tencent cloud

All product documents
Elastic Network Interface
DocumentationElastic Network InterfaceOperation GuideCloud Access ManagementAuthorizable Resource Types
Authorizable Resource Types
Download PDF
Last updated: 2024-10-23 10:24:14
Authorizable Resource Types
Last updated: 2024-10-23 10:24:14
Download PDF
ENI supports resource-level permission control, which means you can specify when a user is allowed for an operation, and what resource can a user get access to.
Cloud Access Management (CAM) allows you to grant access permissions to the following resources.
Resource Type
Resource Description Method in Authorization Policies
qcs::vpc:$region:$account:eni/$networkInterfaceId
ENI APIs describes ENI API operations that currently support resource-level permissions as well as resources and condition keys supported by each operation. When configuring the resource path, you need to replace variable parameters such as $region and $account with your actual parameters. You can also use the * wildcard in the path. For more information, see CAM Examples.
Note:
ENI API operations not listed in the table do not support resource-level permissions. You can still authorize users to perform these operations, but the resource element of the policy statement must be specified as *.

ENI APIs

API Operation
Resource Path
Condition Key
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
VPC resourceqcs::vpc:$region:$account:vpc/*qcs::vpc:$region:$account:vpc/$vpcId
vpc:region
CVM resourceqcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId
cvm:region
ENI resourceqcs::vpc:$region:$account:eni/*
vpc:vpcvpc:subnetvpc:region
VPC resourceqcs::vpc:$region:$account:vpc/*qcs::vpc:$region:$account:vpc/$vpcId
vpc:region
Subnet resourceqcs::vpc:$region:$account:subnet/*qcs::vpc:$region:$account:subnet/$subnetId
vpc:vpcvpc:region
ENI resourceqcs::vpc:$region:$account:eni/*
vpc:vpcvpc:subnetvpc:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
CVM resourceqcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId
cvm:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
CVM Resourceqcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId(permission is required before and after the migration)
cvm:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region
ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
vpc:vpcvpc:subnetvpc:region

Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback

Contact Us

Contact our sales team or business advisors to help your business.

Contact Us
Technical Support

Open a ticket if you're looking for further assistance. Our Ticket is 7x24 available.

Submit a Ticket
7x24 Phone Support