tencent cloud

피드백

Tencent Cloud Organization

마지막 업데이트 시간:2024-11-26 10:00:41

    Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.

    Product Role Name Role Types Role Entity
    Tencent Cloud Organization Orgnization_QCSLinkedRoleInCIC Service-Related Roles cic.organization.cloud.tencent.com
    Tencent Cloud Organization Organization_QCSLinkedRoleInDefaultMng Service-Related Roles defaultmng.organization.cloud.tencent.com
    Tencent Cloud Organization Orgnization_QCSLinkedRoleInServiceControl Service-Related Roles servicecontrol.orgnization.cloud.tencent.com

    Orgnization_QCSLinkedRoleInCIC

    Use Cases: The current role is the Organization service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
    Authorization Polices

    • Policy Name: QcloudAccessForOrganizationLinkedRoleInCIC
    • Policy Information:
    {
        "version": "2.0",
        "statement": [
            {
                "effect": "allow",
                "action": [
                    "cam:AttachRolesPolicy",
                    "cam:GetRole",
                    "cam:CreateRole",
                    "cam:DeleteRole",
                    "cam:CreatePolicy",
                    "cam:DeletePolicy",
                    "cam:UpdatePolicy",
                    "cam:GetPolicy",
                    "cam:ListPolicies",
                    "cam:CreateSAMLProvider",
                    "cam:DeleteSAMLProvider",
                    "cam:UpdateSAMLProvider",
                    "cam:AddUser",
                    "cam:DeleteUser",
                    "cam:UpdateUser",
                    "cam:CreateSubAccounts",
                    "cam:DeleteUser",
                    "organization:DescribeOrganization",
                    "organization:CreateOrgMemberProductServiceRole",
                    "cam:AttachRolePolicies",
                    "cam:DetachRolePolicies",
                    "cam:DescribeCICUserSAMLConfig",
                    "cam:AddSubAccount",
                    "cam:GetUser",
                    "cam:UpdateSubAccountType",
                    "cam:CheckSubAccountName",
                    "cam:GetSAMLProvider",
                    "cam:CreateCICUserSAMLConfig",
                    "cam:ListAttachedRolePolicies",
                    "organization:DescribeOrganizationMembers",
                    "cam:DeleteApiKey"
                ],
                "resource": "*"
            }
        ]
    }
    

    Organization_QCSLinkedRoleInDefaultMng

    Use Cases: The current role is the Organization service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
    Authorization Polices

    • Policy Name: QcloudAccessForOrganizationLinkedRoleInDefaultMng
    • Policy Information:
    {
        "version": "2.0",
        "statement": [
            {
                "action": [
                    "finance:DescribeBillSummaryByProduct",
                    "cam:GetAccountSummary",
                    "intlpartnersmgt:DescribeBillSummaryByProduct"
                ],
                "resource": "*",
                "effect": "allow"
            }
        ]
    }
    

    Orgnization_QCSLinkedRoleInServiceControl

    Use Cases: The current role is the Orgnization service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
    Authorization Polices

    • Policy Name: QcloudAccessForOrganizationLinkedRoleInServiceControl
    • Policy Information:
    {
        "version": "2.0",
        "statement": [
            {
                "effect": "allow",
                "resource": [
                    "*"
                ],
                "action": [
                    "cam:CreateServiceLinkedRole",
                    "cam:DeleteServiceLinkedRole",
                    "cam:GetRole",
                    "cam:CreateRole",
                    "cam:AttachRolePolicy",
                    "cam:DeleteRole"
                ]
            }
        ]
    }
    
    문의하기

    고객의 업무에 전용 서비스를 제공해드립니다.

    기술 지원

    더 많은 도움이 필요하시면, 티켓을 통해 연락 바랍니다. 티켓 서비스는 연중무휴 24시간 제공됩니다.

    연중무휴 24시간 전화 지원