- Updates and Announcements
- User Tutorial
- Product Introduction
- Purchase Guide
- Getting Started
- Configuration Guide
- Permission Management
- Use Cases
- Practical Tutorial
- API Documentation
- FAQ
- Troubleshooting Methods
- Service Level Agreement
- Glossary
- Updates and Announcements
- User Tutorial
- Product Introduction
- Purchase Guide
- Getting Started
- Configuration Guide
- Permission Management
- Use Cases
- Practical Tutorial
- API Documentation
- FAQ
- Troubleshooting Methods
- Service Level Agreement
- Glossary
Activate Real-time Logging as Sub-account/Collaborator
Last updated: 2021-12-20 12:20:05
To activate real-time logging as a sub-account or collaborator, you need to ask the root account or sub-account with administrator permissions to grant access to the following:
- Preset policy:
QcloudCamSubaccountsAuthorizeRoleFullAccess - Custom policy:
cdn_PassRole
Directions
Associate the preset policy
QcloudCamSubaccountsAuthorizeRoleFullAccessto the sub-account or collaborator.
The root account/sub-account with administrator permissions needs to log in to the CAM console, and select Policy on the left sidebar. Search the preset policyQcloudCamSubaccountsAuthorizeRoleFullAccess, and click Associate Users/Groups on the right of the policy. In the pop-up dialog, select a sub-account/collaborator to be associated.Create a custom policy
cdn_PassRoleand associate the policy to the sub-account or collaborator.The root account/sub-account with administrator permissions needs to log in to the CAM console, select Policy on the left sidebar, and then click Create Custom Policy. In the pop-up dialog, select Create by Policy Syntax.
On the Create by Policy Syntax page, select Blank Template, and click Next. On the Edit Policy page, enter the policy name and content as shown below before clicking Done.
The policy syntax is as follows:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cam:PassRole" ], "resource": [ "qcs::cam::uin/${OwnerUin}:roleName/CDN_QCSRole" ] } ] }${OwnerUin}should be replaced with the root account ID, which can be obtained from the CAM console.Associate the custom policy
cdn_PassRoleto the sub-account or collaborator.
On the Policy page, the custom policycdn_PassRolecreated is displayed, or search the policy by its name. Click Associate Users/Groups on the right of the policy. In the pop-up dialog, select a sub-account/collaborator to be associated.
After all the policy associations are complete, the sub-account/collaborator can activate real-time logging as prompted in the console.
Yes
No
Was this page helpful?