- Product Introduction
- Purchase Guide
- Getting Started
- User Guide
- Overview
- Users
- Access Key
- User Groups
- Role
- Identity Provider
- SSO Overview
- Practical Scenarios for SSO
- User-Based SSO
- Role-Based SSO
- Overview
- Overview of SAML Role-Based SSO
- Overview of OIDC Role-Based Single Sign-On
- SAML 2.0-Based Federation
- Accessing Tencent Cloud Console as SAML 2.0 Federated Users
- Creating a SAML IdP
- Creating an OIDC Identity Provider
- Managing IdPs
- Azure Active Directory Single Sign-On
- OneLogin Single Sign-On
- Okta Single Sign-On
- ADFS SSO to Tencent Cloud
- Implementing OIDC-Based Role-Based SSO
- Policies
- Permissions Boundary
- Troubleshooting
- Downloading Security Analysis Report
- CAM-Enabled Role
- Overview
- Compute
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Middleware
- Interactive Video Services
- Media On-Demand
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- CAM-Enabled API
- Overview
- Compute
- Edge Computing
- Container
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Endpoint Security
- Data Security
- Business Security
- Application Security
- Domains & Websites
- Big Data
- Voice Technology
- Image Creation
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Middleware
- Communication
- Interactive Video Services
- Stream Services
- Media On-Demand
- Media Process Services
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- More
- Practical Tutorial
- Security Practical Tutorial
- Multi-Identity Personnel Permission Management
- Authorizing Certain Operations by Tag
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Reviewing Employee Operation Records on Tencent Cloud
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- During tag-based authentication, only tag key matching is supported
- Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- Authorizing Sub-account Full Access to Specific Directory
- Authorizing Sub-account Read-only Access to Files in Specific Directory
- Authorizing Sub-account Read/Write Access to Specific File
- Authorizing Sub-account Read-only Access to COS Resources
- Authorizing a Sub-account Read/Write Access to All Files in Specified Directory Except Specified Files
- Authorizing Sub-account Read/Write Access to Files with Specified Prefix
- Authorizing Another Account Read/Write Access to Specific Files
- Authorizing Cross-Account ’s Sub-account Read/Write Access to Specified File
- Authorizing Sub-account Full Access to COS Resources under the Account
- CVM
- Authorizing Sub-account Full Access to CVMs
- Authorizing Sub-account Read-only Access to CVMs
- Authorizing Sub-account Read-only Access to CVM-related Resources
- Authorizing Sub-account Access to Perform Operations on CBSs
- Authorizing Sub-account Access to Perform Operations on Security Groups
- Authorizing Sub-account Access to Perform Operations on EIPs
- Authorizing Sub-account Access to Perform Operations on Specific CVM
- Authorizing Sub-account Access to Perform Operations on CVMs in Specific Region
- Authorizing Sub-account Full Access to CVMs Except Payment
- VPC
- Authorizing Sub-account Access to Perform Operations on Specific VPC and Resources of This VPC
- Authorizing Sub-account Access to Perform Operations on VPC Except on Routing Table
- Authorizing Sub-account Access to Perform Operations on VPN
- Authorizing Sub-account Full Access to VPCs
- Authorizing a Sub-account Full Access to VPCs Except Payment
- Authorizing Sub-account Read-only Access to VPCs
- VOD
- Others
- API Documentation
- History
- Introduction
- API Category
- User APIs
