Product | Abbreviation in CAM | Console | Authorization by Tag | Authorization Granularity | IP Restriction |
---|---|---|---|---|---|
TencentCloud Automation Tools | tat | Supported | not supported | Resource level | Partially supported |
Note:
The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.
Two authorization granularity levels of API are supported: resource level, and operation level.
API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
---|---|---|---|---|
CancelInvocation | CancelInvocation | Resource level | qcs::cvm:${region}:uin/${uin}:instance/${instanceId} | Supported |
CreateCommand | CreateCommand | Operation level | * | Supported |
CreateInvoker | CreateInvoker | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
CreateRegisterCode | Interface for creating registration codes. | Operation level | * | Supported |
DeleteCommand | DeleteCommand | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
DeleteCommands | The parameter interface is used to delete commands in batches. | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
DeleteInvoker | DeleteInvoker | Resource level | qcs::tat:${region}:uin/${uin}:invoker/${invokerId} | Supported |
DeleteRegisterCode | The interface is used to delete the registration key. | Resource level | qcs::tat:${region}:uin/${uin}:register-code/${registerCodeId} | Supported |
DeleteRegisterCodes | The parameter interface is used to delete registration codes in batches. | Resource level | qcs::tat:${region}:uin/${uin}:register-code/${registerCodeId} | Supported |
DeleteRegisterInstance | Interface for deleting managed instances. | Resource level | qcs::tat:${region}:uin/${uin}:register-instance/${registerInstanceId} | Supported |
Deletecommands | The parameter interface is used to delete commands in batches. | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
DisableInvoker | DisableInvoker | Resource level | qcs::tat:${region}:uin/${uin}:invoker/${invokerId} | Supported |
DisableRegisterCode | This interface is used to disable registration code. | Resource level | qcs::tat:${region}:uin/${uin}:register-code/${registerCodeId} | Supported |
DisableRegisterCodes | The parameter interface is used to disable registration codes in batches. | Resource level | qcs::tat:${region}:uin/${uin}:register-code/${registerCodeId} | Supported |
EnableInvoker | EnableInvoker | Resource level | qcs::tat:${region}:uin/${uin}:invoker/${invokerId} | Supported |
InvokeCommand | InvokeCommand | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} qcs::cvm:${region}:uin/${uin}:instance/${instanceId} |
Supported |
ModifyCommand | ModifyCommand | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
ModifyInstancesFeatureStatus | Modify feature status of instance | Resource level | qcs::tat:${region}:uin/${uin}:instance/${instanceId} | Supported |
ModifyInvoker | ModifyInvoker | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} qcs::tat:${region}:uin/${uin}:invoker/${invokerId} |
Supported |
ModifyQuota | Operate User Quota Information | Resource level | qcs::tat:${region}:uin/${uin}:instance/${instance} | not supported |
ModifyRegisterInstance | Interface for modifying managed instance information. | Resource level | qcs::tat:${region}:uin/${uin}:register-instance/${registerInstanceId} | Supported |
PreviewReplacedCommandContent | PreviewReplacedCommandContent | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
RunCommand | RunCommand | Resource level | qcs::cvm:${region}:uin/${uin}:instance/${instanceId} | Supported |
StartSession | Start a session | Resource level | qcs::tat:${region}:uin/${uin}:instance/${instanceId} | not supported |
StartSessionWithMFA | Start Session With MFA | Resource level | qcs::tat:${region}:uin/${uin}:instance/${instance} | Supported |
API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
---|---|---|---|---|
DescribeAllResourcesCount | DescribeAllResourcesCount | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | not supported |
DescribeInstancesFeatureStatus | Describe features status of instances | Resource level | qcs::tat:${region}:uin/${uin}:instance/${instance} | Supported |
DescribeInvokerRecords | DescribeInvokerRecords | Resource level | qcs::tat:${region}:uin/${uin}:invoker/${invokerId} | Supported |
DescribeInvokers | DescribeInvokers | Resource level | qcs::tat:${region}:uin/${uin}:invoker/${invokerId} | Supported |
DescribeQuotas | Query user quota information | Resource level | qcs::tat:${region}:uin/${uin}:instance/${instance} | not supported |
DescribeRegisterCodes | The interface is used to query the registration code information. | Resource level | qcs::tat:${region}:uin/${uin}:register-code/${registerCodeId} | Supported |
DescribeRegisterInstances | The interface is used to query registered instance information. | Resource level | qcs::tat:${region}:uin/${uin}:register-instance/${registerInstanceId} | Supported |
API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
---|---|---|---|---|
DescribeAutomationAgentStatus | DescribeAutomationAgentStatus | Resource level | qcs::cvm:${region}:uin/${uin}:instance/${instanceId} | not supported |
DescribeCommands | DescribeCommands | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
DescribeInvocationTasks | DescribeInvocationTasks | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} qcs::cvm:${region}:uin/${uin}:instance/${instanceId} |
Supported |
DescribeInvocations | DescribeInvocations | Resource level | qcs::tat:${region}:uin/${uin}:command/${commandId} | Supported |
DescribeScenes | DescribeScenes | Operation level | * | not supported |
문제 해결에 도움이 되었나요?