tencent cloud

Overview
Last updated: 2025-12-04 19:13:27
Overview
Last updated: 2025-12-04 19:13:27
You can create users or roles via CAM (Cloud Access Management) to manage access. By associating CAM preset policies or custom policies, you can determine which users can perform specific operations on which resources under what conditions, ultimately achieving access management for users under your account.
The Cloud Infinite (CI) service mainly includes two major modules: Image Processing and Media Processing. For the Image Processing feature, you can configure data persistence permissions for sub-accounts to achieve processing upon upload or processing of data stored in Cloud Object Storage (COS). If you need to grant operational permissions to sub-accounts during download, contact us by submitting a ticket. For the Media Processing feature, Cloud Infinite supports resource-level authorization. You can grant management permissions for a single resource to sub-accounts via policy syntax. For details, see Authorization Policy Syntax.
Below is an explanation of the basic concepts. For detailed information, refer to the CAM User Guide document.

Account

Root account: Owns all Tencent Cloud resources and can access any of its resources.
Sub-account: Include sub-users and collaborators.
Sub-user: Created by the root account and belongs entirely to the root account that created it.
Collaborator: Originally has the identity of a root account. After being added as a collaborator of the current root account, it becomes one of the sub-accounts, able to switch back to the root account identity.
Identity credentials: Include login credentials and access certificates.
Login credentials: refer to the username and password.
Access key: refers to the TencentCloud API keys (SecretId and SecretKey).

Resource and Permission

Resource: refers to the objects operated within cloud services. For example, a COS Bucket, an image in CI, etc.
Permission: refers to allowing or denying certain users to perform specific operations. By default, the root account has access permissions to all resources under it, while sub-accounts have no access rights to any resources under the root account.
policy: refers to the syntax specification that defines and describes one or more permissions. The root account grants permissions by associating policies with users/user groups. For more details, see Access Policy Language Overview.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback