify various facets of the specific policy, such as the resources the user is permitted to add. In this case, “RCs:resourceURN” specifies that the user may only add “db” corresponding to databases, and “vm” corresponding to virtual machines, that are managed by the user, which in this case is the Account 456. “Effect” may denote that the status of the “Action” of the specific policy; in this case, the functionality or action denoted by “Action” is allowed, denoted by “Allow.” It should be noted that, in various embodiments, resource container policy configuration and policies might be implemented in various forms, utilizing various computing programming languages; the above example is intended to be an illustrative example and may vary based on specific implementations.
