Introduction
Cloud Access Management (CAM) helps you securely manage permissions for most Tencent Cloud services. This document provides information on the products and services that support CAM in multiple dimensions, such as authorization granularity, console operation, authorization by tag, and reference documentation.
The table below lists Tencent Cloud services that support CAM.
Definitions:
Product: The name of Tencent Cloud services that support CAM. You can click on them to the corresponding service documentation for quick access to relevant information.
Abbreviation in CAM: Abbreviation of Tencent Cloud services that support CAM
Authorization granularity: The finest authorization granularity currently supported by the service.
Note:
Three authorization granularity levels are supported: service level, operation level, and resource level.
- Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service.
- Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
- Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.
Console: Whether sub-accounts can access the service through the console. "✓" means yes, while "-" means no.
Authorization by tag: Whether the service supports using tags for permission management. "✓" means yes, while "-" means no.
Reference document: Link to the document on CAM-based access control for the service. - means no documentation available yet.
Compute
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Auto Scaling |
as |
Resource level |
Supported |
Supported |
Reference Document |
BatchCompute |
batch |
Resource level |
Supported |
Supported |
Reference Document |
Channel Business Management |
cbm |
Operation level |
Supported |
not supported |
Reference Document |
Cloud Dedicated Zone |
cdz |
Operation level |
Supported |
not supported |
Reference Document |
Cloud Virtual Machine |
cvm |
Resource level |
Supported |
Supported |
Reference Document |
Lighthouse |
lighthouse |
Resource level |
Supported |
not supported |
Reference Document |
TencentCloud Automation Tools |
tat |
Resource level |
Supported |
not supported |
Reference Document |
Edge Computing
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Edge Computing Machine |
ecm |
Resource level |
Supported |
Supported |
Reference Document |
Container
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Tencent Cloud Mesh |
tcm |
Resource level |
Supported |
Supported |
Reference Document |
Tencent Container Registry |
tcr |
Resource level |
Supported |
Supported |
Reference Document |
Tencent Kubernetes Engine |
tke |
Resource level |
Supported |
Supported |
Reference Document |
Distributed cloud
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Dedicated Cluster |
cdc |
Resource level |
Supported |
not supported |
Reference Document |
Microservice
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Tencent Cloud Elastic Microservice |
tem |
Resource level |
Supported |
Supported |
Reference Document |
Serverless
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
EventBridge |
eb |
Resource level |
Supported |
Supported |
Reference Document |
Serverless Cloud Function |
scf |
Resource level |
Supported |
Supported |
Reference Document |
Essential Storage Service
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud File Storage |
cfs |
Resource level |
Supported |
Supported |
Reference Document |
Cloud HDFS |
chdfs |
Resource level |
Supported |
Supported |
Reference Document |
COS |
cos |
Resource level |
Supported |
Supported |
Reference Document |
Data Process and Analysis
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Infinite |
ci |
Resource level |
Supported |
Supported |
Reference Document |
Cloud Log Service |
cls |
Resource level |
Supported |
Supported |
Reference Document |
Data Migration
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Migration |
msp |
Operation level |
Supported |
not supported |
Reference Document |
Relational Database
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Database |
cdb |
Resource level |
Supported |
Supported |
Reference Document |
Cloud Native Database TDSQL-C |
cynosdb |
Resource level |
Supported |
Supported |
Reference Document |
TencentDB For PostgreSQL |
postgres |
Resource level |
Supported |
Supported |
Reference Document |
TencentDB for SQL Server |
sqlserver |
Resource level |
Supported |
Supported |
Reference Document |
Enterprise Distributed DBMS
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
TDSQL for MySQL |
dcdb |
Resource level |
Supported |
Supported |
Reference Document |
NoSQL Database
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
TencentDB for CTSDB |
ctsdb |
Resource level |
Supported |
Supported |
Reference Document |
Cloud MongoDB |
mongodb |
Resource level |
Supported |
