服务(相关)角色是由腾讯云服务预定义,经用户授权后相应服务即可通过扮演服务相关角色对用户资源进行访问操作。本文档介绍具体服务相关角色的使用场景及相关权限策略信息。
| CAM中产品名 | 角色名称 | 角色类型 | 角色载体 |
|---|---|---|---|
| 腾讯云安灯 | TAndon_QCSLinkedRoleInARTCA | 服务相关角色 | artca.tca.cloud.tencent.com |
| 腾讯云安灯 | TAndon_QCSLinkedRoleInServiceAuth | 服务相关角色 | troubleshoot.tandon.cloud.tencent.com |
| 腾讯云安灯 | TAndon_QCSLinkedRoleInServiceAllaround | 服务相关角色 | serviceallaround.tandon.cloud.tencent.com |
TAndon_QCSLinkedRoleInARTCA
使用场景: 当前角色为腾讯云安灯(TAndon)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForTAndonLinkedRoleInARTCA
- 策略内容:
{ "version": "2.0", "statement": [ { "action": [ "trtc:GetUserList", "trtc:DescribeAppStatList", "trtc:GetRoomList", "trtc:DescribeTrtcInteractiveTime", "trtc:DescribeTrtcMcuTranscodeTime" ], "resource": "*", "effect": "allow" } ] }
TAndon_QCSLinkedRoleInServiceAuth
使用场景: 当前角色为腾讯云安灯服务相关角色,用于授权腾讯云安灯访问CVM、VPC、COS等腾讯云资源,无需用户托管密钥,操作更高效、更安全。该角色将在已关联策略的权限范围内访问您的其他云服务
权限策略
- 策略名称: QcloudAccessForTAndonLinkedRoleInServiceAuth
- 策略内容:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "lighthouse:Describe*", "lighthouse:Inquire*", "cvm:Describe*", "cvm:Inquiry*", "vpc:Describe*", "vpc:Inquiry*", "vpc:Get*", "monitor:Describe*", "monitor:Get*", "cos:List*", "cos:Get*", "cos:Head*", "cos:OptionsObject", "redis:Describe*", "redis:Get*", "redis:Inquiry*", "cdn:Describe*", "cdn:Get*", "cdn:List*", "emr:Describe*", "finance:Describe*", "cdb:Describe*", "clb:Describe*", "tcb:Describe*", "cynosdb:Describe*", "tke:Describe*", "domain:Describe*", "tag:Get*", "cloudaudit:Look*", "postgres:Describe*", "dnspod:Describe*", "thpc:Describe*", "tat:Describe*", "cwp:Describe*", "mongodb:Describe*", "ssl:Describe*", "scf:List*", "vod:Describe*", "cos:Describe*", "dts:Describe*", "teo:Describe*", "dcdb:Describe*", "sqlserver:Describe*", "antiddos:Describe*", "sms:Describe*", "sms:Pull*", "ba:Describe*", "ckafka:Describe*", "tcr:Describe*" ], "resource": "*" } ] }
TAndon_QCSLinkedRoleInServiceAllaround
使用场景: 当前角色为腾讯云安灯(TAndon)服务相关角色,该角色将在已关联策略的权限范围内访问您的其他云服务资源。
权限策略
- 策略名称: QcloudAccessForTAndonLinkedRoleInServiceAllaround
- 策略内容:
{ "statement": [ { "action": [ "tandon:*" ], "effect": "allow", "resource": "*" } ], "version": "2.0" }