Upon first use of Tencent Cloud Infrastructure as Code (TIC), you must authorize the service to access cloud resources under your Tencent Cloud account for orchestration. Without the authorization, TIC is unable to orchestrate Tencent cloud resources.
TIC supports the following authorization methods:
The TIC authorization method provides a more efficient and secure permission management mechanism. It is recommended that you switch to the TIC authorization method at the earliest possible time and clear the managed API credentials from TIC.
After TIC authorization is enabled, you can create a stack.
Disabling TIC authorization does not delete the TIC-related role assignment configuration in the CAM console. To delete the TIC-related role assignment configuration in the CAM console, go to the Roles page, find the TIC_QCSLinkedRole role, and then click Delete in the Operation column.
If you delete the TIC_QCSLinkedRole role in the CAM console but do not disable TIC authorization in the TIC console, the Authorization failed message appears on the API Credentials page. Hover over the icon. The system prompts you to reauthorize TIC.
Click Reauthorize to redirect to the CAM console.
After the authorization is complete, the status restores to normal state.
TIC is authorized to access the following Tencent Cloud services for orchestration:
This list is continuously updated. If you want to include a Tencent Cloud service in TIC for orchestration, submit a ticket to inform the TIC team.
This method is available only for existing users (with managed API credentials in TIC).
After you enable TIC authorization, the Clear button is displayed. Click this button to delete configuration of all API credentials managed in TIC.
After the API credentials are deleted, existing stacks associated with the API credentials use the TIC authorization method to complete subsequent orchestration operations by default.
The TIC authorization method does not support cross-account resource orchestration in Tencent Cloud. If you need resource orchestration for other Tencent Cloud root accounts, it is recommended that you retain the managed API credentials to ensure service continuity.
Select an API credential and click Delete.
If TIC authorization is enabled, existing stacks associated with the API credential use the TIC authorization method to complete subsequent orchestration operations by default.
If TIC authorization is disabled, API credentials in the Active state cannot be deleted. When a credential is being used by a stack, it cannot be deleted even if it is in the Ready state. To delete such an API credential, you must first destroy the associated stack.
Click New. In the dialog box that appears, complete the following settings:
A provider allows only one credential that is in the Active state. When a stack is created, TIC automatically selects the credential in the Active state for API calls.
If TIC authorization is enabled, no additional API credentials cannot be created.
Click OK to add the API credential.