[英]How does Amazon Managed Blockchain's QLDB handle permissions for the different orgs?
QLDB seems to be this centralized extension built upon the Fabric orderer service that allows you to query a replication of the blockchain network in an SQL-like manner. QLDB似乎是基于Fabric订购服务构建的集中式扩展,允许您以类似SQL的方式查询区块链网络的复制。
With the different orgs on the network, I was wondering how QLDB handles permissions? 对于网络上的不同组织,我想知道QLDB如何处理权限? It wouldn't make sense for every member to have full access to all data in QLDB, so is there some built-in method of access control for specific parts of the data?
每个成员都不能完全访问QLDB中的所有数据是没有意义的,那么是否有一些内置的针对数据特定部分的访问控制方法?
As with all AWS services, permissions are managed by IAM. 与所有AWS服务一样,权限由IAM管理。
With the general availability announcement of QLDB on 9/10/29, we now have the answer to this question from Actions, Resources, and Condition Keys for Amazon QLDB . 随着9月29日QLDB的全面可用性公告,我们现在可以从Amazon QLDB的操作,资源和条件键中得到该问题的答案。
At the time of this writing, the following are the QLDB permissions that you can grant with IAM: 在撰写本文时,以下是可以通过IAM授予的QLDB权限:
CreateLedger
DeleteLedger
DescribeJournalS3Export
DescribeLedger
ExecuteStatement
ExportJournalToS3
GetBlock
GetDiges
GetRevision
InsertSampleData
ListJournalS3Exports
ListJournalS3ExportsForLedger
ListLedgers
ListTagsForResource
SendCommand
ShowCatalog
TagResource
UntagResource
UpdateLedger
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.