Release Notes and Announcements

CLB Release Notes

Product Announcements

Product Introduction

Overview

Strengths

Use Cases

Principles

Product Comparison

Use Limits

Service Regions and Service Providers

Purchase Guide

Billing Overview

Billing

CLB Resource Package

Purchase Methods

Payment Overdue

Product Attribute Selection

Getting Started

Getting Started with Domain Name-Based CLB

Getting Started with CLB

Getting Started with IPv6 CLB

Deploying Nginx on CentOS

Deploying Java Web on CentOS

Operation Guide

CLB Instance

CLB Listener

Real Server

Health Check

Certificate Management

Log Management

Monitoring and Alarm

Cloud Access Management

Classic CLB

Practical Tutorial

Deploy certificate to CLB (mutual authentication)

Enabling Gzip Compression & Testing

HTTPS Forwarding Configurations

Obtaining Real Client IPs

Best Practices for Configuring Load Balancing Monitoring Alerts

Implementing HA Across Multiple AZs

Load Balancing Algorithm Selection and Weight Configuration Examples

Configuring WAF protection for CLB listening domain names

Configure IAP to authenticate web access to the CLB domain and path

Configure IAP to authenticate programmatic access to CLB's domain and path

Ops Guide

Solution to Excessive Clients in TIME_WAIT Status

Load Balancer HTTPS Service Performance Test

Stress Testing FAQ

CLB Certificate Operation Permissions

Troubleshooting

UDP Health Check Exception

API Documentation

History

Introduction

API Category

Instance APIs

Listener APIs

Backend Service APIs

Target Group APIs

Redirection APIs

Other APIs

Classic CLB APIs

Load Balancing APIs

Making API Requests

Data Types

Error Codes

CLB API 2017

FAQs

Billing

CLB Configuration

Troubleshooting Health Check Issues

HTTPS

WS/WSS Protocol Support

HTTP/2 Protocol Support

Default Domain Name Blocking Prompt

Service Level Agreement

Glossary

Authorization Definition

PDF

Focus Mode

Font Size

Last updated: 2024-01-04 14:34:05

Types of CLB Resources That Can Be Authorized in CAM
Resource Type
Resource Description in Authorization Policy
CLB instance
 qcs::clb:$region::clb/$loadbalancerid
CLB real server
qcs::cvm:$region:$account:instance/$cvminstanceid
In the description:
$region must be the ID of a region and can be empty.
$account must be the AccountId of the resource owner or *.
$loadbalancerid must be the ID of a CLB instance or *.
And so on…
APIs for CLB Authorization in CAM
You can authorize the following actions for a CLB resource in CAM.
Instance
API Operation
Resource Description
API Description
DescribeLoadBalancers
Queries the CLB instance list.
*, which indicates to authenticate only the API.
CreateLoadBalancer
Purchases a CLB instance.
qcs:$projectid:clb:$region:$account:clb/*
DeleteLoadBalancers
Deletes CLB instances.
qcs::clb:$region:$account:clb/$loadbalancerid
ModifyLoadBalancerAttributes
Modifies the attributes of a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid
ModifyForwardLBName
Modifies the name of a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid
SetLoadBalancerSecurityGroups
Configures security groups for a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid
Listener
API Operation
Resource Description
API Description
DeleteLoadBalancerListeners
Deletes CLB listeners.
qcs::clb:$region:$account:clb/$loadbalancerid
DescribeLoadBalancerListeners
Gets the CLB listener list.
qcs::clb:$region:$account:clb/$loadbalancerid
ModifyLoadBalancerListener
Modifies the attributes of a CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
CreateLoadBalancerListeners
Creates CLB listeners.
qcs::clb:$region:$account:clb/$loadbalancerid
DeleteForwardLBListener
Deletes a layer-4 or layer-7 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
ModifyForwardLBSeventhListener
Modifies the attributes of a layer-7 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
ModifyForwardLBFourthListener
Modifies the attributes of a layer-4 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
DescribeForwardLBListeners
Queries the CLB listener list.
qcs::clb:$region:$account:clb/$loadbalancerid
CreateForwardLBSeventhLayerListeners
Creates layer-7 CLB listeners.
qcs::clb:$region:$account:clb/$loadbalancerid
CreateForwardLBFourthLayerListeners
Creates layer-4 CLB listeners.
qcs::clb:$region:$account:clb/$loadbalancerid
CLB domain name and URL
