Cloud Access Management
- Product Introduction
- Getting Started
- User Guide
- Users
- Sub-Users
- Sub-User Security Credentials
- Collaborators
- Collaborator Security Credentials
- Message Recipients
- User Settings
- User Groups
- Role
- Identity Provider
- User-Based SSO
- Role-Based SSO
- Policies
- Definition
- Authorization Guide
- Syntax Logic
- Element Reference
- CAM-Enabled Role
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Middleware
- Interactive Video Services
- Media On-Demand
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- CAM-Enabled API
- Compute
- Edge Computing
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- Database SaaS Tool
- CDN and Acceleration
- Network Security
- Endpoint Security
- Business Security
- Application Security
- Domains & Websites
- Big Data
- Voice Technology
- Image Creation
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Interactive Video Services
- Stream Services
- Media On-Demand
- Media Process Services
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Cloud Resource Management
- Management and Audit Tools
- Monitor and Operation
- Practical Tutorial
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- CVM
- VPC
- API Documentation
- User APIs
- Role APIs
- Making API Requests
- Identity Provider APIs
- Policy APIs
Virtual Private Cloud
Last updated: 2025-03-26 10:08:56
Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.
| Product | Role Name | Role Types | Role Entity |
|---|---|---|---|
| vpc | VPC_QCSLinkedRoleInEipTat | Service-Related Roles | eiptat.vpc.cloud.tencent.com |
| vpc | VPC_QCSLinkedRoleInSnapshot | Service-Related Roles | snapshot.vpc.cloud.tencent.com |
| vpc | VPC_QCSLinkedRoleInVpcflowlog | Service-Related Roles | vpcflowlog.vpc.cloud.tencent.com |
| vpc | VPC_QCSLinkedRoleInPrivateLink | Service-Related Roles | privatelink.vpc.cloud.tencent.com |
| vpc | VPC_QCSLinkedRoleInFlowLogAdvanceAnalysis | Service-Related Roles | flowlogadvanceanalysis.vpc.cloud.tencent.com |
VPC_QCSLinkedRoleInEipTat
Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
- Policy Name: QcloudAccessForVpcLinkedRoleInEipTat
- Policy Information:
{
"statement": [
{
"action": [
"tat:DescribeCommands",
"tat:DescribeInvocations",
"tat:DescribeInvocationTasks",
"tat:CreateCommand",
"tat:DeleteCommand",
"tat:InvokeCommand",
"tat:RunCommand"
],
"effect": "allow",
"resource": [
"*"
]
}
],
"version": "2.0"
}
VPC_QCSLinkedRoleInSnapshot
Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
- Policy Name: QcloudAccessForVPCLinkedRoleInSnapshot
- Policy Information:
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"action": [
"cos:GetService",
"cos:HeadBucket",
"cos:GetBucket",
"cos:PutBucket",
"cos:ListMultipartUploads",
"cos:GetObject*",
"cos:HeadObject",
"cos:GetBucketObjectVersions",
"cos:OptionsObject",
"cos:ListParts",
"cos:DeleteObject",
"cos:PostObject",
"cos:PostObjectRestore",
"cos:PutObject*",
"cos:InitiateMultipartUpload",
"cos:UploadPart",
"cos:UploadPartCopy",
"cos:CompleteMultipartUpload",
"cos:AbortMultipartUpload",
"cos:DeleteMultipleObjects",
"cos:AppendObject"
],
"resource": "*"
}
]
}
VPC_QCSLinkedRoleInVpcflowlog
Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
- Policy Name: QcloudAccessForVPCLinkedRoleInVpcflowlog
- Policy Information:
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"resource": [
"*"
],
"action": [
"ckafka:DescribeInstances",
"ckafka:DescribeTopic",
"ckafka:DescribeRoute",
"ckafka:DeleteRoute",
"ckafka:DescribeInstanceAttributes",
"ckafka:DescribeInstancesDetail",
"ckafka:CreateRoute"
]
}
]
}
VPC_QCSLinkedRoleInPrivateLink
Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
- Policy Name: QcloudAccessForVPCLinkedRoleInPrivateLink
- Policy Information:
{
"version": "2.0",
"statement": [
{
"action": [
"redis:DescribeInstances",
"cdb:DescribeDBInstances",
"clb:DescribeGatewayLoadBalancers",
"mongodb:DescribeDBInstances"
],
"resource": "*",
"effect": "allow"
}
]
}
VPC_QCSLinkedRoleInFlowLogAdvanceAnalysis
Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
- Policy Name: QcloudAccessForVPCRoleInFlowLogAdvanceAnalysis
- Policy Information:
{
"version": "2.0",
"statement": [
{
"action": [
"cls:DescribeLogsets",
"cls:CreateLogset",
"cls:CreateTopic",
"cls:DescribeTopics",
"cls:DeleteTopic",
"cls:DescribeIndex",
"cls:ModifyIndex",
"cls:CreateIndex",
"cls:DeleteIndex",
"cls:GetDashboard",
"cls:CreateDashboard",
"cls:DeleteDashboard",
"cls:ModifyDashboard",
"cls:ListDashboard",
"cls:pushLog"
],
"resource": "*",
"effect": "allow"
}
]
}
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No