Product Introduction
Purchase Guide
Getting Started
User Guide
- Overview
- Users
- Access Key
- User Groups
- Role
- Identity Provider
- Policies
- Permissions Boundary
- Troubleshooting
- Downloading Security Analysis Report
CAM-Enabled Role
- Overview
- Compute
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Database SaaS Service
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Tencent Big Model
- Middleware
- Interactive Video Services
- Real-Time Interaction
- Media On-Demand
- Media Process Services
- Media Process
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Developer Tools
- Monitor and Operation
- More
CAM-Enabled API
- Overview
- Compute
- Edge Computing
- Container
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Endpoint Security
- Data Security
- Business Security
- Application Security
- Domains & Websites
- Office Collaboration
- Big Data
- Voice Technology
- Image Creation
- Tencent Big Model
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Middleware
- Communication
- Interactive Video Services
- Real-Time Interaction
- Stream Services
- Media On-Demand
- Media Process Services
- Media Process
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Medical Services
- Cloud Resource Management
- Management and Audit Tools
- Developer Tools
- Monitor and Operation
- More
Use Cases
- Security Practical Tutorial
- Multi-Identity Personnel Permission Management
- Authorizing Certain Operations by Tag
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Reviewing Employee Operation Records on Tencent Cloud
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- During tag-based authentication, only tag key matching is supported
Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- CVM
- VPC
- VOD
- Others
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- User APIs
- Policy APIs
- Role APIs
- Identity Provider APIs
- Data Types
- Error Codes
FAQs
Glossary

Authorizing Sub-account Read-only Access to CVMs

Modo Foco

Tamanho da Fonte

Última atualização: 2024-01-23 18:02:53

The enterprise account, CompanyExample (ownerUIN: 12345678), has a sub-account, Developer, that requires CVM instance query permission for the CVM service under the CompanyExample enterprise account. The sub-account is not allowed to create, delete, or start up/shut down CVM instances.
Solution A:
The enterprise account, CompanyExample, associates the Developer sub-account with the preset policy QcloudCVMInnerReadOnlyAccess. To learn how to associate a policy with a user account, see Authorization Management.
Solution B:
Step 1: create the following policy by using policy syntax.
 {
    "version": "2.0",
    "statement":[
     {
         "effect": "allow",
         "action": [
                "cvm:Describe*",
                "cvm:Inquiry*"
                ],
         "resource": "*"
     }
    ]
}
Step 2: associate the sub-account with the policy. To learn how to associate a policy with a user account, see Authorization Management.

Ajuda e Suporte

Esta página foi útil?

Você também pode entrar em contato com a Equipe de vendas ou Enviar um tíquete em caso de ajuda.

comentários

tencent cloud

Cloud Access Management

Authorizing Sub-account Read-only Access to CVMs

Ajuda e Suporte