tencent cloud

PrevNext

フィードバック

キーワードで検索してください

Recent Pages

ドキュメント
Cloud Access Management
    ドキュメント

    Cloud Data Warehouse for PostgreSQL

    最終更新日:2024-05-02 09:04:27

      Fundamental information

      Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
      Cloud Data Warehouse PostgreSQL cdwpg Supported Supported Resource level Partially supported

      Note:

      The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

      • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
      • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
      • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

      API authorization granularity

      Two authorization granularity levels of API are supported: resource level, and operation level.

      • Resource level: It supports the authorization of a specific resource.
      • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

      Write operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      AbortQuery AbortQuery Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      AdminClusterOutnetAddres AdminClusterOutnetAddress Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      CreateCluster CreateCluster Operation level * Supported
      CreateInstanceByApi CreateInstance Operation level * Supported
      CreateTableBackupTask CreateTableBackupTask Resource level qcs::cdwpg:${Region}:uin/:cdwpg-instance/${InstanceId} Supported
      CreateVpcLink CreateVpcLink Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DeleteBackupData DeleteBackupData Resource level qcs::cdwpg:${Region}:uin/${uin}:cdwpg-instance/${InstanceId} Supported
      DeleteCluster DeleteCluster Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DeleteVpcLink DeleteVpcLink Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      ExpandClusterSize ExpandClusterSize Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      HandlerResourceQueue HandlerResourceQueue Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      ModifyClusterBasic ModifyClusterBasic Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      ModifyClusterSize ModifyClusterSize Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      ModifyClusterSubnet ModifyClusterSubnet Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      ModifyClusterUserPassword ModifyClusterUserPassword Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      ModifyTableBackupTask ModifyTableBackupTask Resource level qcs::cdwpg:${Region}:uin/${uin}:cdwpg-instance/${InstanceId} Supported
      RebootCluster RebootCluster Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      RecoverInstanceByApi RecoverInstanceByApi Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${InstanceId} Supported
      ScaleOutInstance ScaleOutInstance Operation level * Supported
      SetHbaConfigList SetHbaConfigList Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      TurnOnOrOffTableBackup TurnOnOrOffTableBackup Resource level qcs::cdwpg:${Region}:uin/${uin}:cdwpg-instance/${InstanceId} Supported

      Read operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      CheckPermission CheckPermission Operation level * not supported
      DescribeBillingParams DescribeBillingParams Operation level * Supported
      DescribeClusterExtend DescribeClusterExtend Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeClusterResourceQueueList DescribeClusterResourceQueueList Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeClusterStatus DescribeClusterStatus Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeClusters DescribeClustersStatistics Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} not supported
      DescribeClustersLimit DescribeClustersLimit Resource level qcs::cdwpg:${region}:uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeClustersNodesInfo DescribeClustersNodesInfo Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeClustersStatistics DescribeClustersStatistics Operation level * Supported
      DescribeDbStatus DescribeDbStatus Resource level qcs::cdwpg:${region}:uin/${uin}:cdwpg-instance/${clusterIdentifier} Supported
      DescribeEvents DescribeEvents Operation level * Supported
      DescribeGoodsDetail DescribeGoodsDetail Operation level * Supported
      DescribeGpStatus DescribeGpStatus Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeHbaConfigList DescribeHbaConfigList Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeHdfsNames DescribeHdfsNames Resource level qcs::cdwpg:${region}:uin/:cdwpg-instance/${InstanceId} Supported
      DescribeHistoryQueries DescribeHistoryQueries Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeHistoryQuery DescribeHistoryQuery Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeInstance DescribeInstance Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeNodeConfigInfo DescribeNodeConfigInfo Operation level * Supported
      DescribeRealtimeQueries DescribeRealtimeQueries Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeRealtimeQuery DescribeRealtimeQuery Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeRegionEngineVersion DescribeRegionEngineVersion Resource level qcs::cdwpg:${region}:uin/:cdwpg-instance/${InstanceId} Supported
      DescribeResidual DescribeResidual Operation level * Supported
      DescribeSegNodeMaxCount DescribeSegNodeMaxCount Operation level * Supported
      DescribeSpecResidual DescribeSpecResidual Operation level * Supported
      DescribeTableBackupStatus DescribeTableBackupStatus Resource level qcs::cdwpg:${Region}:uin/${uin}:cdwpg-instance/${InstanceId} Supported
      DescribeTableBackupTask DescribeTableBackupTask Resource level qcs::cdwpg:${Region}:uin/${uin}:cdwpg-instance/${InstanceId} Supported
      DescribeTableBackupTasks DescribeTableBackupTasks Resource level qcs::cdwpg:${Region}:uin/${uin}:cdwpg-instance/${InstanceId} Supported
      DescribeTableCycleBackupTasks DescribeTableCycleBackupTasks Resource level qcs::cdwpg:${Region}:uin/${uin}:cdwpg-instance/${InstanceId} Supported
      DescribeValidRegionAndZones DescribeValidRegionAndZones Operation level * Supported
      DescribeVpcLinks DescribeVpcLinks Resource level qcs::cdwpg::uin/${uin}:cdwpg-instance/${ClusterIdentifier} Supported
      DescribeZones DescribeZones Operation level * Supported
      DescribeZonesResource DescribeZonesResource Operation level * Supported
      お問い合わせ

      カスタマーサービスをご提供できるため、ぜひお気軽にお問い合わせくださいませ。

      お問い合わせ
      テクニカルサポート

      さらにサポートが必要な場合は、サポートチケットを送信して弊社サポートチームにお問い合わせください。24時間365日のサポートをご提供します。

      チケットを送信
      電話サポート(24 時間365日対応)
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      個人情報保護方針利用規約クッキーポリシー