- DescribeSafeAuthFlagColl
- CreateGroup
- UpdateUser
- UpdateGroup
- RemoveUserFromGroup
- ListUsersForGroup
- ListUsers
- ListGroupsForUser
- ListGroups
- GetUser
- GetGroup
- DeleteUser
- DeleteGroup
- AddUserToGroup
- AddUser
- SetMfaFlag
- GetCustomMFATokenInfo
- ConsumeCustomMFAToken
- ListCollaborators
- ListAccessKeys
- PutUserPermissionsBoundary
- DeleteUserPermissionsBoundary
- DescribeSubAccounts
- GetSecurityLastUsed
- GetAccountSummary
- GetUserAppId
- UpdateAccessKey
- DeleteAccessKey
- CreateAccessKey
- Making API Requests
- Identity Provider APIs
- Policy APIs
- UpdatePolicy
- ListPolicies
- ListEntitiesForPolicy
- ListAttachedUserPolicies
- ListAttachedGroupPolicies
- GetPolicy
- DetachUserPolicy
- DetachGroupPolicy
- DeletePolicy
- CreatePolicy
- AttachUserPolicy
- AttachGroupPolicy
- SetDefaultPolicyVersion
- ListPolicyVersions
- GetPolicyVersion
- DeletePolicyVersion
- CreatePolicyVersion
- ListAttachedUserAllPolicies
- Role APIs
- UpdateRoleDescription
- UpdateAssumeRolePolicy
- ListAttachedRolePolicies
- GetRole
- DetachRolePolicy
- DescribeRoleList
- DeleteRole
- CreateRole
- AttachRolePolicy
- UpdateRoleConsoleLogin
- GetServiceLinkedRoleDeletionStatus
- DeleteServiceLinkedRole
- CreateServiceLinkedRole
- PutRolePermissionsBoundary
- DeleteRolePermissionsBoundary
- DescribeSafeAuthFlag
- DescribeSafeAuthFlagIntl
- UntagRole
- TagRole
- Data Types
- Error Codes
- FAQs
- Glossary
- Product Introduction
- Purchase Guide
- Getting Started
- User Guide
- Overview
- Users
- Access Key
- User Groups
- Role
- Identity Provider
- SSO Overview
- Practical Scenarios for SSO
- User-Based SSO
- Role-Based SSO
- Overview
- Overview of SAML Role-Based SSO
- Overview of OIDC Role-Based Single Sign-On
- SAML 2.0-Based Federation
- Accessing Tencent Cloud Console as SAML 2.0 Federated Users
- Creating a SAML IdP
- Creating an OIDC Identity Provider
- Managing IdPs
- Azure Active Directory Single Sign-On
- OneLogin Single Sign-On
- Okta Single Sign-On
- ADFS SSO to Tencent Cloud
- Implementing OIDC-Based Role-Based SSO
- Policies
- Permissions Boundary
- Troubleshooting
- Downloading Security Analysis Report
- CAM-Enabled Role
- Overview
- Compute
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Middleware
- Interactive Video Services
- Media On-Demand
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- CAM-Enabled API
- Overview
- Compute
- Edge Computing
- Container
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Endpoint Security
- Data Security
- Business Security
- Application Security
- Domains & Websites
- Big Data
- Voice Technology
- Image Creation
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Middleware
- Communication
- Interactive Video Services
- Stream Services
- Media On-Demand
- Media Process Services
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- More
- Practical Tutorial
- Security Practical Tutorial
- Multi-Identity Personnel Permission Management
- Authorizing Certain Operations by Tag
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Reviewing Employee Operation Records on Tencent Cloud
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- During tag-based authentication, only tag key matching is supported
- Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- Authorizing Sub-account Full Access to Specific Directory
- Authorizing Sub-account Read-only Access to Files in Specific Directory
- Authorizing Sub-account Read/Write Access to Specific File
- Authorizing Sub-account Read-only Access to COS Resources
- Authorizing a Sub-account Read/Write Access to All Files in Specified Directory Except Specified Files
