QcloudCLSReadOnlyAccess
, name it CLSReadOnly
, and copy its RoleArn
information.${YOUR_UIN}
with the account UIN (the resource content is the RoleArn
of the created role; modify the policy name in case of any inconsistency). Click Next and set Policy Name to PlayClsPolicy
.{"version": "2.0","statement": [{"effect": "allow","action":["sts:AssumeRole"],"resource": ["qcs::cam::uin/${YOUR_UIN}:roleName/CLSReadOnly"]}]}
PlayClsPolicy
created in the previous step. After submitting the user creation operation, copy the generated SecretId
and SecretKey
.ReadMe
content of the demo project, create the .env
file in the root directory and enter the required parameters RoleArn
, SecretId
, and SecretKey
.SecretId
and SecretKey
, thereby affecting your account security. We recommend that you use a key in a more secure manner as instructed in the TencentCloud API key security solution and use a sub-account key with the least privilege.ReadMe
document of the demo program for login-free implementation.s_url
of CLS (optional). If you enter the obtained address in the configuration file of the login-free project, access to the login-free service will be automatically redirected to this address.
The basic address of the CLS search and analysis page:https://console.tencentcloud.com/cls/search?region=<region>&topic_id=<topic_id>
Parameter | Required | Type | Description |
region | Yes | String | Region abbreviation, e.g., ap-shanghai for Shanghai region. For other available region abbreviations, see Available Regions |
topic_id | No | String | Log topic ID |
logset_name | No | String | Logset name |
topic_name | No | String | Log topic name |
time | No | String | Time range for log search. Format example:2021-07-15T10:00:00.000,2021-07-15T12:30:00.000 |
queryBase64 | No | String | Search and analysis statement, which is base64Url-encoded |
hideWidget | No | Boolean | Indicates whether to hide agent/documentation button in the bottom-right corner. `true`: Yes; `false`: No (default) |
hideTopNav | No | Boolean | Indicates whether to hide the top navigation bar in the Tencent Cloud console. `true`: Yes; `false`: No (default) |
hideLeftNav | No | Boolean | Indicates whether to hide the left navigation bar in the Tencent Cloud console. `true`: Yes; `false`: No (default) |
hideTopicSelect | No | Boolean | Indicates whether to hide the log topic selection controls (including the region, logset, and log topic controls). `true`: Yes; `false`: No (default) |
hideHeader | No | Boolean | Indicates whether to hide the log topic selection control and the row where the control resides. `true`: Yes; `false`: No (default). This parameter is valid only when `hideTopicSelect` is `true`. |
hideTopTips | No | Boolean | Indicates whether to hide the announcements on the top of the page. `true`: Yes; `false`: No (default) |
hideConfigMenu | No | Boolean | Indicates whether to hide the log topic configuration management menu. `true`: Yes; `false`: No (default) |
hideLogDownload | No | Boolean | Indicates whether to hide the raw log download button. `true`: Yes; `false`: No (default) |
SecretId
and SecretKey
, thereby affecting your account security. We recommend that you use a key in a more secure manner as instructed in the TencentCloud API key security solution and use a sub-account key with the least privilege.RoleArn
, SecretId
, and SecretKey
information.s_url
as needed as instructed in Demo Code for Login-Free Implementation. Parameter | Required | Type | Description |
action | Yes | String | Action; fixed as `roleLogin` |
timestamp | Yes | Int | Current timestamp |
nonce | Yes | Int | Random integer. Value range: 10000-100000000 |
secretId | Yes | String | Temporary AK returned by STS |
action=roleLogin&nonce=67439&secretId=AKI***PLE×tamp=1484793352
Parameter | Required | Description |
Request CVM and path | Yes | Fixed as cloud.tencent.com/login/roleAccessCallback |
Request method | Yes | GET or POST |
GETcloud.tencent.com/login/roleAccessCallback?action=roleLogin&nonce=67439&secretId=AKI***PLE×tamp=1484793352
$secretKey = 'Gu5***1qA';$srcStr = 'GETcloud.tencent.com/login/roleAccessCallback?action=roleLogin&nonce=67439&secretId=×tamp=1484793352';$signStr = base64_encode(hash_hmac('sha1', $srcStr, $secretKey, true));echo $signStr;
$secretId = "AKI***"; //Temporary AK returned by STS$secretKey = "Gu5***PLE"; //Temporary SecretKey returned by STS$token = "ADE***fds"; //Security Token returned by STS$param["nonce"] = 11886; //rand(10000,100000000);$param["timestamp"] = 1465185768; //time();$param["secretId"] = $secretId;$param["action"] = "roleLogin";ksort($param);$signStr = "GETcloud.tencent.com/login/roleAccessCallback?";foreach ( $param as $key => $value ) {$signStr = $signStr . $key . "=" . $value . "&";}$signStr = substr($signStr, 0, -1);$signature = base64_encode(hash_hmac("sha1", $signStr, $secretKey, true));echo $signature.PHP_EOL;
https://cloud.tencent.com/login/roleAccessCallback?algorithm=<Encryption algorithm for signing. Currently, only `sha1` and `sha256` are supported. `sha1` will be used by default if the parameter is not specified.>&secretId=<secretId for signing>&token=<Temporary key token>&nonce=<nonce for signing>×tamp=<Timestamp for signing>&signature=<Signature string>&s_url=<Destination URL after login>
https://cloud.tencent.com/login/roleAccessCallback?nonce=52055817&s_url=https%3A%2F%2Fconsole.tencentcloud.com%2Fcls%2Fsearch%3Fregion%3Dap-guangzhou%26start_time%3D2020-05-26%25252014%25253A01%25253A18%26end_time%3D2020-05-26%25252014%25253A16%25253A18&secretId=AKID-vHJ7WPHcy_RVIOm-QTIktXOf9S9z_k_JackOp3dyQPJwmDrNLQJuiNuw9******&signature=eXeWaDn6iJlcPp1sqqGd6m9%2FQk****×tamp=1592455018&token=5e4vuBHL7fBQPi1V9fvSINw4Vu7PSr9Ic3de78b86109c171eb4e3ea27c137c1fIWKU8JC-LO01L87sIYlfTSaHHXeHcqim7Jg9hBuN2nbdfgeBUPXhmpyAk4G6e9bHFZ-7yNRig7Y33CQHxh6jOesP4VfhRzQprWGRtC5No1ty******-aoj_WJhA55oyvqaqxw2jtTdh8nx9OjJr3tlbIa9oJe7aZYoPbdpFqrF6ZjlCPPap2yQB_SkUsWwDl_9BrK2Km3U2IocdvQ7QxrW0ts1aiBi7xtTSJRcfkBYPYEV_YoJrtkhYW3E4L47imA1bfVAjM9F5uKWzVzsDGDT0aCUU9mqdb4vjJrY8tm-wJKKEe8eiyY9EbkH3VWnFV2YocYNDJqFyjKOWR******
문제 해결에 도움이 되었나요?