tencent cloud

Feedback

Overview

Last updated: 2023-11-08 10:18:09
    This document describes the permissions that can be granted to sub-users of Stream Compute Service. Sub-users can ‍access the service only after authorization by the root account. For authorization steps, see Configuring Basic Permissions and Space Role Permissions.
    Permission management in Stream Compute Service involves three aspects:
    1. CAM policy
    2. Access to other services
    3. Space role permissions
    CAM policy involves the basic access to Tencent Cloud resources. Space role permissions involve the fine-grained management of permissions on jobs and resources in Stream Compute Service. Access to other services involves the access to your other Tencent Cloud resources by Stream Compute Service.

    CAM policy

    After Signup, the generated Tencent Cloud account is the root account, which has the permission to manage all Tencent Cloud resources under it. If you need other users to help you manage the Tencent Cloud resources under your account, you can create, manage, and terminate users (groups) in CAM and use identity and policy management features to control their access to your resources.

    Access to other services

    The underlying system services of Stream Compute Service must be authorized to access various cloud service resources such as CKafka, COS, and CLS via your VPC. This is the most basic authorization required for the proper running of the Stream Compute Service system. When this authorization is required during the use of Stream Compute Service, the authorization page will automatically appear.

    Space role permissions

    Within the framework of the unified Tencent Cloud CAM, Stream Compute Service has its own predefined system for space role permissions ‍to help coordinate between different business departments of your organization. These permissions help you isolate compute resources of different businesses and control at a finer granularity the permissions of different members to view and operate jobs and files. A space isolates the jobs, metadata, dependencies, and other resources in it from the outside world. In the space, each sub-account is assigned a predefined role with the required permissions.
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support