API Operation
Resource Description
API Description
ModifyForwardLBRulesDomain
Modifies the domain name of a forwarding rule for a CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
CreateForwardLBListenerRules
Creates forwarding rules for a CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
DeleteForwardLBListenerRules
Deletes the forwarding rules of a layer-7 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
DeleteRewrite
Deletes the redirection relationship between CLB forwarding rules.
qcs::clb:$region:$account:clb/$loadbalancerid
ManualRewrite
Manually creates a redirection relationship between CLB forwarding rules.
qcs::clb:$region:$account:clb/$loadbalancerid
AutoRewrite
Automatically generates a redirection relationship between CLB forwarding rules.
qcs::clb:$region:$account:clb/$loadbalancerid
Real server
API Operation
Resource Description
API Description
ModifyLoadBalancerBackends
Modifies real server weights for a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid
DescribeLoadBalancerBackends
Gets the list of real servers bound to a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid
DeregisterInstancesFromLoadBalancer
Unbinds real servers.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
RegisterInstancesWithLoadBalancer
Binds real servers to a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
DescribeLBHealthStatus
Queries the health status of a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid
ModifyForwardFourthBackendsPort
Modifies the CVM instance port in a forwarding rule of a layer-4 listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
ModifyForwardFourthBackendsWeight
Modifies the weight of CVM instances in a forwarding rule of a layer-4 listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
RegisterInstancesWithForwardLBSeventhListener
Binds CVM instances to the forwarding rules of a layer-7 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
RegisterInstancesWithForwardLBFourthListener
Binds CVM instances to the forwarding rules of a layer-4 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
DeregisterInstancesFromForwardLBFourthListener
Unbinds CVM instances from the forwarding rules of a layer-4 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
DeregisterInstancesFromForwardLB
Unbinds CVM instances from the forwarding rules of a layer-7 CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
ModifyForwardSeventhBackends
Modifies the weight of CVM instances in the forwarding rules of a layer-7 listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
ModifyForwardSeventhBackendsPort
Modifies the port of CVM instances in the forwarding rules of a layer-7 listener.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/$cvminstanceid
DescribeForwardLBBackends
Queries the list of CVM instances bound to a CLB instance.
qcs::clb:$region:$account:clb/$loadbalancerid``qcs::cvm:$region:$account:instance/*
DescribeForwardLBHealthStatus
Queries the health check status of a CLB instance.
qcs::clb:$region:$account:clb/*
ModifyLoadBalancerRulesProbe
Modifies the health check configuration and forwarding path in a forwarding rule of a CLB listener.
qcs::clb:$region:$account:clb/$loadbalancerid
﻿

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Cloud Load Balancer

Authorization Definition

Types of CLB Resources That Can Be Authorized in CAM

APIs for CLB Authorization in CAM

Instance

Listener

CLB domain name and URL

Real server

Help and Support

Resource Type	Resource Description in Authorization Policy
CLB instance	`qcs::clb:$region::clb/$loadbalancerid`
CLB real server	`qcs::cvm:$region:$account:instance/$cvminstanceid`

API Operation	Resource Description	API Description
DescribeLoadBalancers	Queries the CLB instance list.	`*`, which indicates to authenticate only the API.
CreateLoadBalancer	Purchases a CLB instance.	`qcs:$projectid:clb:$region:$account:clb/*`
DeleteLoadBalancers	Deletes CLB instances.	`qcs::clb:$region:$account:clb/$loadbalancerid`
ModifyLoadBalancerAttributes	Modifies the attributes of a CLB instance.	`qcs::clb:$region:$account:clb/$loadbalancerid`
ModifyForwardLBName	Modifies the name of a CLB instance.	`qcs::clb:$region:$account:clb/$loadbalancerid`
SetLoadBalancerSecurityGroups	Configures security groups for a CLB instance.	`qcs::clb:$region:$account:clb/$loadbalancerid`