- Product Introduction
- Purchase Guide
- Getting Started
- User Guide
- Overview
- Users
- Access Key
- User Groups
- Role
- Identity Provider
- SSO Overview
- Practical Scenarios for SSO
- User-Based SSO
- Role-Based SSO
- Overview
- Overview of SAML Role-Based SSO
- Overview of OIDC Role-Based Single Sign-On
- SAML 2.0-Based Federation
- Accessing Tencent Cloud Console as SAML 2.0 Federated Users
- Creating a SAML IdP
- Creating an OIDC Identity Provider
- Managing IdPs
- Azure Active Directory Single Sign-On
- OneLogin Single Sign-On
- Okta Single Sign-On
- ADFS SSO to Tencent Cloud
- Implementing OIDC-Based Role-Based SSO
- Policies
- Permissions Boundary
- Troubleshooting
- Downloading Security Analysis Report
- CAM-Enabled Role
- Overview
- Compute
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Middleware
- Interactive Video Services
- Media On-Demand
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- CAM-Enabled API
- Overview
- Compute
- Edge Computing
- Container
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Endpoint Security
- Data Security
- Business Security
- Application Security
- Domains & Websites
- Big Data
- Voice Technology
- Image Creation
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Middleware
- Communication
- Interactive Video Services
- Stream Services
- Media On-Demand
- Media Process Services
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- More
- Practical Tutorial
- Security Practical Tutorial
- Multi-Identity Personnel Permission Management
- Authorizing Certain Operations by Tag
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Reviewing Employee Operation Records on Tencent Cloud
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- During tag-based authentication, only tag key matching is supported
- Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- Authorizing Sub-account Full Access to Specific Directory
- Authorizing Sub-account Read-only Access to Files in Specific Directory
- Authorizing Sub-account Read/Write Access to Specific File
- Authorizing Sub-account Read-only Access to COS Resources
- Authorizing a Sub-account Read/Write Access to All Files in Specified Directory Except Specified Files
- Authorizing Sub-account Read/Write Access to Files with Specified Prefix
- Authorizing Another Account Read/Write Access to Specific Files
- Authorizing Cross-Account ’s Sub-account Read/Write Access to Specified File
- Authorizing Sub-account Full Access to COS Resources under the Account
- CVM
- Authorizing Sub-account Full Access to CVMs
- Authorizing Sub-account Read-only Access to CVMs
- Authorizing Sub-account Read-only Access to CVM-related Resources
- Authorizing Sub-account Access to Perform Operations on CBSs
- Authorizing Sub-account Access to Perform Operations on Security Groups
- Authorizing Sub-account Access to Perform Operations on EIPs
- Authorizing Sub-account Access to Perform Operations on Specific CVM
- Authorizing Sub-account Access to Perform Operations on CVMs in Specific Region
- Authorizing Sub-account Full Access to CVMs Except Payment
- VPC
- Authorizing Sub-account Access to Perform Operations on Specific VPC and Resources of This VPC
- Authorizing Sub-account Access to Perform Operations on VPC Except on Routing Table
- Authorizing Sub-account Access to Perform Operations on VPN
- Authorizing Sub-account Full Access to VPCs
- Authorizing a Sub-account Full Access to VPCs Except Payment
- Authorizing Sub-account Read-only Access to VPCs
- VOD
- Others
- API Documentation
- History
- Introduction
- API Category
- User APIs
- DescribeSafeAuthFlagColl
- CreateGroup
- UpdateUser
- UpdateGroup
- RemoveUserFromGroup
- ListUsersForGroup
- ListUsers
- ListGroupsForUser
- ListGroups
- GetUser
- GetGroup
- DeleteUser
- DeleteGroup
- AddUserToGroup
- AddUser
- SetMfaFlag
- GetCustomMFATokenInfo
- ConsumeCustomMFAToken
- ListCollaborators
- ListAccessKeys
- PutUserPermissionsBoundary
- DeleteUserPermissionsBoundary
- DescribeSubAccounts
- GetSecurityLastUsed
- GetAccountSummary
- GetUserAppId
- UpdateAccessKey
- DeleteAccessKey
- CreateAccessKey
- Making API Requests
- Identity Provider APIs
- Policy APIs
- UpdatePolicy
- ListPolicies
- ListEntitiesForPolicy
- ListAttachedUserPolicies
- ListAttachedGroupPolicies
- GetPolicy
- DetachUserPolicy
- DetachGroupPolicy
- DeletePolicy
- CreatePolicy
- AttachUserPolicy
- AttachGroupPolicy
- SetDefaultPolicyVersion
- ListPolicyVersions
- GetPolicyVersion
- DeletePolicyVersion
- CreatePolicyVersion
- ListAttachedUserAllPolicies
- Role APIs
- UpdateRoleDescription
- UpdateAssumeRolePolicy
- ListAttachedRolePolicies
- GetRole
- DetachRolePolicy
- DescribeRoleList
- DeleteRole
- CreateRole
- AttachRolePolicy
- UpdateRoleConsoleLogin
