Product | Role Name | Role Types | Role Entity |
---|---|---|---|
Tencent Cloud Advisor | Advisor_QCSLinkedRoleInBusinessContinuity | Service-Related Roles | businesscontinuity.advisor.cloud.tencent.com |
Use Cases: The current role is the Advisor service role, this role is used to Advisor to access CVM, VPC, COS and other service resources, without the need for user escrow keys, and the operation is more efficient and safe.
Authorization Polices
{
"version": "2.0",
"statement": [
{
"action": [
"cvm:Describe*",
"cvm:Inquiry*",
"vpc:Describe*",
"vpc:Inquiry*",
"vpc:Get*",
"monitor:Describe*",
"monitor:Get*",
"cam:ListUsersForGroup",
"cam:ListGroups",
"cam:GetGroup",
"clb:Describe*",
"cos:List*",
"cos:Get*",
"cos:Head*",
"cos:OptionsObject",
"cdb:Describe*",
"mongodb:Describe*",
"redis:Describe*",
"redis:Get*",
"redis:Inquiry*",
"es:Describe*",
"emr:Describe*",
"emr:Inquiry*",
"emr:Check*",
"emr:List*",
"emr:Describle*",
"cloudaudit:LookUpEvents",
"cdn:Describe*",
"cdn:Get*",
"cdn:List*",
"ssl:Describe*",
"tag:Get*",
"ckafka:Get*",
"ckafka:List*",
"ckafka:Describe*",
"tdmq:Describe*",
"scf:Get*",
"scf:List*",
"cam:GetRole",
"cam:ListAttachedRolePolicies",
"cls:getLogset",
"cls:getTopic",
"cls:listTopic",
"apigw:Describe*",
"cmqtopic:GetTopicAttributes",
"cmqtopic:GetSubscriptionAttributes",
"tsf:Describe*",
"tsf:Get*",
"tsf:List*",
"tsf:Search*",
"tsf:Find*",
"tsf:ImageUserIsExists",
"tsf:ImageGetRepositoryList",
"tsf:DscribeTasks",
"tbase:Describe*",
"tdach:Describe*",
"tdapg:Describe*",
"dcdb:Describe*",
"tke:Describe*",
"live:Describe*",
"im:Describe*",
"im:CheckIfIMNewUser",
"cfw:Describe*",
"waf:WafGet*",
"waf:WAFGetUserInfo",
"waf:WafDownloadAlerts",
"waf:WafPackagePrice",
"waf:WafAreaBanGetAreas",
"waf:WafFreqGetRuleList",
"waf:WafAntiFakeGetUrl",
"waf:WafInterface",
"waf:WafClsOverview",
"waf:QueryFlows",
"waf:WafDownloadRecords",
"waf:WafDownloadlogs",
"waf:WafSearchLogs",
"waf:WafDNSdetectGet*",
"waf:BotGet*",
"waf:Get*",
"waf:Search*",
"waf:BotV2Get*",
"wss:CertGetList",
"waf:Describe*",
"tag:DescribeResourceTagsByResourceIds",
"mariadb:Describe*",
"antiddos:Describe*",
"cam:DescribeSafeAuthFlagColl",
"cam:ListUsers",
"cam:DescribeSubAccounts",
"ccs:DescribeCluster",
"sms:SmsPackagesStatistics",
"domain:*",
"sms:CallbackStatusStatistics",
"sms:SendStatusStatistics",
"dc:DescribeDirectConnects",
"dc:DescribeDirectConnectTunnels",
"trtc:Describe*",
"trtc:Get*",
"trtc:ShowRoomList",
"trtc:ShowUserList",
"trtc:RemindBalance",
"trtc:HardDescribeMixConf",
"memcached:DescribeInstances",
"cynosdb:DescribeClusterDetail",
"cynosdb:DescribeRollbackTimeValidity",
"cynosdb:DescribeRollbackTimeRange",
"cynosdb:DescribeInstanceSpecs",
"cynosdb:DescribeInstances",
"cynosdb:DescribeInstanceDetail",
"cynosdb:DescribeDBSecurityGroups",
"cynosdb:DescribeClusters",
"cynosdb:DescribeClusterInstanceGrps",
"cynosdb:DescribeBackupList",
"cynosdb:DescribeBackupConfig",
"cynosdb:DescribeAccounts",
"dnspod:DescribeDomain",
"dnspod:DescribeDomainList",
"dnspod:DescribeDomainLogList",
"dnspod:DescribeDomainPurview",
"dnspod:DescribeDomainShareInfo",
"dnspod:DescribeRecord",
"dnspod:DescribeRecordLineList",
"dnspod:DescribeRecordList",
"dnspod:DescribeRecordType",
"dnspod:DescribeUserDetail",
"vod:DescribeCDNStatDetails",
"vod:DescribeSubAppIds",
"vod:DescribeDefaultDistributionConfig",
"vod:DescribeVodDomains",
"cwp:DescribeVulList",
"cfs:DescribeCfsFileSystems",
"cfs:DescribeAutoSnapshotPolicies",
"cfs:DescribeCfsSnapshots",
"sms:DescribeAppList",
"sms:DescribeVerificationCodeStatistic",
"sms:DescribeAntiBrushThreshold",
"tke:CreateInstantInspectJob",
