When you use the SCF Console or CLI, you may need to manipulate the permissions to SCF or other products. For example, you can grant the permissions to query the CMQ topic list, VPC information, or Cloud Monitor statistics.
SCF provides preset policies for granting access to SCF and other associated resources. For more information, please see Notes on User Policy Update. SCF updates preset policies as needed to ensure that you have access to newly released features. You can also create custom policies to manage user permissions.
If you are currently a subuser/collaborator, authorization should be performed by the root account in the following steps. After the authorization is completed, both the root account and subuser can log in and use the SCF service.
You may receive
you are not authorized to perform xxx or other prompts for "no access" while accessing the SCF Console to view function monitoring or execution information.
You can create a custom policy as instructed in the CAM documentation or configure two preset policies for fast authorization by following the steps below:
QcloudSCFFullAccesspreset policy as an example, and you can choose an appropriate policy based on your actual needs.
|QcloudSCFFullAccess||Grants full access to SCF and other relevant resources|
|QcloudSCFReadOnlyAccess||Grants read-only access to SCF and other relevant resources|
SCF improved the preset permission policies in December 2019. The preset policies
QcloudSCFReadOnlyAccess were modified, and the
QcloudAccessForScfRole policy was added for the configuration role
SCF_QcsRole. For more information, please see Notes on User Policy Update.