tencent cloud

PrevNext

피드백

키워드를 검색하세요

Recent Pages

문서
Cloud Access Management
    문서
    Download PDF

    TencentDB for MongoDB

    마지막 업데이트 시간:2024-11-12 09:23:35
    PDF 다운로드

      Fundamental information

      Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
      Cloud MongoDB mongodb Supported Supported Resource level Partially supported

      Note:

      The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

      • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
      • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
      • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

      API authorization granularity

      Two authorization granularity levels of API are supported: resource level, and operation level.

      • Resource level: It supports the authorization of a specific resource.
      • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

      Write operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      AddFlashbackFilters Added collections that supports flashback by key Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} not supported
      AssignProject AssignProject Operation level * Supported
      BackupDBInstance Backup DB Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      CreateAccountUser Create Account User Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      CreateBackupDBInstance CreateBackupDBInstance Operation level * Supported
      CreateBackupDownloadTask Create Backup Download Task Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      CreateDBInstance CreateDBInstance Resource level qcs::mongodb::uin/${uin}:instance/*
      qcs::vpc::uin/${uin}:vpc/${vpcId}
      qcs::vpc::uin/${uin}:subnet/${subnetId}
      qcs::cvm::uin/${uin}:sg/${sgId}      		 not supported
      CreateDBInstanceHour CreateDBInstanceHour Resource level qcs::mongodb::uin/${uin}:instance/*
      qcs::vpc::uin/${uin}:vpc/${vpcId}
      qcs::vpc::uin/${uin}:subnet/${subnetId}
      qcs::cvm::uin/${uin}:sg/${sgId}      		 Supported
      CreateDBInstanceParamTpl Create database parameter template Operation level * Supported
      CreateLogDownloadTask CreateLogDownloadTask Resource level qcs::mongodb:${Region}:uin/${uin}:instance/$instance Supported
      DeleteAccountUser Delete Account User Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DeleteBackupDownloadTask DeleteBackupDownloadTask Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeCreateDBInstancesParam DescribeCreateDBInstancesParam Operation level * not supported
      DropDBInstanceParamTpl Drop database parameter template Operation level * Supported
      EnableSRVConnectionUrl EnableSRVConnectionUrl Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      EnableTransparentDataEncryption Enable data transparent encryption for mongo instances Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      ExchangeInstance Exchange Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      FlashBackDBInstance Execute flashback by key Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      FlushInstanceRouterConfig FlushInstanceRouterConfig Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      IsolateDBInstance IsolateDBInstance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      KillOps KillOps Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      MigrateInstanceAdjustReverseRunTime migrate instance to the cloudbase and adjust the reverse runtime Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} not supported
      MigrateInstanceSwitchSignal migrate instance to cloudbase and initiate switch Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} not supported
      MigrateInstanceToCloudBase migrate instance to cloudbase Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} not supported
      ModifyDBInstanceNetworkAddress ModifyDBInstanceNetworkAddress Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      ModifyDBInstanceNodeProperty modify DB instance node property Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      ModifyDBInstanceParamTpl Modify database parameter template Operation level * Supported
      ModifyDBInstanceSecurityGroup ModifyDBInstanceSecurityGroup Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      ModifyDBInstanceSpec ModifyDBInstanceSpec Resource level qcs::mongodb::uin/${uin}:instance/$instance Supported
      ModifyDBInstancesChargeType ModifyDBInstancesChargeType Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      ModifyInstanceParams ModifyInstanceParams Resource level qcs::mongodb::uin/${uin}:instance/$instance Supported
      ModifySRVConnectionUrl ModifySRVConnectionUrl Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      OfflineIsolatedDBInstance Offline Isolated DB Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      OpenDBInstanceNodeIp open node Ip Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      PromoteDBInstanceToActive PromoteDBInstanceToActive Resource level qcs::mongodb::uin/${uin}:instance/${instance} Supported
      ReleaseIsolatedDBInstances ReleaseIsolatedDBInstances Operation level * Supported
      RemoveCloneInstance Remove Clone Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      RenameCollection RenameCollection Operation level * not supported
      RenameInstance Rename Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      RenewDBInstances RenewDBInstances Operation level * Supported
      RenewInstance Renew Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      ResetDBInstancePassword ResetDBInstancePassword Operation level * Supported
      ResizeOplog Resize Oplog Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      RestartInstance Restart Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      RestartNodes restart nodes Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      RestoreDBInstance Restore DB Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      RestoreDatabases RestoreDatabases Operation level * not supported
      SetAccountUserPrivilege SetAccountUserPrivilege Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      SetAutoRenew Set Auto Renew Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      SetBackupRules set backup rules Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      SetInstanceFormal Set Instance Formal Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      SetInstanceMaintenance Set Instance Maintenance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      SetMultiRegionBackup SetMultiRegionBackup Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      SetPassword Set Password Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      SetReadOnlyToNormal Set ReadOnly to Normal Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      SetUserDesc SetUserDesc Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      StartFlashback Enable key flashback log upload Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      SwitchDBInstancePrimary Switch Primary Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      TerminateDBInstance Terminate DB Instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      TerminateDBInstanceHour Terminate DB Instance Hour Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      TerminateDBInstances TerminateDBInstances Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      UpgradeDBInstance UpgradeDBInstance Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      UpgradeDBInstanceHour Upgrade DB Instance Hour Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      UpgradeDBInstanceKernelVersion This interface (UpgradeDBInstanceKernelVersion) is used to upgrade the database instance kernel version. Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      UpgradeDbInstanceVersion This interface upgrades the database version. Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported

