tencent cloud

Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.

TEO_QCSLinkedRoleInCertlist

Use Cases： The current role is the TEO service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices

• Policy Name： QcloudAccessForTEOLinkedRoleInCertlist
• Policy Information：

{
    "version": "2.0",
    "statement": [
        {
            "effect": "allow",
            "resource": [
                "*"
            ],
            "action": [
                "ssl:DescribeCertificate",
                "ssl:DescribeCertificateDetail",
                "ssl:DescribeCertificates",
                "ssl:DownloadCertificate",
                "ssl:ModifyCertificateAlias",
                "ssl:UploadCertificate"
            ]
        }
    ]
}

TEO_QCSLinkedRoleInUpstreamgw

Use Cases： The current role is the teo service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices

• Policy Name： QcloudAccessForTEOLinkedRoleInUpstreamgw
• Policy Information：

{
    "statement": [
        {
            "action": [
                "vpc:DescribeVpcs",
                "vpc:DescribeSubnets"
            ],
            "effect": "allow",
            "resource": [
                "*"
            ]
        }
    ],
    "version": "2.0"
}

TEO_QCSLinkedRoleInDnspodaccessEO

Use Cases： The current role is the TEO service linked role, which will query the status of the domain name you have connected to the DNSPod product and related resolution records within the scope of the associated policy, and help you quickly complete the resolution modification in the scenario of one-click resolution modification, which will accelerate the service switch to EO.
Authorization Polices

• Policy Name： QcloudAccessForteoLinkedRoleInDnspodaccesEO
• Policy Information：

{
    "version": "2.0",
    "statement": [
        {
            "effect": "allow",
            "action": [
                "dnspod:CreateRecord",
                "dnspod:ModifyRecordStatus",
                "dnspod:DescribeRecordList",
                "dnspod:ModifyRecord",
                "dnspod:DescribeDomain"
            ],
            "resource": "*"
        }
    ]
}

TEO_QCSLinkedRoleInRealTimeLogCLS

Use Cases： The current role is the TEO service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices

• Policy Name： QcloudAccessForTEORealTimeLogCLS
• Policy Information：

{
    "version": "2.0",
    "statement": [
        {
            "action": [
                "cls:pushLog",
                "cls:searchLog",
                "cls:listLogset",
                "cls:getLogset",
                "cls:listTopic",
                "cls:getTopic",
                "cls:createTopic",
                "cls:modifyTopic",
                "cls:deleteTopic",
                "cls:createLogset",
                "cls:modifyLogset",
                "cls:deleteLogset",
                "cls:downloadLog",
                "cls:getIndex",
                "cls:modifyIndex",
                "cls:CreateIndex"
            ],
            "resource": "*",
            "effect": "allow"
        }
    ]
}