What are the conditions for enabling Control Center?
Control Center is only available for enterprise customers who have completed identity verification. Customers who have enabled the Tencent Cloud Organization service can use the admin account and its sub-accounts with Control Center, but member accounts are not supported.
What are the configurations in a landing zone?
A landing zone includes eight configurations: departments, core accounts, finance, identities and permissions, security rules, CloudAudit log shipping, Config log shipping, and account invitations.
Can I disable Control Center?
No. Control Center cannot be disabled once it is enabled.
Is Control Center free of charge?
Yes. Control Center is free to use. However, you may incur fees for using other associated products. For example, CloudAudit log shipping and Config log shipping incur Tencent Cloud Object Storage (COS) bucket fees.
What financial capabilities are provided?
For direct customers, Control Center provides two payment modes: self-pay and pay-on-behalf. Pay-on-behalf allows an admin account to pay on behalf of other accounts in the same entity as itself. Control Center also provides six financial permissions: bill viewing, balance viewing, fund allocation, consolidated billing, invoicing, and discount inheritance.
What core accounts are supported?
Core accounts are delegated by the enterprise admin account to manage other accounts. For example, security accounts, logging accounts, and financial accounts are currently supported.
What is the difference between Control Center permissions management and CAM?
Permissions management in Control Center enables an enterprise admin account to manage the permissions of other root accounts within the enterprise. On the other hand, Cloud Access Management (CAM) is used to manage permissions for a specific root account. However, permissions management capabilities in Control Center are built on CAM functionalities.
Which accounts can be managed in Control Center?
All accounts, whether invited or created in Control Center, can be accessed and managed in the Login permissions module of Control Center.
Can I customize permissions as required?
A permission is a set of policies. You can customize up to 20 permissions. However, the policies that make up permissions are preset and cannot be customized.
Can I specify the accounts from which CloudAudit logs will be shipped?
No. By default, multi-account log shipping is enabled by the admin or logging account. This means that CloudAudit logs from all accounts within the organization will be shipped. However, you can specify the products and events involved in log shipping.
Will the contact method be verified when I add a contact to a contact baseline?
Verification is not required during baseline configuration. However, if the baseline is applied to an account, the contact method must be verified before the contact can receive messages.
Was this page helpful?