Overview
The multi-account management feature allows users who have multiple Tencent Cloud root accounts with independent billing to switch the login account and centrally manage accounts. It enables an organization admin to effectively grasp the security information of the organization and learn about the security protection status and risks of the cloud business of each member account in real time. This achieves transparent and visual security management of the organization.
Use cases
Switching the login account
You can quickly switch to a member account for login without entering the password.
Centrally managing accounts
You can centrally manage all accounts of your organization without deployment. The security protection status of each member account is displayed, and you can set the security management permissions of accounts.
You can handle cloud business risks of multiple accounts of your organization. You can scan the cloud assets of any member account to identify potential risks.
I. Managing organization accounts
To use the multi-account management feature provided by CSC, you need to create an organization in Tencent Cloud Organization (TCO) first. Depending on the status of the current login account, go to the step that matches the account status to get started.
Note
Accounts that have not completed enterprise identity verification, enterprise accounts that have joined other organizations, and accounts that have been created for an organization cannot create an organization. For more information, see Creating Organization. Step 1. For an account that has not completed enterprise identity verification
Step 2. For an enterprise account that hasn't created an organization yet
On the TCO page, click Create to create an organization. Then, create member accounts for the organization or invite accounts to join it. Step 3. Use multi-account management
An enterprise account with the multi-account management feature activated can start using it.
II. Switching the login account
Authorizing access to member accounts
Switching to a member account for login
1. On the Multi-account page, click Log in for the member account that you want to switch to. 2. In the pop-up window, find the required permission name and policy name, and click Log in to switch the login account.
Note
An admin root account or unauthorized admin sub-account cannot switch to a member account for login, and a member account invited to an organization does not support authorized login.
III. Centrally managing accounts
After logging in to the CSC console with an admin root account or sub-account, you can view the security information of the organization and learn about the security protection status and risks of the cloud business of each member account in real time. This achieves transparent and visual security management of the organization. The multi-account mode has been incorporated into modules such as assets, risks, scan tasks, and report download. This allows you to perform cross-account operations to ensure the security of cloud business assets for your organization.
Account switch
In the upper-right corner of a module, click Multi-account. Then, enter a member account name/ID for search, select a member account, and click OK to switch the data in the module to the data of the account.
System settings - Multi-account
On the Multi-account page, you can centrally manage all accounts of your organization without deployment. The security protection status of each member account is displayed. You can also switch the account for login without entering the password. The Multi-account page varies depending on the login account you use: Login with an admin root account
Login with an admin sub-account
Login with a member root account or sub-account
Assets
On the Assets page, the admin can manage cloud business assets across accounts, learn about the security protection status of each asset, and scan the cloud assets of any account to identify potential risks.
Risks
The Risks page incorporates the capabilities of various products for users to manage the risks of cloud business assets, such as port, vulnerability, weak password, configuration, and content risks, in a one-stop manner. The admin can handle the potential risks of the cloud business assets across accounts.
Scan tasks
The scan tasks page displays the information of all scan tasks for all accounts under the organization and provides the execution status of each scan task in real time. The admin can efficiently manage each asset scan task across accounts, and can edit, delete, and stop the scan tasks of each account.
Report download
The Download report page integrates the vulnerability scan service. On this page, the admin can download the report of each scan task across accounts.
IV. FAQs
How can I implement multi-account management? Do I need to adjust the network architecture?
Multi-account management is achieved by integrating system data of security products, and there is no need to adjust the network architecture.
How can I contact you if I have any questions?
If you have any questions, submit a ticket and we will get back to you as soon as possible.
Was this page helpful?