You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description: "Engine major version id. If a minor version id exists, you only need to pass in the minor version id. If it does not exist, the latest minor version id under the current major version will be obtained.",
48
+
Description: "ID of the major version of the engine. If there is the ID of the minor version, only the ID of the minor version needs to be input. If not, the latest ID of the minor version under the major version will be acquired.",
Description: "User id, the same as the sub-user uin.",
25
+
Description: "User ID, which is the same as the sub-user UIN. The CreateUser API is needed to create a user at first. The DescribeUsers API can be used for viewing.",
29
26
},
30
27
31
28
"policy_set": {
32
29
Optional: true,
33
30
ForceNew: true,
34
31
Type: schema.TypeList,
35
-
Description: "Authentication policy collection.",
32
+
Description: "Collection of authentication policies.",
36
33
Elem: &schema.Resource{
37
34
Schema: map[string]*schema.Schema{
38
35
"database": {
39
36
Type: schema.TypeString,
40
37
Required: true,
41
-
Description: "Database name that requires authorization, fill in * to represent all databases under the current catalog. When the authorization type is administrator level, only * is allowed to be filled in. when the authorization type is data connection level, only blanks are allowed to be filled in. For other types, the database can be specified arbitrarily.",
38
+
Description: "The name of the target database. `*` represents all databases in the current catalog. To grant admin permissions, it must be `*`; to grant data connection permissions, it must be null; to grant other permissions, it can be any database.",
42
39
},
43
40
"catalog": {
44
41
Type: schema.TypeString,
45
42
Required: true,
46
-
Description: "For the data source name that requires authorization, only * (representing all resources at this level) is supported under the administrator level; in the case of data source level and database level authentication, only COSDataCatalog or * is supported; in data table level authentication, it is possible Fill in the user-defined data source. If left blank, it defaults to DataLakeCatalog. note: If a user-defined data source is authenticated, the permissions that dlc can manage are a subset of the accounts provided by the user when accessing the data source.",
43
+
Description: "The name of the target data source. To grant admin permission, it must be `*` (all resources at this level); to grant data source and database permissions, it must be `COSDataCatalog` or `*`; to grant table permissions, it can be a custom data source; if it is left empty, `DataLakeCatalog` is used. Note: To grant permissions on a custom data source, the permissions that can be managed in the Data Lake Compute console are subsets of the account permissions granted when you connect the data source to the console.",
47
44
},
48
45
"table": {
49
46
Type: schema.TypeString,
50
47
Required: true,
51
-
Description: "For the table name that requires authorization, fill in * to represent all tables under the current database. when the authorization type is administrator level, only * is allowed to be filled in. when the authorization type is data connection level or database level, only blanks are allowed to be filled in. For other types, data tables can be specified arbitrarily.",
48
+
Description: "The name of the target table. `*` represents all tables in the current database. To grant admin permissions, it must be `*`; to grant data connection and database permissions, it must be null; to grant other permissions, it can be any table.",
52
49
},
53
50
"operation": {
54
51
Type: schema.TypeString,
55
52
Required: true,
56
-
Description: "Authorized permission operations provide different operations for different levels of authentication. administrator permissions: ALL, default is ALL if left blank; data connection level authentication: CREATE; database level authentication: ALL, CREATE, ALTER, DROP; data table permissions: ALL, SELECT, INSERT, ALTER, DELETE, DROP, UPDATE. note: under data table permissions, only SELECT operations are supported when the specified data source is not COSDataCatalog.",
53
+
Description: "The target permissions, which vary by permission level. Admin: `ALL` (default); data connection: `CREATE`; database: `ALL`, `CREATE`, `ALTER`, and `DROP`; table: `ALL`, `SELECT`, `INSERT`, `ALTER`, `DELETE`, `DROP`, and `UPDATE`. Note: For table permissions, if a data source other than `COSDataCatalog` is specified, only the `SELECT` permission can be granted here.",
57
54
},
58
55
"policy_type": {
59
56
Type: schema.TypeString,
60
57
Optional: true,
61
-
Description: "Authorization type, currently supports eight authorization types: ADMIN: Administrator level authentication DATASOURCE: data connection level authentication DATABASE: database level authentication TABLE: Table level authentication VIEW: view level authentication FUNCTION: Function level authentication COLUMN: Column level authentication ENGINE: Data engine authentication. if left blank, the default is administrator level authentication.",
