Product | Role Name | Role Types | Role Entity |
---|---|---|---|
TDSQL for MySQL | DCDB_QCSLinkedRoleInKMS | Service-Related Roles | kms.dcdb.cloud.tencent.com |
TDSQL for MySQL | DCDB_QCSLinkedRoleInTSE | Service-Related Roles | tse.dcdb.cloud.tencent.com |
TDSQL for MySQL | DCDB_QCSLinkedRoleInDBLog | Service-Related Roles | DBLog.dcdb.cloud.tencent.com |
Use Cases: The current role is the DCDB service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"resource": [
"*"
],
"action": [
"kms:GetServiceStatus",
"kms:CreateKey",
"kms:GenerateDataKey",
"kms:Decrypt",
"kms:Encrypt",
"kms:ReEncrypt",
"kms:EnableKey",
"kms:EnableKeyRotation",
"kms:ListKeyDetail",
"kms:DescribeKey",
"kms:ListKey"
]
}
]
}
Use Cases: The current role is the DCDB service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"statement": [
{
"action": [
"tse:CreateGovernanceStrategy",
"tse:DescribeGovernanceMainToken",
"tse:DescribeGovernanceInstances",
"tse:DescribeGovernanceServices",
"tse:CreateGovernanceInstances",
"tse:DeleteGovernanceInstances",
"tse:ModifyGovernanceServices",
"tse:DescribeGovernanceStrategies",
"tse:DescribeSREInstances",
"tse:ModifyGovernanceInstances",
"tse:DescribeGovernanceNamespaces",
"tse:DescribeGovernanceAuthStrategies"
],
"effect": "allow",
"resource": "*"
}
],
"version": "2.0"
}
Use Cases: The current role is the DCDB service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
{
"version": "2.0",
"statement": [
{
"effect": "allow",
"action": [
"cls:ModifyKafkaRecharge",
"cls:CreateKafkaRecharge",
"cls:DescribeKafkaRecharges",
"cls:DeleteKafkaRecharge",
"cls:DeleteCloudProductLogTask"
],
"resource": "*"
}
]
}
문제 해결에 도움이 되었나요?