- GetServiceLinkedRoleDeletionStatus
- DeleteServiceLinkedRole
- CreateServiceLinkedRole
- PutRolePermissionsBoundary
- DeleteRolePermissionsBoundary
- DescribeSafeAuthFlag
- DescribeSafeAuthFlagIntl
- UntagRole
- TagRole
- Data Types
- Error Codes
- FAQs
- Glossary
- Product Introduction
- Purchase Guide
- Getting Started
- User Guide
- Overview
- Users
- Access Key
- User Groups
- Role
- Identity Provider
- SSO Overview
- Practical Scenarios for SSO
- User-Based SSO
- Role-Based SSO
- Overview
- Overview of SAML Role-Based SSO
- Overview of OIDC Role-Based Single Sign-On
- SAML 2.0-Based Federation
- Accessing Tencent Cloud Console as SAML 2.0 Federated Users
- Creating a SAML IdP
- Creating an OIDC Identity Provider
- Managing IdPs
- Azure Active Directory Single Sign-On
- OneLogin Single Sign-On
- Okta Single Sign-On
- ADFS SSO to Tencent Cloud
- Implementing OIDC-Based Role-Based SSO
- Policies
- Permissions Boundary
- Troubleshooting
- Downloading Security Analysis Report
- CAM-Enabled Role
- Overview
- Compute
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Middleware
- Interactive Video Services
- Media On-Demand
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- CAM-Enabled API
- Overview
- Compute
- Edge Computing
- Container
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Endpoint Security
- Data Security
- Business Security
- Application Security
- Domains & Websites
- Big Data
- Voice Technology
- Image Creation
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Middleware
- Communication
- Interactive Video Services
- Stream Services
- Media On-Demand
- Media Process Services
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- More
- Practical Tutorial
- Security Practical Tutorial
- Multi-Identity Personnel Permission Management
- Authorizing Certain Operations by Tag
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Reviewing Employee Operation Records on Tencent Cloud
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- During tag-based authentication, only tag key matching is supported
- Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- Authorizing Sub-account Full Access to Specific Directory
- Authorizing Sub-account Read-only Access to Files in Specific Directory
- Authorizing Sub-account Read/Write Access to Specific File
- Authorizing Sub-account Read-only Access to COS Resources
- Authorizing a Sub-account Read/Write Access to All Files in Specified Directory Except Specified Files
- Authorizing Sub-account Read/Write Access to Files with Specified Prefix
- Authorizing Another Account Read/Write Access to Specific Files
- Authorizing Cross-Account ’s Sub-account Read/Write Access to Specified File
- Authorizing Sub-account Full Access to COS Resources under the Account
- CVM
- Authorizing Sub-account Full Access to CVMs
- Authorizing Sub-account Read-only Access to CVMs
- Authorizing Sub-account Read-only Access to CVM-related Resources
- Authorizing Sub-account Access to Perform Operations on CBSs
- Authorizing Sub-account Access to Perform Operations on Security Groups
- Authorizing Sub-account Access to Perform Operations on EIPs
- Authorizing Sub-account Access to Perform Operations on Specific CVM
- Authorizing Sub-account Access to Perform Operations on CVMs in Specific Region
- Authorizing Sub-account Full Access to CVMs Except Payment
- VPC
- Authorizing Sub-account Access to Perform Operations on Specific VPC and Resources of This VPC
- Authorizing Sub-account Access to Perform Operations on VPC Except on Routing Table
- Authorizing Sub-account Access to Perform Operations on VPN
- Authorizing Sub-account Full Access to VPCs
- Authorizing a Sub-account Full Access to VPCs Except Payment
- Authorizing Sub-account Read-only Access to VPCs
- VOD
- Others
- API Documentation
- History
- Introduction
- API Category
- User APIs
- DescribeSafeAuthFlagColl
- CreateGroup
- UpdateUser
- UpdateGroup
- RemoveUserFromGroup
- ListUsersForGroup
- ListUsers
- ListGroupsForUser
- ListGroups
- GetUser
- GetGroup
- DeleteUser
- DeleteGroup
- AddUserToGroup
- AddUser
- SetMfaFlag
- GetCustomMFATokenInfo
- ConsumeCustomMFAToken
- ListCollaborators
- ListAccessKeys
- PutUserPermissionsBoundary
- DeleteUserPermissionsBoundary
- DescribeSubAccounts
- GetSecurityLastUsed
- GetAccountSummary
- GetUserAppId
- UpdateAccessKey
- DeleteAccessKey
- CreateAccessKey
- Making API Requests
- Identity Provider APIs
- Policy APIs
- UpdatePolicy
- ListPolicies
- ListEntitiesForPolicy
- ListAttachedUserPolicies
- ListAttachedGroupPolicies
- GetPolicy
- DetachUserPolicy
- DetachGroupPolicy
- DeletePolicy
- CreatePolicy
- AttachUserPolicy
- AttachGroupPolicy
- SetDefaultPolicyVersion
- ListPolicyVersions
- GetPolicyVersion
- DeletePolicyVersion
