tencent cloud

Feedback

Authorizable Resource Types

Last updated: 2024-10-23 10:24:14
    ENI supports resource-level permission control, which means you can specify when a user is allowed for an operation, and what resource can a user get access to.
    Cloud Access Management (CAM) allows you to grant access permissions to the following resources.
    Resource Type
    Resource Description Method in Authorization Policies
    qcs::vpc:$region:$account:eni/$networkInterfaceId
    ENI APIs describes ENI API operations that currently support resource-level permissions as well as resources and condition keys supported by each operation. When configuring the resource path, you need to replace variable parameters such as $region and $account with your actual parameters. You can also use the * wildcard in the path. For more information, see CAM Examples.
    Note:
    ENI API operations not listed in the table do not support resource-level permissions. You can still authorize users to perform these operations, but the resource element of the policy statement must be specified as *.

    ENI APIs

    API Operation
    Resource Path
    Condition Key
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    VPC resourceqcs::vpc:$region:$account:vpc/*qcs::vpc:$region:$account:vpc/$vpcId
    vpc:region
    CVM resourceqcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId
    cvm:region
    ENI resourceqcs::vpc:$region:$account:eni/*
    vpc:vpcvpc:subnetvpc:region
    VPC resourceqcs::vpc:$region:$account:vpc/*qcs::vpc:$region:$account:vpc/$vpcId
    vpc:region
    Subnet resourceqcs::vpc:$region:$account:subnet/*qcs::vpc:$region:$account:subnet/$subnetId
    vpc:vpcvpc:region
    ENI resourceqcs::vpc:$region:$account:eni/*
    vpc:vpcvpc:subnetvpc:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    CVM resourceqcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId
    cvm:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    CVM Resourceqcs::cvm:$region:$account:instance/*qcs::cvm:$region:$account:instance/$instanceId(permission is required before and after the migration)
    cvm:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    ENI resourceqcs::vpc:$region:$account:eni/*qcs::vpc:$region:$account:eni/$networkInterfaceId
    vpc:vpcvpc:subnetvpc:region
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support