- Authorizing Sub-account Read/Write Access to Files with Specified Prefix
- Authorizing Another Account Read/Write Access to Specific Files
- Authorizing Cross-Account ’s Sub-account Read/Write Access to Specified File
- Authorizing Sub-account Full Access to COS Resources under the Account
- CVM
- Authorizing Sub-account Full Access to CVMs
- Authorizing Sub-account Read-only Access to CVMs
- Authorizing Sub-account Read-only Access to CVM-related Resources
- Authorizing Sub-account Access to Perform Operations on CBSs
- Authorizing Sub-account Access to Perform Operations on Security Groups
- Authorizing Sub-account Access to Perform Operations on EIPs
- Authorizing Sub-account Access to Perform Operations on Specific CVM
- Authorizing Sub-account Access to Perform Operations on CVMs in Specific Region
- Authorizing Sub-account Full Access to CVMs Except Payment
- VPC
- Authorizing Sub-account Access to Perform Operations on Specific VPC and Resources of This VPC
- Authorizing Sub-account Access to Perform Operations on VPC Except on Routing Table
- Authorizing Sub-account Access to Perform Operations on VPN
- Authorizing Sub-account Full Access to VPCs
- Authorizing a Sub-account Full Access to VPCs Except Payment
- Authorizing Sub-account Read-only Access to VPCs
- VOD
- Others
- API Documentation
- History
- Introduction
- API Category
- User APIs
- DescribeSafeAuthFlagColl
- CreateGroup
- UpdateUser
- UpdateGroup
- RemoveUserFromGroup
- ListUsersForGroup
- ListUsers
- ListGroupsForUser
- ListGroups
- GetUser
- GetGroup
- DeleteUser
- DeleteGroup
- AddUserToGroup
- AddUser
- SetMfaFlag
- GetCustomMFATokenInfo
- ConsumeCustomMFAToken
- ListCollaborators
- ListAccessKeys
- PutUserPermissionsBoundary
- DeleteUserPermissionsBoundary
- DescribeSubAccounts
- GetSecurityLastUsed
- GetAccountSummary
- GetUserAppId
- UpdateAccessKey
- DeleteAccessKey
- CreateAccessKey
- Making API Requests
- Identity Provider APIs
- Policy APIs
- UpdatePolicy
- ListPolicies
- ListEntitiesForPolicy
- ListAttachedUserPolicies
- ListAttachedGroupPolicies
- GetPolicy
- DetachUserPolicy
- DetachGroupPolicy
- DeletePolicy
- CreatePolicy
- AttachUserPolicy
- AttachGroupPolicy
- SetDefaultPolicyVersion
- ListPolicyVersions
- GetPolicyVersion
- DeletePolicyVersion
- CreatePolicyVersion
- ListAttachedUserAllPolicies
- Role APIs
- UpdateRoleDescription
- UpdateAssumeRolePolicy
- ListAttachedRolePolicies
- GetRole
- DetachRolePolicy
- DescribeRoleList
- DeleteRole
- CreateRole
- AttachRolePolicy
- UpdateRoleConsoleLogin
- GetServiceLinkedRoleDeletionStatus
- DeleteServiceLinkedRole
- CreateServiceLinkedRole
- PutRolePermissionsBoundary
- DeleteRolePermissionsBoundary
- DescribeSafeAuthFlag
- DescribeSafeAuthFlagIntl
- UntagRole
- TagRole
- Data Types
- Error Codes
- FAQs
- Glossary
Fundamental information
| Product | Abbreviation in CAM | Console | Authorization by Tag | Authorization Granularity | IP Restriction |
|---|---|---|---|---|---|
| TDSQL for MySQL | dcdb | Supported | Supported | Resource level | Partially supported |
Note:
The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.
- Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
- Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
- Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.
API authorization granularity
Two authorization granularity levels of API are supported: resource level, and operation level.
- Resource level: It supports the authorization of a specific resource.
- Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.