- CreatePolicyVersion
- ListAttachedUserAllPolicies
- Role APIs
- UpdateRoleDescription
- UpdateAssumeRolePolicy
- ListAttachedRolePolicies
- GetRole
- DetachRolePolicy
- DescribeRoleList
- DeleteRole
- CreateRole
- AttachRolePolicy
- UpdateRoleConsoleLogin
- GetServiceLinkedRoleDeletionStatus
- DeleteServiceLinkedRole
- CreateServiceLinkedRole
- PutRolePermissionsBoundary
- DeleteRolePermissionsBoundary
- DescribeSafeAuthFlag
- DescribeSafeAuthFlagIntl
- UntagRole
- TagRole
- Data Types
- Error Codes
- FAQs
- Glossary
Fundamental information
| Product | Abbreviation in CAM | Console | Authorization by Tag | Authorization Granularity | IP Restriction |
|---|---|---|---|---|---|
| RocketMQ | trocket | Supported | not supported | Resource level | Partially supported |
Note:
The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.
- Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
- Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
- Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.
API authorization granularity
Two authorization granularity levels of API are supported: resource level, and operation level.
- Resource level: It supports the authorization of a specific resource.
- Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.
Write operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| AddMQTTClientSubscription | AddMQTTClientSubscription | Operation level | * | Supported |
| ChangeMigratingTopicToNextStage | Move a migrating topic to next stage | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| CreateChaosTask | Create a chaos task | Resource level | qcs::trocket::uin/${uin}:instance/${InstanceId} | Supported |
| CreateConsumerGroup | Create a consumer group | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/* | Supported |
| CreateInstance | Create a new instance | Resource level | qcs::trocket:${region}:uin/${uin}:instance/* | Supported |
| CreateInstanceEndpoint | Create endpoint | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| CreateMQTTInsInternalEndpoint | CreateMQTTInsInternalEndpoint | Operation level | * | not supported |
| CreateMQTTInsPublicEndpoint | CreateMQTTInsPublicEndpoint | Operation level | * | Supported |
| CreateMQTTInstance | CreateMQTTInstance | Operation level | * | Supported |
| CreateMQTTJWKSAuthenticator | CreateMQTTJWKSAuthenticator | Operation level | * | Supported |
| CreateMQTTTopic | CreateMQTTTopic | Operation level | * | Supported |
| CreateMQTTUser | CreateMQTTUser | Operation level | * | Supported |
| CreateMigrationTask | create migration task | Resource level | qcs::trocket:${region}:uin/${uin}:* | Supported |
| CreatePerformanceTestJob | Create a performance test job | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| CreateRole | Create a role | Resource level | qcs::trocket:${region}:uin/${uin}:role/${instanceId}/* | Supported |
| CreateSmoothMigrationTask | Create a smooth migration task | Operation level | * | Supported |
| CreateTopic | Create a topic | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/* | Supported |
| DeleteConsumerGroup | Delete a consumer group | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| DeleteInstance | Delete an instance | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DeleteInstanceEndpoint | Delete an endpoint | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DeleteMQTTAuthenticator | DeleteMQTTAuthenticator | Operation level | * | Supported |
| DeleteMQTTClientSubscription | DeleteMQTTClientSubscription | Operation level | * | Supported |
| DeleteMQTTInsInternalEndpoint | DeleteMQTTInsInternalEndpoint | Operation level | * | not supported |
| DeleteMQTTInsPublicEndpoint | DeleteMQTTInsPublicEndpoint | Operation level | * | Supported |
| DeleteMQTTInstance | DeleteMQTTInstance | Operation level | * | Supported |
| DeleteMQTTTopic | DeleteMQTTTopic | Operation level | * | Supported |
| DeleteMQTTUser | DeleteMQTTUser | Operation level | * | Supported |
| DeleteRole | Delete a role | Resource level | qcs::trocket:${region}:uin/${uin}:role/${instanceId}/${role} | Supported |
| DeleteSmoothMigrationTask | Delete a smooth migration task | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DeleteTopic | Delet a topic | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| DoHealthCheckOnMigratingTopic | Do health check on a migrating topic | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| ImportACLForSmoothMigration | Import ACL in a smooth migration task. | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| ImportSourceClusterConsumerGroups | Import consumer groups from migrating cluster | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| ImportSourceClusterTopics | Import topics from cluster which is in migration | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| ModifyConsumerGroup | Modify a consumer group | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| ModifyInstance | Modify an instance | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| ModifyInstanceEndpoint | Modify an endpoint | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| ModifyInstancePayMode | Modify an instance pay mode. | Resource level | qcs::trocket::uin/${uin}:instance/${instanceId} | Supported |