Supported |
Reference Document |
TencentDB for TcaplusDB |
tcaplusdb |
Resource level |
Supported |
Supported |
Reference Document |
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
TencentDB for DBbrain |
dbbrain |
Resource level |
Supported |
not supported |
Reference Document |
Database Expert Service |
dbexpert |
Resource level |
Supported |
not supported |
Reference Document |
Database Management Console |
dmc |
Resource level |
Supported |
not supported |
Reference Document |
Data Transfer Service |
dts |
Resource level |
Supported |
Supported |
Reference Document |
Networking
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Loader Balance |
clb |
Resource level |
Supported |
Supported |
Reference Document |
Physical Direct Connect |
dc |
Resource level |
Supported |
Supported |
Reference Document |
vpc |
vpc |
Resource level |
Supported |
Supported |
Reference Document |
CDN and Acceleration
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
CDN |
cdn |
Resource level |
Supported |
Supported |
Reference Document |
Enterprise Content Delivery Network |
ecdn |
Resource level |
Supported |
Supported |
Reference Document |
Global Application Acceleration Platform |
gaap |
Resource level |
Supported |
Supported |
Reference Document |
Network Security
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Firewall |
cfw |
Operation level |
Supported |
not supported |
Reference Document |
Tencent Cloud EdgeOne |
teo |
Resource level |
Supported |
Supported |
Reference Document |
Endpoint Security
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Workload Protection |
cwp |
Resource level |
Supported |
Supported |
Reference Document |
Tencent Container Security Service |
tcss |
Operation level |
Supported |
not supported |
Reference Document |
Data Security
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Bastion Host |
bh |
Operation level |
Supported |
not supported |
Reference Document |
Data Security Governance Center |
dsgc |
Operation level |
Supported |
not supported |
Reference Document |
Key Management Service |
kms |
Resource level |
Supported |
Supported |
Reference Document |
Secrets Manager |
ssm |
Resource level |
Supported |
Supported |
Reference Document |
Business Security
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Audio Moderation System |
ams |
Operation level |
Supported |
not supported |
Reference Document |
captcha |
captcha |
Resource level |
Supported |
not supported |
Reference Document |
Customer Identity and Access MAnagement |
ciam |
Operation level |
Supported |
not supported |
Reference Document |
Image Moderation System |
ims |
Operation level |
Supported |
not supported |
Reference Document |
Risk Control Engine |
rce |
Operation level |
Supported |
not supported |
Reference Document |
Text Moderation System |
tms |
Operation level |
Supported |
not supported |
Reference Document |
Video Moderation System |
vm |
Operation level |
Supported |
not supported |
Reference Document |
Application Security
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Mobile Application Security |
ms |
Service level |
Supported |
not supported |
Reference Document |
Security Token Service |
sts |
Resource level |
Supported |
not supported |
Reference Document |
Vulnerability Scan Service |
vss |
Operation level |
Supported |
not supported |
Reference Document |
cloudWaf |
waf |
Resource level |
Supported |
Supported |
Reference Document |
Domains & Websites
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
dns |
dnspod |
Resource level |
Supported |
not supported |
Reference Document |
Domain |
domain |
Operation level |
Supported |
not supported |
Reference Document |
HTTPDNS |
httpdns |
Resource level |
Supported |
Supported |
Reference Document |
Private DNS |
privatedns |
Resource level |
Supported |
not supported |
Reference Document |
SSL Certification |
ssl |
Resource level |
Supported |
Supported |
Reference Document |
Big Data
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Data Warehouse ClickHouse |
cdwch |
Resource level |
Supported |
Supported |
Reference Document |
Cloud Data Warehouse PostgreSQL |
cdwpg |
Resource level |
Supported |
Supported |
Reference Document |
Data Lake Compute |
dlc |
Resource level |
Supported |
Supported |
Reference Document |
Elasticsearch MapReduce |
emr |
Resource level |
Supported |
Supported |
Reference Document |
Elasticsearch Service |
es |
Resource level |
Supported |
Supported |
Reference Document |
Oceanus stream computing |
oceanus |
Resource level |
Supported |
Supported |
Reference Document |
WeData |
wedata |
Resource level |
Supported |
not supported |
Reference Document |
Image Creation
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
FaceFusion |
