Log in to the console using the account and password of sub-account, and you can find the key of sub-user in the "Cloud Products" - "Cloud API Key". The key is used to generate the signature, and you can have access to relevant Tencent Cloud resources after passing the verification.
Function of Signature:
Encoding Type: utf8
Encoding Format: json
Transmission Mode: post
Request Protocol: http
Call specifications are as below:
{
"version" : 1,
"componentName" :"MC",
"eventId" :123456,
"interface":{
"interfaceName" : "API Name"
"para" : {
API Parameters
}
}
}
Returned result: If there is an error in the returned result, returnCode is not 0, and returnMessage content is the error information.
{
"version" : 1,
"eventId" : 123456,
"componentName" : "CONSOLE_LOGICAL_SERVER",
"returnValue" : 0,
"returnCode" : 0,
"returnMessage" : "OK",
"data" : {
"ownerUin":123,
"uin":124,
"ownerAppid":323
}
}
Note: interfaceName and para in input parameter and data in output parameter will be explained later.
For more information about APIs for user and permission CAM, click here >>
Example of policy:
Set a sub-user (with uin of 3232) to have permission for all queues under list account, and have the permissions of Consume Message and Delete Messages in Batch on horacetest1 from Beijing region.
Field Explanation:
Parameter | Description | Example Value |
---|---|---|
strategyName | Policy name. | strategy1 |
strategyInfo | Content described by the policy. (Note that a json string is required here) | See Sample Codes |
remark | Notes for the policy. | horace test |
resource setting* | If the operation requires associating with resources, it represents all objects. If the operation does not require associating with resources (such as list operation), it represents empty object. | * |
Sample Codes:
{
"strategyName":"strategy1",
"strategyInfo":'{"version":"2.0","principal":{"qcs":["qcs::cam::uin/1238423:uin/3232","qcs::cam::uin/1238423:groupid/13"]},"statement":[{"effect":"allow","action":"name/cmqqueue:ListQueue","resource":"*"},{"effect":"allow","action":["name/cmqqueue:ReceiveMessage","name/cmqqueue:BatchDeleteMessage"],"resource":["qcs::cmqqueue:bj:uin/1238423:queueName/3232/horacetest1","qcs::cmqqueue:bj:uin/1238423:queueName/3232/horacetest1"]}]}',
"remark":"horace test"
}
This API is used for users or user groups to associate with/remove policies.
Example of policy: Associate the user with a UIN of 123456 to the policy with a policy ID of 666.
Field Explanation:
Parameter | Description | Example Value |
---|---|---|
groupId | If it is associated with users, -1 will be passed for groupId; if it is associated with user groups, a specific group ID will be passed for groupId. |
-1 |
relateUin | If it is associated with users, a specific user uin will be passed for relateUin; if it is associated with user groups, -1 will be passed for relateUin. | 123456 |
strategyId | ID of the policy to be associated with. | 666 |
actionType | "1" indicates associating with policy; "2" indicates removing policy. | 1 |
Sample Codes:
{
"groupId":-1,
"relateUin":123456,
"strategyId":666,
"actionType":1
}
Note: This section is applicable to user and permission management of various services. When setting CMQ service, please determine the relevant values of CMQ according to the following instructions.
Was this page helpful?