| ModifyInstanceStatus | Modify an instance status | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| ModifyMQTTInsPublicEndpoint | ModifyMQTTInsPublicEndpoint | Operation level | * | Supported |
| ModifyMQTTInstance | ModifyMQTTInstance | Operation level | * | Supported |
| ModifyMQTTInstanceCertBinding | ModifyMQTTInstanceCertBinding | Operation level | * | Supported |
| ModifyMQTTJWKSAuthenticator | ModifyMQTTJWKSAuthenticator | Operation level | * | Supported |
| ModifyMQTTTopic | ModifyMQTTTopic | Operation level | * | Supported |
| ModifyMQTTUser | ModifyMQTTUser | Operation level | * | Supported |
| ModifyRole | Modify a role | Resource level | qcs::trocket:${region}:uin/${uin}:role/${instanceId}/${role} | Supported |
| ModifySmoothMigrationTask | Modify a smooth migration task | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| ModifyTopic | modify topic | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| PublishMQTTMessage | PublishMQTTMessage | Operation level | * | Supported |
| RemoveMigratingTopic | Remove a migrating topic | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| ResendDeadLetterMessage | resend deadLetter message | Resource level | qcs::trocket:${region}:uin/${uin}:instance/{InstanceId} | Supported |
| ResetConsumerGroupOffset | Reset consumer group offset | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| RestoreInstance | Restore the RocketMQ cluster | Resource level | qcs::trocket::uin/${uin}:instance/${InstanceId} | Supported |
| RollbackMigratingTopicStage | Rollback migrating topic to previous stage | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| SendMessage | Send a message | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| TerminatePerformanceTestJob | Terminate a performance job | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} | Supported |
Other Operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| CheckMQTTJWKSEndpointConnection | CheckMQTTJWKSEndpointConnection | Operation level | * | Supported |
Read operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| DescribeChaosTask | Describe the running info of chaos task | Operation level | * | Supported |
| DescribeConsumerClient | Describe a consumer client | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| DescribeConsumerClientLag | Describe a consumer client lag | Resource level | qcs::trocket::uin/${uin}:instance/${InstanceId} | Supported |
| DescribeConsumerClientList | Describe consumer clients | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| DescribeConsumerGroup | Describe a consumer group | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| DescribeConsumerLag | Describe a consumer lag number. | Resource level | qcs::trocket::uin/${uin}:instance/${InstanceId} | Supported |
| DescribeConsumerStack | describe consumer stack. | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| DescribeInstance | Describe an instance | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DescribeInstanceDeliveryProgress | Describe an instance delivery progress | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DescribeInstanceTopUsages | Describe instance usages | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DescribeMQTTAuthenticator | DescribeMQTTAuthenticator | Operation level | * | Supported |
| DescribeMQTTClient | DescribeMQTTClient | Operation level | * | Supported |
| DescribeMQTTInsInternalEndpoint | DescribeMQTTInsInternalEndpoint | Operation level | * | not supported |
| DescribeMQTTInsPublicEndpoints | DescribeMQTTInsPublicEndpoints | Operation level | * | Supported |
| DescribeMQTTInsVPCEndpoints | DescribeMQTTInsVPCEndpoints | Operation level | * | Supported |
| DescribeMQTTInstance | DescribeMQTTInstance | Operation level | * | Supported |
| DescribeMQTTInstanceCert | DescribeMQTTInstanceCert | Operation level | * | Supported |
| DescribeMQTTInstanceRealtimeStats | DescribeMQTTInstanceRealtimeStats | Operation level | * | Supported |
| DescribeMQTTMessage | DescribeMQTTMessage | Operation level | * | Supported |
| DescribeMQTTTopic | DescribeMQTTTopic | Operation level | * | Supported |
