tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
TencentDB for TcaplusDB
    Documentation
    Download PDF

    Authorizable Resource Types

    Last updated: 2020-07-30 16:33:56
    Download PDF

      Resource-Level Permission Overview

      Resource-level permission can be used to specify which resources a user can manipulate. TcaplusDB supports certain resource-level permissions, i.e., allowing the user to perform operations or use specified resources.

      In Cloud Access Management (CAM), the types of TcaplusDB resources that can be authorized are as follows:

      Resource Type Resource Description Method in Authorization Policy
      Cluster qcs::tcaplusdb:$region:$account:cluster/$clusterId
      Table group qcs::tcaplusdb:$region:$account:tablegroup/$clusterId/$tablegroupId
      Table qcs::tcaplusdb:$region:$account:table/$tableId

      The TcaplusDB cluster APIs, TcaplusDB table group APIs, and TcaplusDB table APIs sections below describe the TcaplusDB API operations which currently support resource-level permission control as well as the resources and condition keys supported by each operation. When setting the resource path, you need to replace the variable parameters such as $region and $account with your real parameter information. You can also use the \* wildcard in the path. For related operation examples, please see TcaplusDB Access Control Examples.

      For a TcaplusDB API operation that does not support authorization at the resource level, you can still authorize a user to perform it, but you must specify \* as the resource element in the policy statement.

      List of APIs Not Supporting Resource-Level Permission

      API Operation API Description
      CreateBackup Creates backup
      CompareIdlFiles Uploads and verifies table modification file
      VerifyIdlFiles Uploads and verifies table creation file
      DescribeUinInWhitelist Queries whether the current user is in the allowlist
      DescribeRegions Queries region list
      DeleteIdlFiles Deletes IDL description file
      DescribeIdlFileInfos Queries table description file details
      DescribeIdlFileInfos Queries task list

      List of APIs Supporting Resource-Level Permission

      TcaplusDB cluster APIs

      API Operation Resource Path
      CreateCluster qcs::tcaplusdb:$region:$account:cluster/*
      qcs::tcaplusdb:$region:$account:cluster/$clusterId
      ModifyClusterName qcs::tcaplusdb:$region:$account:cluster/*
      qcs::tcaplusdb:$region:$account:cluster/$clusterId
      DeleteCluster qcs::tcaplusdb:$region:$account:cluster/*
      qcs::tcaplusdb:$region:$account:cluster/$clusterId
      DescribeClusters qcs::tcaplusdb:$region:$account:cluster/*
      qcs::tcaplusdb:$region:$account:cluster/$clusterId
      ModifyClusterPassword qcs::tcaplusdb:$region:$account:cluster/*
      qcs::tcaplusdb:$region:$account:cluster/$clusterId

      TcaplusDB table group APIs

      API Operation Resource Path
      CreateTableGroup qcs::tcaplusdb:$region:$account:tablegroup/*
      qcs::tcaplusdb:$region:$account:tablegroup/$clusterId/$tablegroupId
      DeleteTableGroup qcs::tcaplusdb:$region:$account:tablegroup/*
      qcs::tcaplusdb:$region:$account:tablegroup/$clusterId/$tablegroupId
      DescribeTableGroups qcs::tcaplusdb:$region:$account:tablegroup/*
      qcs::tcaplusdb:$region:$account:tablegroup/$clusterId/$tablegroupId
      ModifyTableGroupName qcs::tcaplusdb:$region:$account:tablegroup/*
      qcs::tcaplusdb:$region:$account:tablegroup/$clusterId/$tablegroupId

      TcaplusDB table APIs

      API Operation Resource Path
      CreateTables qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      ClearTables qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      DeleteTables qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      DescribeTables qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      DescribeTablesInRecycle qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      ModifyTableMemos qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      ModifyTableQuotas qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      ModifyTables qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      RecoverRecycleTables qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      RollbackTables qcs::tcaplusdb:$region:$account:table/*
      qcs::tcaplusdb:$region:$account:table/$tableId
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy