tencent cloud

Feedback

Configure CAM Role Synchronization

Last updated: 2024-07-31 14:17:23

    Overview

    Based on the group account organizational structure, you can set allowed access users or user groups for each account, as well as their permission configuration.
    This document provides an example of deploying permission configuration on a member account (Account1) for a user (user1) from the Identity Center. The permission configuration defines access only to CVM, ensuring that the user (user1) from the Identity Center can only access CVM resources in the member account (Account1).

    Prerequisites

    Make sure you have created permission configuration.
    In this example, the permission configuration has been bound to preset policies, with no user-defined policies created.
    Make sure you have created or synchronized a user.
    In this example, a user (user1) is created with the Identity Center. For details, refer to Manage Users.

    Directions

    1. Go to TCO > Identity Center.
    2. In the left sidebar, click CAM Synchronization > Multi-Account Authorization Management.
    3. On the Multi-Account Authorization Management page, select the target account.
    In this example, select the member account (Account1).
    4. Click Configure CAM Role Synchronization.
    
    
    
    5. On the Configure CAM Role Synchronization page, select the target user or user group, and then click Next.
    In this example, select the user (user1).
    
    
    
    6. Select the target Permission Configuration, and then click Next.
    
    
    
    7. Review the configuration information, and then click Submit.
    
    
    
    8. Wait for the configuration to finish, and then click Completed.

    Result Verification

    1. Log in to the Group Account Identity Center Portal using the Identity Center user (user1).
    For detailed operations, refer to Identity Center User Login.
    2. On the CAM Role Login tab, click Show Details in the permission column of the member account (Account1).
    3. On the permission panel, click Log in in the Action column of the target permission configuration.
    4. Access CVM resources in the member account (Account1) as a CAM Role.
    Note:
    Since only access to CVM is configured, you can only access CVM Resources. If you need to access other resources, modify policies in the permission configuration and redeploy the permission configuration.
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support