Dear Tencent Cloud User, on September 25, 2023, Tencent Cloud will incorporate CAM authentication access for a portion of the API interfaces pertaining to TencentDB for CynosDB database audit. To ensure normal access to the corresponding interfaces, please log in to the Tencent Cloud Cloud Access Management console prior to September 25, 2023, and add the necessary authorizations for the corresponding interfaces. Notes
For users who have obtained authorization before this date, the deployment of authentication will not affect them. However, users who have not obtained authorization after this date and want to use the API need to secure authorization before gaining access to the relevant interfaces.
Time to Take Effect
Monday, September 25, 2023, Beijing Time.
APIs that Require CAM Authentication (Fourteen in Total)
|
ModifyAuditService | Modifying the storage duration of audit logs, audit rules, and other service configurations for Tencent Cloud Database | Resource-level |
DescribeInstanceAuditConfig | Querying the instance audit configuration of the instance | Operation-level |
DescribeAuditRuleWithInstanceIds | Querying the audit rules of the instance based on the instance ID | Resource-level |
DeleteAuditRuleTemplates | Deleting audit rule templates | Operation-level |
DescribeAuditLogs | Querying audit logs | Resource-level |
DescribeAuditLogFiles | Investigating audit log files | Resource-level |
CreateAuditLogFile | Establishing audit log files | Resource-level |
DeleteAuditLogFile | Deleting audit log files | Resource-level |
DescribeInstanceAuditConfig | Querying the audit state of the instance | Operation-level |
DescribeAuditLogs | Audit log list page | Resource-level |
DescribeAuditRuleTemplateModifyHistory | Querying modification records of rule templates | Operation-level |
ModifyAuditRuleTemplates | Modifying audit rule template | Operation-level |
DescribeAuditRuleTemplates | Querying the audit rule template information | Operation-level |
CreateAuditRuleTemplate | Creating an audit rule template | Operation-level |
OpenAuditService | Activating audit service for instance | Resource-level |
Authorization Operation Guide
2. On the left navigation bar, click Policy.
3. Select New Custom Policy > Create by Policy Generator, configure the corresponding policy parameters, and click Next.
Resource-level Interfaces
Effect: Select Allow.
Service: Cloud Native Database TDSQL-C (cynosdb).
Operation: According to the above API list, find and check the required resource levels interface. Resource: You can choose a specific instance or select all resources.
Operation-level APIs
Effect: Select Allow.
Service: Cloud Native Database TDSQL-C (cynosdb).
Action: Identify and select the required operating level interfaces according to the above API list. Resource: As it is not possible to specify instance, selecting all resources is suffice.
4. Enter the basic policy information, associate it with a user/user group/role, and on completion, click Complete.
Was this page helpful?