Tencent Cloud Organization
- Operation Guide
- Organization Settings
- Department Management
- Member Account Management
- Member Finance Management
- Unified Organization Payment Mode (Pay-on-Behalf)
- Member Access Management
- Service Control Policy
- Resource Management
- Resource Sharing
- Management of Shared Resources by the Sharer
- Additional Operations
- Management of Shared Resources by the Shared User
- Organization Service Management
- Member Audit
- Identity Center Management
- Introduction to Identity Center
- Identity Center Use Cases
- Settings
- SCIM Synchronization
- Examples of SCIM Synchronization
- Examples of Synchronization from OneLogin via SCIM
- SSO Login
- Manage Permission Configuration
- Manage Multi-account Authorization
- Manage CAM User Synchronization
- API Documentation
- Making API Requests
- Organization Settings APIs
- Department and Member Management APIs
- ListOrganizationIdentity
- Unified Member Login APIs
- Organization Service Management APIs
- Resource Sharing APIs
- Identity Center Management APIs
- Identity Center User Management APIs
- Identity Center User Group Management APIs
- Identity Center Management SCIM Synchronization APIs
- Identity Center Single Sign-On Management APIs
- Identity Center Permission Configuration Management APIs
- Identity Center Multi-Account Authorization Management APIs
- Identity Center Sub-User Synchronization Management APIs
- TCO API 2018-12-25
- Making API Requests
- Read APIs
- Write APIs
- Related Agreement
DocumentationTencent Cloud OrganizationOperation GuideIdentity Center ManagementManage Permission ConfigurationOverview of Permission Configuration
Overview of Permission Configuration
Last updated: 2024-10-14 14:17:23
Permission configuration is a configuration template used by Identity Center users to access accounts. It includes predefined policies of Cloud Access Management (CAM) and does not currently support custom policies. You can use this template to authorize Identity Center users on the account.
First Deployment of Permission Configuration
When you set permissions for users or user groups on the account, you need to specify a permission configuration. If no other users or user groups have been deployed with a permission configuration on that account, the Identity Center will deploy a permission configuration in the account's CAM for you. The deployment in CAM includes the following:
Create a CAM role of type Identity Center synchronization.
On the CAM role, bind the system policy specified in permission configuration. Custom policies are not currently supported.
If no authorizations have been made on the account, create an identity provider, allowing Identity Center users to use role single sign-on (SSO) to log in to the account.
You can view the aforementioned CAM role and identity provider in the CAM console of the account, but you cannot modify or delete them.
Redeploying Permission Configuration
If the permission configuration has already been deployed to an account but changes are made to the permission configuration, these changes will not be automatically updated to the account. You need to manually redeploy (add or delete system policies) for the changes to take effect.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No