Tutorial do usuário
Introdução do produto
- Visão geral
- Vantagens
- Casos de uso
- Política de isolamento de recursos
- Lista de funcionalidades do produto
- Instância de banco de dados
Guia de aquisição
Guia de operação
- Limites de uso
- Visão geral da operação
- Gerenciamento e manutenção de instâncias
- Upgrade da versão
- Expansão de instância
- Proxy de banco de dados
- Gerenciamento de conta
- Configuração dos parâmetros
- Backup e reversão
- Migrasi data
- Rede e segurança
- Monitoramento e alarmes
- Centro de logs
- Tag
White paper
- White paper sobre a segurança
Service Agreement
- Service Level Agreement
- Terms of Service

Tipos de recursos autorizáveis

Modo Foco

Tamanho da Fonte

Última atualização: 2026-03-17 11:13:02

A permissão em nível de recurso pode ser usada para especificar quais recursos um usuário pode manipular. O TencentDB oferece suporte a determinadas permissões em nível de recurso. Isso significa que, para operações do TencentDB que dão suporte à permissão no nível do recurso, você pode controlar o tempo em que um usuário tem permissão para executar operações ou usar recursos especificados. A tabela a seguir descreve os tipos de recursos que podem ser autorizados no CAM.
Tipo de recurso
Método de descrição de recursos na política de autorização
Relacionado à instância do TencentDB
qcs::cdb:$region:$account:instanceId/*
`qcs::cdb:$region:$account:instanceId/$instanceId``
A tabela abaixo lista as operações da API do TencentDB que atualmente oferecem suporte ao controle de permissão no nível do recurso, bem como os recursos e as chaves de condição compatíveis com cada operação. Ao especificar um caminho de recurso, você pode usar o curinga "*" no caminho.
Lista de APIs que suportam autorização no nível do recurso
Operações da API
Caminho do recurso
AddTimeWindow
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
AssociateSecurityGroups
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CloseWanService
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CreateAccounts
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CreateBackup
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CreateDBImportJob
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DeleteAccounts
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DeleteBackup
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DeleteTimeWindow
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeAccountPrivileges
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeAccounts
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeBackupConfig
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeBackupDatabases
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeBackupDownloadDbTableCode
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeBackups
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeBackupTables
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeBinlogs
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDatabases
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBImportRecords
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBInstanceCharset
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBInstanceConfig
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBInstanceGTID
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBInstanceRebootTime
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBSwitchRecords
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBSecurityGroups
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeInstanceParamRecords
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeInstanceParams
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeRoGroups
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeRollbackRangeTime
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeSlowLogs
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeSupportedPrivileges
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeTables
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeTimeWindow
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDatabasesForInstances
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeMonitorData
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeTableColumns
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DropDatabaseTables
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
InitDBInstances
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
IsolateDBInstance
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyAccountDescription
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyAccountPassword
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyAutoRenewFlag
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyBackupConfig
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyBackupInfo
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyDBInstanceName
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyDBInstanceProject
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyDBInstanceSecurityGroups
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyDBInstanceVipVport
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyInstanceParam
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyDBInstanceModes
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyTimeWindow
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ModifyProtectMode
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
OfflineDBInstances
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
OpenDBInstanceGTID
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
OpenWanService
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
ReleaseIsolatedDBInstances
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
RestartDBInstances
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
StartBatchRollback
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
SubmitBatchOperation
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
SwitchDrInstanceToMaster
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
SwitchForUpgrade
qcs::cdb:$region:$account:instanceId/*
cs::cdb:$region:$account:instanceId/$instanceId
SubmitBatchOperation
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
UpgradeDBInstance
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
UpgradeDBInstanceEngineVersion
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
Lista de APIs que não permitem autorização no nível do recurso
 Para uma operação de API do TencentDB que não oferece suporte à autorização no nível do recurso, você ainda poderá autorizar um usuário a executá-la, mas deverá especificar * como o elemento de recurso na declaração da política.
Operações da API
Descrição da API
CreateDBInstanceHour
Cria uma instância do TencentDB de pagamento conforme o uso
CreateParamTemplate
Cria um modelo de parâmetro
DeleteParamTemplate
Exclui um item de modelo de monitoramento
DescribeProjectSecurityGroups
Consulta as informações do grupo de segurança de um projeto
DescribeDefaultParams
Consulta a lista de parâmetros configuráveis ​​padrão
DescriveParamTemplateInfo
Consulta os detalhes do modelo de parâmetro
DescribeParamTemplates
Consulta a lista de modelos de parâmetros
DescribeAsyncRequestInfo
Consulta o resultado da execução de uma tarefa assíncrona
DescribeTasks
Consulta a lista de tarefas para uma instância do TencentDB
DescribeUploadedFiles
Consulta a lista de arquivos SQL importados
ModifyParamTemplate
Modifica um modelo de parâmetro
RenewDBInstance
Renova uma instância do TencentDB
StopDBImportJob
Interrompe uma tarefa de importação de dados
DescribleRoMinScale
Consulta a especificação mínima de uma instância somente leitura
DescribeRequestResult
Consulta detalhes da tarefa
DescribeRoMinScale
Consulta a especificação mínima de uma instância somente leitura que pode ser comprada ou obtida via atualização
﻿