facefusion |
Service level |
Supported |
not supported |
Reference Document |
Voice Technology
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Automatic Speech Recognition |
asr |
Resource level |
Supported |
Supported |
Reference Document |
TextToSpeech |
tts |
Operation level |
Supported |
not supported |
Reference Document |
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Image Creation Large Model |
aiart |
Operation level |
Supported |
not supported |
Reference Document |
Tencent Cloud AI Digital Human |
ivh |
Operation level |
Supported |
not supported |
Reference Document |
Natural Language Processing
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
TMT |
tmt |
Operation level |
Supported |
not supported |
Reference Document |
Optical Character Recognition
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
OCR |
ocr |
Resource level |
Supported |
not supported |
Reference Document |
Middleware
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
CKafka |
ckafka |
Resource level |
Supported |
Supported |
Reference Document |
Cloud Message Queue |
cmq |
Resource level |
Supported |
not supported |
Reference Document |
RocketMQ |
trocket |
Resource level |
Supported |
not supported |
Reference Document |
Communication
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
IM |
im |
Resource level |
Supported |
Supported |
Reference Document |
Simple Email Service-ses |
ses |
Operation level |
Supported |
not supported |
Reference Document |
Short Message Service |
sms |
Resource level |
Supported |
Supported |
Reference Document |
Tencent Push Notification Service |
tpns |
Resource level |
Supported |
Supported |
Reference Document |
Interactive Video Services
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Low-code interactive classroom |
lcic |
Operation level |
Supported |
not supported |
Reference Document |
Tencent Real-Time Communication |
trtc |
Resource level |
Supported |
Supported |
Reference Document |
Stream Services
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
StreamLink |
mdc |
Operation level |
Supported |
not supported |
Reference Document |
StreamLive |
mdl |
Operation level |
Supported |
not supported |
Reference Document |
StreamPackage |
mdp |
Operation level |
Supported |
not supported |
Reference Document |
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
VOD |
vod |
Resource level |
Supported |
Supported |
Reference Document |
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Media Processing Service |
mps |
Resource level |
Supported |
not supported |
Reference Document |
Cloud Real-time Rendering
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Application Rendering |
car |
Operation level |
Supported |
not supported |
Reference Document |
Game Services
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Game Multimedia Engine |
gme |
Resource level |
Supported |
Supported |
Reference Document |
Education Sevices
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Tencent Interactive Whiteboard |
tiw |
Resource level |
Supported |
Supported |
Reference Document |
Cloud Resource Management
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Tencent Cloud Advisor |
advisor |
Operation level |
Supported |
not supported |
Reference Document |
Cloud API |
api |
Operation level |
Supported |
not supported |
Reference Document |
Identity Aware Platform |
iap |
Operation level |
Supported |
not supported |
Reference Document |
Tencent Cloud Mini Program Platform |
tcmpp |
Operation level |
Supported |
not supported |
Reference Document |
Tencent Cloud Infrastructure as Code |
tic |
Service level |
Supported |
not supported |
Reference Document |
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Cloud Access Management |
cam |
Operation level |
Supported |
not supported |
Reference Document |
Cloud Audit |
cloudaudit |
Operation level |
Supported |
not supported |
Reference Document |
Control Center |
controlcenter |
Resource level |
Supported |
not supported |
Reference Document |
Tencent Cloud Organization |
organization |
Operation level |
Supported |
not supported |
Reference Document |
Monitor and Operation
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
Application Performance Management |
apm |
Resource level |
Supported |
Supported |
Reference Document |
cat |
cat |
Operation level |
Supported |
not supported |
Reference Document |
Real User Monitoring |
rum |
Resource level |
Supported |
Supported |
Reference Document |
More
Product |
Abbreviation in CAM |
Authorization Granularity |
Console |
Authorize by Tag |
Reference Document |
International Partners Management |
intlpartnersmgt |
Operation level |
Supported |
not supported |
Reference Document |
Was this page helpful?