Write operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| ActivateFromPolaris | activate instance from polaris service. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | not supported |
| ActiveDedicatedDBInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| ActiveHourDCDBInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| AssociateSecurityGroups | Associate security groups | Resource level | qcs::dcdb::uin/${uin}:instance/${InstanceId} | Supported |
| BindPolarisForDcn | bind polaris service for DCN instances. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| CancelDcnJob | stop the DCN sync connection。 | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| CloseDBExtranetAccess | This API is used to disable public network access for a TencentDB instance, which will make the public IP address inaccessible. The DescribeDCDBInstances API will not return the public domain name and port information of the corresponding instance. |
Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| CopyAccountPrivileges | This API is used to copy the permissions of a TencentDB account.Note: Accounts with the same username but different hosts are different accounts. Permissions can only be copied between accounts with the same Readonly attribute. |
Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| CreateDCDBInstance | Operation level | * | not supported | |
| CreateDedicatedClusterDCDBInstance | - | Operation level | * | Supported |
| CreateHourDCDBInstance | Operation level | * | Supported | |
| CreateOnlineDDLJob | Create online DDL job | Resource level | qcs::dcdb::uin/${uin}:instance/${InstanceId} | Supported |
| CreateTmpDCDBInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| DeleteTmpInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | not supported | |
| DestroyDCDBInstance | - | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | Supported |
| DestroyHourDCDBInstance | - | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | Supported |
| FlushBinlog | FlushBinlog | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | Supported |
| InitDCDBInstances | This API is used to initialize instances, including setting the default character set and table name case sensitivity. | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| IsolateDCDBInstance | IsolateDCDBInstance | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| IsolateDedicatedDBInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| IsolateFromPolaris | isolate instance from polaris service. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | not supported |
| KillSession | - | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | Supported |
| ModifyAccount | ModifyAccount | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| ModifyAccountConfig | Modify some user configurations, such as max_ user_ connections | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| ModifyAccountPrivileges | - | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | Supported |
| ModifyAutoRenewFlag | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| ModifyBackupConfigs | modify backup configs | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| ModifyBackupDownloadRestriction | - | Operation level | * | Supported |
| ModifyBackupTime | - | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| ModifyDBEncryptAttributes | This interface is used for modify DB encryption attributes. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| ModifyDBInstanceSecurityGroups | Modify instance security groups | Resource level | qcs::dcdb::uin/${uin}:instance/${InstanceId} | Supported |
| ModifyDBInstancesProject | This API is used to modify the project to which TencentDB instances belong. | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| ModifyInstanceNetwork | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| ModifyInstanceRemark | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | not supported | |
| ModifyInstanceSSLAttributes | This interface is used to modify instance ssl attributes. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| ModifyInstanceVip | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| ModifyInstanceVport | - | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | Supported |
| ModifyLogFileRetentionPeriod | This API is used to modify the number of days for retention of database backup logs. | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| ModifyRealServerAccessStrategy | - | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| OpenDBExtranetAccess | This API is used to enable public network access for a TencentDB instance. After that, you can access the instance with the public domain name and port obtained through the DescribeDCDBInstances API. |
Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| ReleaseNetResource | Release reserved network resources | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| RenewDCDBInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| RestartDBInstances | - | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | Supported |
| StartSmartDBA | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| SwitchDBInstanceHA | SwitchDBInstanceHA | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| SwitchDcnJob | switch the master and slave dcn instances. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| SwitchRollbackInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | not supported | |
| TerminateDedicatedDBInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| UnbindPolaris | unbind polaris service for DCN instances. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| UpgradeDedicatedDCDBInstance | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
Read operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| CheckIpStatus | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| CloneAccount | Operation level | * | Supported | |
| CreateAccount | Create Account | Operation level | * | Supported |