58
+
Description: "The permission type. Valid values: `ADMIN`, `DATASOURCE`, `DATABASE`, `TABLE`, `VIEW`, `FUNCTION`, `COLUMN`, and `ENGINE`. Note: If it is left empty, `ADMIN` is used.",
62
59
},
63
60
"function": {
64
61
Type: schema.TypeString,
65
62
Optional: true,
66
-
Description: "For the function name that requires authorization, fill in * to represent all functions under the current catalog. when the authorization type is administrator level, only * is allowed to be filled in. When the authorization type is data connection level, only blanks are allowed to be filled in. in other types, functions can be specified arbitrarily.",
63
+
Description: "The name of the target function. `*` represents all functions in the current catalog. To grant admin permissions, it must be `*`; to grant data connection permissions, it must be null; to grant other permissions, it can be any function.",
67
64
},
68
65
"view": {
69
66
Type: schema.TypeString,
70
67
Optional: true,
71
-
Description: "For views that require authorization, fill in * to represent all views under the current database. When the authorization type is administrator level, only * is allowed to be filled in. when the authorization type is data connection level or database level, only blanks are allowed to be filled in. for other types, the view can be specified arbitrarily.",
68
+
Description: "The name of the target view. `*` represents all views in the current database. To grant admin permissions, it must be `*`; to grant data connection and database permissions, it must be null; to grant other permissions, it can be any view.",
72
69
},
73
70
"column": {
74
71
Type: schema.TypeString,
75
72
Optional: true,
76
-
Description: "For columns that require authorization, fill in * to represent all current columns. When the authorization type is administrator level, only * is allowed.",
73
+
Description: "The name of the target column. `*` represents all columns. To grant admin permissions, it must be `*`.",
77
74
},
78
75
"data_engine": {
79
76
Type: schema.TypeString,
80
77
Optional: true,
81
-
Description: "Data engines that require authorization, fill in * to represent all current engines. when the authorization type is administrator level, only * is allowed.",
78
+
Description: "The name of the target data engine. `*` represents all engines. To grant admin permissions, it must be `*`.",
82
79
},
83
80
"re_auth": {
84
81
Type: schema.TypeBool,
85
82
Optional: true,
86
-
Description: "Whether the user can perform secondary authorization. when it is true, the authorized user can re-authorize the permissions obtained this time to other sub-users. default is false.",
83
+
Description: "Whether the grantee is allowed to further grant the permissions. Valid values: `false` (default) and `true` (the grantee can grant permissions gained here to other sub-users).",
87
84
},
88
85
"source": {
89
86
Type: schema.TypeString,
90
87
Optional: true,
91
-
Description: "Permission source, please leave it blank. USER: permissions come from the user itself; WORKGROUP: permissions come from the bound workgroup.",
88
+
Description: "The permission source, which is not required when input parameters are passed in. Valid values: `USER` (from the user) and `WORKGROUP` (from one or more associated work groups).",
92
89
},
93
90
"mode": {
94
91
Type: schema.TypeString,
95
92
Optional: true,
96
-
Description: "Authorization mode, please leave this parameter blank. COMMON: normal mode; SENIOR: advanced mode.",
93
+
Description: "The grant mode, which is not required as an input parameter. Valid values: `COMMON` and `SENIOR`.",
97
94
},
98
95
"operator": {
99
96
Type: schema.TypeString,
100
97
Optional: true,
101
-
Description: "Operator, do not fill in the input parameters.",
98
+
Description: "The operator, which is not required as an input parameter.",
102
99
},
103
100
"create_time": {
104
101
Type: schema.TypeString,
105
102
Optional: true,
106
-
Description: "The time when the permission was created. Leave the input parameter blank.",
103
+
Description: "The permission policy creation time, which is not required as an input parameter.",
107
104
},
108
105
"source_id": {
109
106
Type: schema.TypeInt,
110
107
Optional: true,
111
-
Description: "The id of the workgroup to which the permission belongs. this value only exists when the source of the permission is a workgroup. that is, this field has a value only when the value of the Source field is WORKGROUP.",
108
+
Description: "The ID of the work group, which applies only when the value of the `Source` field is `WORKGROUP`.",
112
109
},
113
110
"source_name": {
114
111
Type: schema.TypeString,
115
112
Optional: true,
116
-
Description: "The name of the workgroup to which the permission belongs. this value only exists when the source of the permission is a workgroup. that is, this field has a value only when the value of the source field is WORKGROUP.",
113
+
Description: "The name of the work group, which applies only when the value of the `Source` field is `WORKGROUP`.",
0 commit comments