|Upload Method||Permission to Resources||Permission to Operations||Remarks|
|Upload from server||Specified subapplication||ApplyUpload
|Upload from client||Specified subapplication||ApplyUpload
|Pull from URL||Specified subapplication||PullUpload||-|
|LVB recording||All subapplications||-||The LVB recording feature needs to be enabled|
Local upload of videos in the VOD console is a form of upload from client.
This is probably because the server SDK is too old. Please upgrade the SDK to the latest version.
To watch a video is essentially to make a request to VOD CDN as an ordinary viewer rather than a Tencent Cloud account, so you do not need to grant a viewer any permissions (if hotlink protection or video encryption is enabled, the conditions as described in applicable documents must be met before the video can be watched, but these are irrelevant to access control).
No. The resource granularity of VOD access control is subapplication.
The possible reasons of conflicts are as follows:
As VOD permission management is based on CAM, VOD permissions are determined in accordance with the policy judgment logic of CAM.
Cross-account resource access refers to that root account A grants all or some of its VOD permissions to root account B (or its sub-accounts), that is, the grantor and grantee are two independent Tencent Cloud accounts. VOD does not support cross-account resource access, i.e., a Tencent Cloud account can only grant VOD permissions to its own sub-accounts.