tencent cloud

Control Center

Product Introduction
Overview
Strengths
Scenarios
Purchase Guide
Getting Started
Enabling Control Center
Configuring a Landing Zone
Operation Guide
Landing Zone
Control Center Overview
Baselines
Accounts
Login Permissions
Finance
Security Rules
Compliance Audit
Cloud Security Center
Use Cases
Centrally Managing Enterprise Accounts
Multi-Account Financial Management
Multi-Account Permissions Management
Multi-Account Log Collection and Auditing
API Documentation
History
Introduction
API Category
Making API Requests
Account Factory APIs
Data Types
Error Codes
Control Center Policy
Privacy Policy
Data Processing And Security Agreement
FAQs
DocumentationControl CenterUse CasesCentrally Managing Enterprise Accounts

Centrally Managing Enterprise Accounts

PDF
Focus Mode
Font Size
Last updated: 2023-12-24 09:44:53

Customer Background

A corporate group owns dozens of subsidiaries, each of which has registered accounts with Tencent Cloud.

Scenario

The administrator wants to centrally manage all Tencent Cloud accounts within the group and, at the same time, refine the management based on account responsibilities, such as audit, network, and finance, or the subsidiaries (entities) the accounts belong to.

Customer Challenges

Managing the common attributes of multiple accounts in the group admin account poses risks such as unclear responsibilities and excessive permissions for the admin account.
Several basic cloud services are involved in the configuration of multi-account management, so the administrator must be familiar with these cloud services. In addition, the configuration process is long and cross-service manageability is poor.

Solution Overview

Tencent Cloud provides a solution for centrally managing accounts. With this solution, customers can quickly create a multi-account environment following Tencent Cloud's best practices.
1. According to best practices, accounts are classified into two types: core accounts and business accounts.
2. At present, the following types of core accounts are supported:
Group admin account: This account is used to manage multiple cloud accounts, including configuring permissions and viewing bills.
Security account: This account is delegated by the group admin account and is responsible for managing firewalls, scanning for vulnerabilities, and implementing other security measures for all accounts in the group.
Logging account: This account is delegated by the group admin account and is responsible for collecting, managing, and analyzing logs from all member accounts.
Entity admin account: Each subsidiary has an admin account for creating new business accounts within the subsidiary and making payments for all accounts within the subsidiary.
Financial account: This account is delegated by the group admin account and is responsible for viewing and managing the funds of cloud accounts within the group.
Previous Topic: Cloud Security CenterNext Topic: Multi-Account Financial Management

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback