A resource description identifies one or multiple operation objects including CVM resources and COS buckets. This document introduces CAM resource descriptions.
All resources can be described in the following six-segment format. Each service has its own resources and detailed resource definition. For more information on how to specify resources, see the corresponding product documentation in CAM-Enabled Products.
The six-segment format is defined as follows:
qcs:project_id:service_type:region:account:resource
qcloud service
and indicates that the resource is a Tencent Cloud resource. This field is required. *
indicates all services. This field is required. Region Abbreviation | Region |
---|---|
gz | Guangzhou |
sh | Shanghai |
bj | Beijing |
ca | Canada |
sg | Singapore |
hk | Hong Kong (China) |
cd | Chengdu |
de | Germany |
account describes the root account information of the resource owner. Currently, either uin
or uid
can be used to describe the resource owner.
uin
is the account ID of the root account, which is expressed in the format of uin/${uin}
, such as uin/12345678
.uid
is the APPID
of the root account, which is expressed in the format of uid/${appid}
, such as uid/10001234
.? At present, COS resource owners can only be described using
uid
, and resource owners of other services can only be described usinguin
.
resource describes the detailed resource information of the specific service.
instance/ins-abcdefg
for VPC.<resource_type>/<resource_id>
prefix//10001234/bucket1/object2
for COS. Prefix match at the directory level is supported for this type of description. For example, prefix//10001234/bucket1/*
indicates all the objects in bucket1
.<resource_type>/<resource_path>
instance/*
.<resource_type>/*
resource
element can be described by *
, and the definitions are as follows. For more information, please see the corresponding service documentation.action
needs to be associated with a resource, the resource can be defined as *
, indicating that all resources are associated.action
does not need to be associated with a resource, the resource needs to be defined as *
.CAM resources include users, user groups, and policies. A CAM resource can be described as follows:
qcs::cam::uin/164256472:uin/164256472
Or
qcs::cam::uin/164256472:root
qcs::cam::uin/164256472:uin/73829520
qcs::cam::uin/164256472:groupid/2340
*
qcs::cam::uin/12345678:policyid/*
Or
qcs::cam::uin/12345678:policyid/12423
For more information on service-specific resource definitions, please see the corresponding product documentation in CAM-Enabled Products.
Was this page helpful?