International
中国站
Console
PrevNext
search by keyword

Recent Pages

Documentation
Cloud Load Balancer
    Documentation
    Download PDF

    CLB Certificate Operation Permissions

    Last updated: 2020-05-14 17:34:44
    Download PDF

      Operation Scenarios

      Since March 23, 2020, all certificate operations of CLB have been connected to Cloud Access Management (CAM) for authentication. Therefore, when a sub-user account performs CLB certificate operations, if "You are not authorized for this operation. Please contact your developer." is displayed, you can grant certificate permissions to the sub-user account as instructed below.

      Prerequisites

      The logged-in account needs to be the root account or a sub-user account with CAM permissions (i.e., associated with the QcloudCamFullAccess policy).

      • To check whether the sub-user account has CAM permissions, go to User List in the CAM Console, enter the details page of the sub-user, and check whether the QcloudCamFullAccess policy has been associated.
      • If the QcloudCamFullAccess policy is associated, but "No API permissions (message:GetReceiversOnAllType). Please contact your developer." is displayed when the sub-user performs certificate operations, they can ignore and proceed anyway.

      Directions

      Please grant certificate permissions in the following methods:

      Method 1. Associate a custom policy

      1. Log in to the CAM Console.
      2. On the left sidebar, click Policy to enter the "Policy" list page.
      3. Click Create Custom Policy and select Create by Policy Syntax in the pop-up box.
      4. On the "Select Template Policy" page, select Blank Template and click Next.
      5. On the "Edit Policy" page, enter the policy name and enter the following policy content in the "Edit Policy Content" input box:
        {
 "version": "2.0",
 "statement": [
     {
         "action": "name/ssl:*",
         "resource": "qcs::ssl:::*",
         "effect": "allow"
     }
 ]
}
      6. Then, click Create Policy to return to the "Policy" list page.
      7. At the top of the "Policy" list page, select Custom Policy, find the row of the policy you just created in the list, and click Associate User/Group in the "Operation" column.
      8. In the pop-up box, select the user to be authorized and click OK.

      Method 2. Associate a preset policy

      1. Log in to the CAM Console.
      2. On the left sidebar, select User > User List to enter the "User List" page.
      3. In the row of the sub-user to be authorized, click Authorize in the "Operation" bar.
      4. In the pop-up box, select QcloudSSLFullAccess or QcloudSSLReadOnlyAccess and click OK.

      Was this page helpful?

      Confirm

      Was this page helpful?

      • Not at all
      • Not very helpful
      • Somewhat helpful
      • Very helpful
      • Extremely helpful
      Send Feedback
      Hide
      Submit a TicketContact sales
      Help
      tencent
      Copyright © 2013-2020 Tencent Cloud. All Rights Reserved.
      Privacy PolicyTerms of ServiceCookie Policy