Cloud Access Management

Secure access management for Tencent Cloud products and resources

Overview

Cloud Access Management (CAM) by Tencent Cloud is a permission and user management system designed for secure and precise products management and access. You can create users and roles in CAM and assign security credentials such as console login passwords and Cloud API keys to them. You can also request temporary security credentials to enable Tencent Cloud resources access.You can manage permissions to control what actions users and roles can perform and what resources they can access. Additionally, you won't need to create organizational users' sub-users or collaborators if your organization already has private network account system. Identity provider (IdP) will provide single sign-on (SSO) for these users. IdP-verified external users can access your Tencent Cloud resources directly.

Benefits

User Management and Access Permissions

You can create users in CAM, assign them separate security credentials including Cloud API keys, login passwords and MFA devices. You can also request temporary keys to let users access Tencent Cloud services and resources.You can manage permissions and user actions.

Management of Roles and Their Permissions

You can create roles and manage their permissions in CAM to control user and service operations. You can also set roles different entities should take.

Management of Federated Users and Their Permissions

You can enable the federated identity feature to allow existing identities (users, groups and roles) in your organization to access the CAM console, call APIs and access resources without having to create users for each identity. Tencent Cloud supports SAML 2.0-based identity management solutions.

Features

Managing Access Permissions

You can authorize access to root account resources without sharing identity credentials.

Scenarios

Refined Access Control for Resources

You can customize access permissions for your Tencent Cloud services and resources through CAM. You can create users or roles in CAM and assign them separate security credentials (console login passwords, Cloud API keys, etc.) or request temporary security credentials for them for access to Tencent Cloud resources. You can manage the permissions to control what actions users and roles can perform and what resources they can access.

Single Sign-on to Tencent Cloud

You can use your existing authentication system through CAM to grant your employees and services the access permissions for Tencent Cloud services and resources. Tencent Cloud supports federated authentication based on SAML 2.0 (Security Assertion Markup Language 2.0) to achieve interoperability with your organizational account systems on a private network. For more information, see SAML 2.0-based federated authentication.

Multi-factor Authentication for Improved Account Security

Multi-factor authentication is a practice that adds an additional layer of protection on top of your username and password. Currently, two authentication methods are supported: hardware/virtual MFA device code and mobile verification code. Depending on the configuration, a user may be required to enter a valid authentication code to verify their identity and device environment before logging in or performing sensitive operations.

Pricing

CAM is free of charge.