Ajuda e Suporte

Esta página foi útil?

Você também pode entrar em contato com a Equipe de vendas ou Enviar um tíquete em caso de ajuda.

comentários

tencent cloud

TencentDB for MySQL

Tipos de recursos autorizáveis

Lista de APIs que suportam autorização no nível do recurso

Lista de APIs que não permitem autorização no nível do recurso

Ajuda e Suporte

Tipo de recurso	Método de descrição de recursos na política de autorização
Relacionado à instância do TencentDB	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId``

Operações da API	Caminho do recurso
AddTimeWindow	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
AssociateSecurityGroups	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
CloseWanService	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
CreateAccounts	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
CreateBackup	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
CreateDBImportJob	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DeleteAccounts	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DeleteBackup	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DeleteTimeWindow	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeAccountPrivileges	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeAccounts	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeBackupConfig	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeBackupDatabases	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeBackupDownloadDbTableCode	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeBackups	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeBackupTables	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeBinlogs	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDatabases	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDBImportRecords	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDBInstanceCharset	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDBInstanceConfig	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDBInstanceGTID	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDBInstanceRebootTime	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDBSwitchRecords	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDBSecurityGroups	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeInstanceParamRecords	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeInstanceParams	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeRoGroups	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeRollbackRangeTime	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeSlowLogs	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeSupportedPrivileges	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeTables	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeTimeWindow	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeDatabasesForInstances	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeMonitorData	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DescribeTableColumns	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
DropDatabaseTables	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
InitDBInstances	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
IsolateDBInstance	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyAccountDescription	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyAccountPassword	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyAutoRenewFlag	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyBackupConfig	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyBackupInfo	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyDBInstanceName	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyDBInstanceProject	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyDBInstanceSecurityGroups	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyDBInstanceVipVport	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyInstanceParam	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyDBInstanceModes	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyTimeWindow	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ModifyProtectMode	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
OfflineDBInstances	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
OpenDBInstanceGTID	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
OpenWanService	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
ReleaseIsolatedDBInstances	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
RestartDBInstances	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
StartBatchRollback	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
SubmitBatchOperation	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
SwitchDrInstanceToMaster	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
SwitchForUpgrade	`qcs::cdb:$region:$account:instanceId/*` `cs::cdb:$region:$account:instanceId/$instanceId`
SubmitBatchOperation	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
UpgradeDBInstance	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`
UpgradeDBInstanceEngineVersion	`qcs::cdb:$region:$account:instanceId/*` `qcs::cdb:$region:$account:instanceId/$instanceId`

Operações da API	Descrição da API
CreateDBInstanceHour	Cria uma instância do TencentDB de pagamento conforme o uso
CreateParamTemplate	Cria um modelo de parâmetro
DeleteParamTemplate	Exclui um item de modelo de monitoramento
DescribeProjectSecurityGroups	Consulta as informações do grupo de segurança de um projeto
DescribeDefaultParams	Consulta a lista de parâmetros configuráveis padrão
DescriveParamTemplateInfo	Consulta os detalhes do modelo de parâmetro
DescribeParamTemplates	Consulta a lista de modelos de parâmetros
DescribeAsyncRequestInfo	Consulta o resultado da execução de uma tarefa assíncrona
DescribeTasks	Consulta a lista de tarefas para uma instância do TencentDB
DescribeUploadedFiles	Consulta a lista de arquivos SQL importados
ModifyParamTemplate	Modifica um modelo de parâmetro
RenewDBInstance	Renova uma instância do TencentDB
StopDBImportJob	Interrompe uma tarefa de importação de dados
DescribleRoMinScale	Consulta a especificação mínima de uma instância somente leitura
DescribeRequestResult	Consulta detalhes da tarefa
DescribeRoMinScale	Consulta a especificação mínima de uma instância somente leitura que pode ser comprada ou obtida via atualização