      Read operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      CheckDBInstanceLocalResize Check whether the instance can quickly change spec Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      CheckMigrateInstanceToCloudBase check whether the migration instance can be migrated to the cloudbase Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} not supported
      CheckMongoDBLinkedKmsRole Determine whether the current user already has the cam role required by the cloud product mongo to call kms Operation level * Supported
      CheckWhiteListRecordExist CheckWhiteListRecordExist Operation level * Supported
      DeleteLogDownloadTask DeleteLogDownloadTask Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeAccountUsers Describe Account Users Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeAsyncRequestInfo DescribeAsyncRequestInfo Operation level * Supported
      DescribeAuditInstanceList This API (DescribeAuditInstanceList) can query the list of audit instances that are activated and deactivated Operation level * not supported
      DescribeBackupAccess Describe Backup Access Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      DescribeBackupDownloadTask Describe Backup Download Task Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeBackupRules DescribeBackupRules Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeClientConnections DescribeClientConnections Resource level qcs::mongodb::uin/${uin}:instance/$instance not supported
      DescribeConnectionStatus DescribeConnectionStatus Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeCurrentOp DescribeCurrentOp Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeCustomMasterKeyList Get the master key list of user\\\\\\\'s kms Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      DescribeDBBackups Describe DB Backups Resource level qcs::mongodb::uin/${uin}:instance/$instance Supported
      DescribeDBInstanceDeal DescribeDBInstanceDeal Operation level * Supported
      DescribeDBInstanceNodeProperty describe DB instance node property Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      DescribeDBInstanceParamTpl Query all MongoDB database parameter templates under an account Operation level * Supported
      DescribeDBInstanceParamTplDetail Query parameter template details Operation level * Supported
      DescribeDBInstanceURL describe DB Instance URL Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      DescribeDBInstanceVersion This interface is used to obtain the kernel version information of the MongoDB instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      DescribeDBInstances DescribeDBInstances Resource level qcs::mongodb::uin/${uin}:instance/$instance not supported
      DescribeFlashbackFilters Obtain database table information that supports flashback by key Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      DescribeInstanceDB Describe Instance DB Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeInstanceDatabases DescribeInstanceDatabases Operation level * Supported
      DescribeInstanceParamRecords DescribeInstanceParamRecords Resource level qcs::mongodb::uin/${uin}:instance/$instance Supported
      DescribeInstanceParams DescribeInstanceParams Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeInstanceRestoreInfo DescribeInstanceRestoreInfo Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeLogDownloadTasks DescribeLogDownloadTasks Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeMigrateInstanceDetail migrate instance to the cloudbase, describe migration details Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} not supported
      DescribeMongoDBLinkedClbRole Describe MongoDB Linked ClbRole Operation level * Supported
      DescribeMongodbLogs DescribeMongodbLogs Operation level * Supported
      DescribeRenewDBInstancesParam DescribeRenewDBInstancesParam Operation level * not supported
      DescribeSecurityGroup DescribeSecurityGroup Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeSlowLogPatterns DescribeSlowLogPatterns Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeSlowLogs DescribeSlowLogs Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeSpecInfo DescribeDBInstanceDeal Operation level * not supported
      DescribeTransparentDataEncryptionStatus Get whether transparent data encryption is turned on for the current instance Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      DescribeWanServiceHealth Describe WanService Health Resource level qcs::mongodb:${region}:uin/${uin}:instance/${instance} Supported
      DisableSRVConnectionUrl DisableSRVConnectionUrl Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      GetPublicKey GetPublicKey Operation level * Supported
      InquirePriceCreateDBInstances Inquire Price Create DBInstances Operation level * Supported
      InquirePriceModifyDBInstanceSpec InquirePriceModifyDBInstanceSpec Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      InquirePriceRenewDBInstances InquirePriceRenewDBInstances Resource level qcs::mongodb::uin/${uin}:instance/$instance Supported

      List Operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      DescribeInstanceTaskInfo Describe Instance Task Infomation Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance not supported
      DescribeSlowLog Describe Slow Log Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      DescribeSlowLogPattern Describe SlowLog Parttern Resource level qcs::mongodb:${region}:uin/${uin}:instance/$instance Supported
      문의하기

      고객의 업무에 전용 서비스를 제공해드립니다.

      문의하기
      기술 지원

      더 많은 도움이 필요하시면, 티켓을 통해 연락 바랍니다. 티켓 서비스는 연중무휴 24시간 제공됩니다.

      티켓 제출
      연중무휴 24시간 전화 지원
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      개인정보 처리방침서비스 약관쿠키 정책