tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Tencent Smart Advisor-Chaotic Fault Generator
    Documentation
    Download PDF

    Authorizable Resource Types

    Last updated: 2024-09-26 15:34:19
    Download PDF
      Resource-level permissions can be used to specify which resources a user can operate with. Tencent Smart Advisor-Chaotic Fault Generator (CFG) supports certain resource-level permissions. This means that for Chaotic Fault Generator operations that support resource-level permissions. You can control when to allow users to perform operations or use specified resources.
      Authorizable resource types in Cloud Access Management (CAM) are as follows:
      Resource Type
      Resource Description Method in Authorization Policy
      CFG Experiment Task Related
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      CFG Template Library Related
      qcs::cfg::$account:template/*
      qcs::cfg::$account:template/$TemplateId
      CFG Custom Action Related
      qcs::cfg::$account:actionid/*
      qcs::cfg::$account:actionid/$ActionId
      The following table describes API operations that currently support resource-level permissions in the CFG policy and the resources and condition keys supported by each operation. When specifying resource paths, you can use the * wildcard in the paths.

      List of APIs that support resource-level authorization

      Experiment Related

      API Call Sequence
      Resource Path
      DeleteTask
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      DescribeTask
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      DescribeTaskExecuteLogs
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      DescribeTaskList
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      DescribeTaskStatistics
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      DescribeTaskStatisticsOperateCondition
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      EditTask
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      ExecuteTask
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      ExecuteTaskInstance
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      ModifyTaskResult
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId
      ModifyTaskStatus
      qcs::cfg:$region:$account:taskid/*
      qcs::cfg:$region:$account:taskid/$TaskId

      Template Library Related

      API Call Sequence
      Resource Path
      DeleteTemplate
      qcs::cfg::$account:template/*
      qcs::cfg::$account:template/$TemplateId
      DescribeTemplate
      qcs::cfg::$account:template/*
      qcs::cfg::$account:template/$TemplateId
      DescribeTemplateList
      qcs::cfg::$account:template/*
      qcs::cfg::$account:template/$TemplateId
      EditTemplate
      qcs::cfg::$account:template/*
      qcs::cfg::$account:template/$TemplateId
      ModifyTemplateIsUsed
      qcs::cfg::$account:template/*
      qcs::cfg::$account:template/$TemplateId

      Action Library Related

      API Call Sequence
      Resource Path
      DescribeActionLibraryList
      qcs::cfg::$account:actionid/*
      qcs::cfg::$account:actionid/$ActionId
      DeleteCustomAction
      qcs::cfg::$account:actionid/*
      qcs::cfg::$account:actionid/$ActionId
      UpdateCustomAction
      qcs::cfg::$account:actionid/*
      qcs::cfg::$account:actionid/$ActionId
      DescribeCustomAction
      qcs::cfg::$account:actionid/*
      qcs::cfg::$account:actionid/$ActionId

      List of APIs not Supporting Resource-level Authorization

      For API operations that do not support resource-level permissions in the CFG policy, you can still grant user permissions to use these operations, but you must specify the resource element of the policy statement as *.
      API Call Sequence
      API Description
      CreateTask
      This API is used to create an experiment.
      CreateTemplate
      This API is used to create a template library.
      CreateCustomAction
      This API is used to create the custom action.
      DescribeActionFieldConfigList
      This API is used to obtain the action field configuration parameter list.
      DescribeActionLibraryList
      This API is used to obtain the action library list.
      DescribeCamIdentity
      This API is used to obtain user CAM service authorization information.
      DescribeNoticeId
      This API is used to obtain the user notification template ID.
      DescribeObjectMetrics
      This API is used to obtain monitoring metric information of object types.
      DescribeObjectTypeList
      This API is used to query the object type list.
      DescribeRegionList
      This API is used to query the region list.
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy