tencent cloud

피드백

Example of Authorization Solution of TCR Individual

마지막 업데이트 시간:2022-05-09 12:41:24

    Policy Configuration in Typical Scenarios

    Note:

    The following scenario policies are only used for TCR Individual use cases.

    • Grant a sub-account the full read/write permissions for all resources in TCR Individual.

      {
      "version": "2.0",
      "statement": [{
        "action": [
            "tcr:*"
        ],
        "resource": [
            "qcs::tcr:::repo/*"
        ],
        "effect": "allow"
      }]
      }
      
    • Grant a sub-account the read-only permission for all resources in TCR Individual (former Image Repositories in TKE).

      {
      "version": "2.0",
      "statement": [{
        "action": [
            "tcr:Describe*",
            "tcr:PullRepository*"
        ],
        "resource": [
            "qcs::tcr:::repo/*"
        ],
        "effect": "allow"
      }]
      }
      
    • Grant a sub-account permissions to manage the specific namespace in the specific region. For example, the namespace team-01 in the default region.

      {
      "version": "2.0",
      "statement": [{
            "action": [
                "tcr:*"
            ],
            "resource": [
                "qcs::tcr:::repo/team-01",
                "qcs::tcr:::repo/team-01/*"
            ],
            "effect": "allow"
        }
      ]
      }
      
    • Grant a sub-account the read-only permission for an image repository, which means that the sub-account can only pull the images in the image repository instead of deleting the repository, modifying repository attributes, or pushing images. For example, the image repository repo-demo in the namespace team-01 in the default region.

      {
      "version": "2.0",
      "statement": [{
            "action": [
                "tcr:Describe*",
                "tcr:PullRepositoryPersonal"
            ],
            "resource": [
                "qcs::tcr:::repo/team-01",
                "qcs::tcr:::repo/team-01/repo-demo",
                "qcs::tcr:::repo/team-01/repo-demo/*"
            ],
            "effect": "allow"
        }
      ]
      }
      
    문의하기

    고객의 업무에 전용 서비스를 제공해드립니다.

    기술 지원

    더 많은 도움이 필요하시면, 티켓을 통해 연락 바랍니다. 티켓 서비스는 연중무휴 24시간 제공됩니다.

    연중무휴 24시간 전화 지원