"tke:DescribeInstantInspectTask",
"cloudaudit:DescribeEvents",
"clb:DescribeQuota",
"cdb:QueryCDBProxy",
"clb:DescribeClusterResources",
"ssl:DescribeCertificateBindResources",
"monitor:GetIntegrationProductList",
"monitor:DescribeOneClickAlarmConfigs",
"monitor:DescribeAlarmPolicies",
"antiddos:DescribeListProtocolBlockConfig",
"cloudhsm:DescribeVsms",
"kms:GetServiceStatus",
"as:DescribeAutoScalingInstances",
"billing:DescribeCostSummaryByProduct",
"finance:DescribeBillSummaryByProduct",
"tke:ListClusterInspectionResultsItems",
"tke:ListClusterInspectionResults",
"dnspod:DescribeSnapshotConfig",
"dnspod:DescribeDomainFilterList",
"dc:DoDcHealthInspection",
"teo:DescribeDefaultCertificates",
"teo:DescribeHostsSetting",
"teo:DescribeRules",
"teo:DescribeZones",
"csip:DescribeRiskCenterAssetViewVULRiskList",
"csip:DescribeRiskCenterAssetViewPortRiskList",
"csip:DescribePublicIpAssets",
"csip:DescribeDomainAssets",
"csip:DescribeCVMAssets",
"csip:DescribeClusterPodAssets",
"csip:DescribeDbAssets",
"lighthouse:DescribeInstances",
"dbbrain:DescribeDBDiagEvent",
"dbbrain:DescribeDBDiagEvents",
"live:CheckLiveHostBackupOriginSite",
"tse:DescribeCloudNativeAPIGateways",
"tse:DescribeSREInstances",
"dbbrain:DescribeSqlFilters",
"postgres:DescribeDBInstanceAttribute",
"postgres:DescribeDBInstances",
"postgres:DescribeZones",
"tdmq:DescribeRocketMQCluster",
"ckafka:DescribeInstanceAttributes",
"teo:DescribeSecurityPolicy",
"teo:DescribeDDoSPolicy",
"gaap:DescribeProxies",
"teo:DescribeZoneDDoSPolicy",
"tdmq:DescribeRabbitMQVipInstances",
"tcb:DescribeBillingInfo",
"tcb:DescribeQuotaData",
"tcb:DescribeBaasPackageList",
"vod:DescribeTranscodeTemplates",
"cam:MonitorGetProject",
"monitor:GetProjectsList",
"redis:DescribeInstances",
"ckafka:DescribeTopicDetail",
"ckafka:DescribeInstancesDetail",
"tcb:DescribeEnvs",
"tsf:DescribeGroupAttribute",
"tsf:DescribeContainerGroups",
"tsf:DescribeGroups",
"tsf:DescribeApplications",
"vpc:DescribeCcns",
"vpc:DescribeCcnAttachedInstances",
"vpc:GetCcnRegionBandwidthLimits",
"mariadb:DescribeDBInstanceDetail",
"dcdb:DescribeDCDBInstanceDetail",
"sqlserver:DescribeDBInstances",
"cdb:DescribeRoGroups",
"tdmq:DescribeRocketMQClusters",
"tdmq:DescribeRocketMQNamespaces",
"tdmq:DescribeRocketMQTopics",
"tdmq:DescribeRocketMQGroups",
"trocket:DescribeInstanceList",
"trocket:DescribeTopicList",
"trocket:DescribeConsumerGroupList",
"cos:HeadBucket",
"es:SmartAdvisorManage",
"finance:DescribeDosageCosDetailByDate",
"cynosdb:Describe*",
"teo:Describe*",
"cetcd:Describe*",
"as:DescribeAutoScalingGroups",
"organization:DescribeOrganization",
"organization:DescribeOrganizationMembers",
"apm:DescribeApmInstances",
"apm:DescribeTagValues",
"apm:DescribeMetricRecords",
"apm:DescribeServiceNodes",
"apm:DescribeServiceOverview",
"keewidb:Describe*"
],
"resource": "*",
"effect": "allow"
},
{
"action": [
"tke:AcquireClusterKubeConfigForProduct"
],
"effect": "allow",
"resource": [
"qcs::tke::*:cluster\/*",
"qcs::tke::*:k8s\/*\/pods\/*\/get",
"qcs::tke::*:k8s\/*\/pods\/*\/list",
"qcs::tke::*:k8s\/*\/namespaces\/*\/get",
"qcs::tke::*:k8s\/*\/namespaces\/*\/list",
"qcs::tke::*:k8s\/*\/ingresses\/*\/get",
"qcs::tke::*:k8s\/*\/ingresses\/*\/list",
"qcs::tke::*:k8s\/*\/services\/*\/get",
"qcs::tke::*:k8s\/*\/services\/*\/list",
"qcs::tke::*:k8s\/*\/deployments\/*\/get",
"qcs::tke::*:k8s\/*\/deployments\/*\/list",
"qcs::tke::*:k8s\/*\/daemonsets\/*\/get",
"qcs::tke::*:k8s\/*\/daemonsets\/*\/list",
"qcs::tke::*:k8s\/*\/statefulsets\/*\/get",
"qcs::tke::*:k8s\/*\/statefulsets\/*\/list"
]
}
]
}
문제 해결에 도움이 되었나요?