| DeleteAccount | Operation level | * | Supported | |
| DescribeAccountPrivileges | Operation level | * | Supported | |
| DescribeAccounts | This API is used to query the list of accounts of a specified TencentDB instance. | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| DescribeBackupConfigs | describe backup configs | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| DescribeBackupDownloadRestriction | - | Operation level | * | Supported |
| DescribeBackupFiles | - | Operation level | * | Supported |
| DescribeBackupMonitorData | - | Operation level | * | Supported |
| DescribeBackupOverview | - | Operation level | * | Supported |
| DescribeBackupSummaries | - | Operation level | * | Supported |
| DescribeBackupTime | - | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| DescribeBatchDCDBRenewalPrice | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| DescribeCommonDBInstances | Get instance list | Operation level | * | Supported |
| DescribeDBCharsets | Get character set information | Operation level | * | Supported |
| DescribeDBDetailMetrics | - | Resource level | qcs::dcdb:region:uin/account:instance/instanceId | not supported |
| DescribeDBEncryptAttributes | This interface is used to describe DB encryption attributes. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| DescribeDBEngines | Get DB engine version list | Operation level | * | Supported |
| DescribeDBInstanceHAInfo | DescribeDBInstanceHAInfo | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| DescribeDBInstanceRsip | Describe instance rsip | Resource level | qcs::dcdb::uin/${uin}:instance/${InstanceId} | Supported |
| DescribeDBLogFiles | Operation level | * | Supported | |
| DescribeDBMetrics | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | not supported | |
| DescribeDBParameters | This API is used to get the current parameter settings of a database. | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| DescribeDBSecurityGroups | Describe instance security groups | Resource level | qcs::dcdb::uin/${uin}:instance/${InstanceId} | Supported |
| DescribeDBSlowLogAnalysis | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| DescribeDBSlowLogs | Operation level | * | Supported | |
| DescribeDBSyncMode | Operation level | * | Supported | |
| DescribeDBTmpInstances | DescribeDBTmpInstances | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| DescribeDCDBBinlogTime | Operation level | * | Supported | |
| DescribeDCDBInstanceDetail | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| DescribeDCDBInstanceNodeInfo | Get instance node info | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| DescribeDCDBInstanceShardInfo | DescribeDCDBInstanceShardInfo | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| DescribeDCDBInstances | Operation level | * | Supported | |
| DescribeDCDBPrice | Operation level | * | Supported | |
| DescribeDCDBRenewalPrice | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| DescribeDCDBRollbackInstances | DescribeDCDBRollbackInstances | Resource level | qcs::${ApiModule}:${Region}:uin/:instance/${InstanceId} | Supported |
| DescribeDCDBSaleInfo | Query available zones for sale | Operation level | * | Supported |
| DescribeDCDBShards | Describe DCDB shards info | Operation level | * | Supported |
| DescribeDCDBUpgradePrice | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| DescribeDatabaseObjects | Operation level | * | Supported | |
| DescribeDatabaseTable | This API is used to query the table information of a TencentDB instance. | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| DescribeDatabases | Operation level | * | Supported | |
| DescribeDcnDetail | DescribeDcnDetail | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| DescribeDcnRelations | list all DCN instances. | Operation level | * | Supported |
| DescribeFenceShardSpec | Operation level | * | Supported | |
| DescribeFileDownloadUrl | - | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| DescribeFlow | This API is used to query flow status. | Operation level | * | Supported |
| DescribeInstanceProxyConfig | This interface is used to describe instance proxy config. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| DescribeInstanceSSLAttributes | This interface is used to describe DB SSL attributes. | Resource level | qcs::dcdb:${region}:uin/${uin}:instance/instanceId | Supported |
| DescribeInstances | Describe instances | Operation level | * | Supported |
| DescribeLatestCloudDBAReport | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported | |
| DescribeLogFileRetentionPeriod | Operation level | * | Supported | |
| DescribeOrders | Operation level | * | Supported | |
| DescribeProjectSecurityGroups | This API is used to query the security group details of a project. | Resource level | qcs::dcdb:${Region}:uin/:instance/${InstanceId} | Supported |
| DescribeProjects | This API is used to query the project list. | Operation level | * | Supported |
| DescribePublicKey | Describe public key | Operation level | * | Supported |
| DescribeShardSpec | Operation level | * | Supported | |
| DescribeUserTasks | DescribeUserTasks | Operation level | * | Supported |
| DisassociateSecurityGroups | Disassociate instance security groups | Resource level | qcs::dcdb::uin/${uin}:instance/${InstanceId} | Supported |
| GrantAccountPrivileges | Operation level | * | Supported | |
| IsolateHourDCDBInstance | IsolateHourDCDBInstance | Resource level | qcs::dcdb::uin/${uin}:instance/${InstanceId} | Supported |
| ModifyAccountDescription | Operation level | * | Supported | |
| ModifyDBParameters | Operation level | * | Supported | |
| ModifyDBSyncMode | Operation level | * | Supported | |
| ResetAccountPassword | Reset Password | Operation level | * | Supported |
| UpgradeDCDBInstance | upgrade instance | Operation level | * | Supported |
| UpgradeHourDCDBInstance | Operation level | * | Supported |
Yes
No
Was this page helpful?