| DescribeMessage | Describe a message | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| DescribeMessageList | Describe message list | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| DescribeMessageTrace | Describe message traces | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| DescribeMigratingGroupStats | Describe a consumer group\\\\\\\\\\\\\\\'s realtime stats | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeMigratingTopicAccessInfo | Describe access info of a migrating topic | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeMigratingTopicList | Describe a list of migrating topics | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeMigratingTopicStats | Describe statistics of a migrating topic | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeMigrationEndpoints | Describe access endpoints of a migration task | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeMigrationTask | describe migration task | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${TaskId} | Supported |
| DescribeMigrationTaskList | describe migration task list | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | not supported |
| DescribePerformanceTestJob | Describe information of a performance test job | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| DescribePerformanceTestJobMetric | Get metric list of a performance test job | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| DescribePerformanceTestJobNodes | Get execution nodes information of a performance test job | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| DescribeProductSKUs | Describe product skus | Operation level | * | Supported |
| DescribePurchaseConfig | Describe user purchase config | Operation level | * | Supported |
| DescribeRetryMessageList | describe rocketMQ retry message list | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DescribeRocketMQRetryMessageList | describe rocketMQ retry message list | Operation level | * | not supported |
| DescribeSmoothMigrationTask | Describe detail of a migration task | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeSourceClusterGroupList | Describe consume groups of source cluster | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeSourceClusterTopicList | Describe topics of source cluster | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeTopic | Describe a topic | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| DescribeTopicListByGroup | Describe topic list by group | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| DescribeTopicQuota | Describe topic quota. | Resource level | qcs::trocket::uin/${uin}:instance/${InstanceId} | Supported |
| DescribeTopicStatisticalList | Describe topic type and count | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| ExportMessage | Export messages | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
| VerifyMessageConsumption | Verify message consumption | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
List Operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| DescribeConsumerGroupList | Describe consumer group list | Resource level | qcs::trocket:${region}:uin/${uin}:consumerGroup/${instanceId}/${consumerGroup} | Supported |
| DescribeFusionInstanceList | describe fusion instance list | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DescribeFusionMigrationTaskList | describe fusion migration task list | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeInstanceList | Describe a list of instances | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${instanceId} | Supported |
| DescribeMQTTClientList | DescribeMQTTClientList | Operation level | * | Supported |
| DescribeMQTTInstanceList | DescribeMQTTInstanceList | Operation level | * | Supported |
| DescribeMQTTMessageList | DescribeMQTTMessageList | Operation level | * | Supported |
| DescribeMQTTProductSKUList | DescribeMQTTProductSKUList | Operation level | * | Supported |
| DescribeMQTTSubTopic | DescribeMQTTSubTopic | Operation level | * | Supported |
| DescribeMQTTSubscription | DescribeMQTTSubscription | Operation level | * | Supported |
| DescribeMQTTTopicList | DescribeMQTTTopicList | Operation level | * | Supported |
| DescribeMQTTUserList | DescribeMQTTUserList | Operation level | * | Supported |
| DescribePerformanceTestJobList | Get a list of performance test jobs | Resource level | qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} | Supported |
| DescribeRoleList | Describe role list | Resource level | qcs::trocket:${region}:uin/${uin}:role/${instanceId}/${role} | Supported |
| DescribeSmoothMigrationTaskList | Describe a list of smooth migration tasks | Resource level | qcs::trocket:${region}:uin/${uin}:taskId/${taskId} | Supported |
| DescribeTopicList | Describe topic list | Resource level | qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} | Supported |
Yes
No
Was this page helpful?