tencent cloud

Feedback

Announcement on Authentication of a Newly Added API Interface of Database Audit

Last updated: 2024-03-07 10:09:31
    Dear Tencent Cloud User, on September 25, 2023, Tencent Cloud will incorporate CAM authentication access for a portion of the API interfaces pertaining to TencentDB for CynosDB database audit. To ensure normal access to the corresponding interfaces, please log in to the Tencent Cloud Cloud Access Management console prior to September 25, 2023, and add the necessary authorizations for the corresponding interfaces.

    Notes

    For users who have obtained authorization before this date, the deployment of authentication will not affect them. However, users who have not obtained authorization after this date and want to use the API need to secure authorization before gaining access to the relevant interfaces.

    Time to Take Effect

    Monday, September 25, 2023, Beijing Time.

    APIs that Require CAM Authentication (Fourteen in Total)

    API Name
    Interface Description
    Authorization Granularity
    ModifyAuditService
    Modifying the storage duration of audit logs, audit rules, and other service configurations for Tencent Cloud Database
    Resource-level
    DescribeInstanceAuditConfig
    Querying the instance audit configuration of the instance
    Operation-level
    DescribeAuditRuleWithInstanceIds
    Querying the audit rules of the instance based on the instance ID
    Resource-level
    DeleteAuditRuleTemplates
    Deleting audit rule templates
    Operation-level
    DescribeAuditLogs
    Querying audit logs
    Resource-level
    DescribeAuditLogFiles
    Investigating audit log files
    Resource-level
    CreateAuditLogFile
    Establishing audit log files
    Resource-level
    DeleteAuditLogFile
    Deleting audit log files
    Resource-level
    DescribeInstanceAuditConfig
    Querying the audit state of the instance
    Operation-level
    DescribeAuditLogs
    Audit log list page
    Resource-level
    DescribeAuditRuleTemplateModifyHistory
    Querying modification records of rule templates
    Operation-level
    ModifyAuditRuleTemplates
    Modifying audit rule template
    Operation-level
    DescribeAuditRuleTemplates
    Querying the audit rule template information
    Operation-level
    CreateAuditRuleTemplate
    Creating an audit rule template
    Operation-level
    OpenAuditService
    Activating audit service for instance
    Resource-level

    Authorization Operation Guide

    2. On the left navigation bar, click Policy.
    3. Select New Custom Policy > Create by Policy Generator, configure the corresponding policy parameters, and click Next.
    Resource-level Interfaces
    Effect: Select Allow.
    Service: Cloud Native Database TDSQL-C (cynosdb).
    Operation: According to the above API list, find and check the required resource levels interface.
    Resource: You can choose a specific instance or select all resources.
    
    Operation-level APIs
    Effect: Select Allow.
    Service: Cloud Native Database TDSQL-C (cynosdb).
    Action: Identify and select the required operating level interfaces according to the above API list.
    Resource: As it is not possible to specify instance, selecting all resources is suffice.
    
    4. Enter the basic policy information, associate it with a user/user group/role, and on completion, click Complete.
    
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support