tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Tencent Cloud Lighthouse
    Documentation
    Download PDF

    Authorizable Resource Types

    Last updated: 2022-05-12 12:24:12
    Download PDF

      With Cloud Access Management (CAM), you can grant resource-level permissions for users.
      In CAM, the types of Lighthouse resources that can be authorized are as follows:

      Resource Type Resource Description Method in Authorization Policy
      Instance qcs::lighthouse:$region:$account:instance/*
      Image qcs::lighthouse:$region:$account:blueprint/*
      Snapshot qcs::lighthouse:$region:$account:snapshot/*
      Key qcs::lighthouse:$region:$account:keypair/*

      The table below lists the API operations of Lighthouse that currently support resource-level permissions, as well as their resources and condition keys. When setting the resource path, you need to replace the variable parameters such as $region and $account with your actual parameter values. You can also use the * wildcard in the path.
      For relevant concepts such as region, action, account, and resource in CAM policies, see Resource Description Method.

      Note:

      Lighthouse API operations not listed here do not support resource-level permissions. You can still authorize a user to perform such an API operation, but you must specify * as the resource element of the policy statement.

      Instance

      API Resource
      ModifyInstancesBundle qcs::lighthouse:$region:$account:instance/$instanceId
      RenewInstances qcs::lighthouse:$region:$account:instance/$instanceId
      IsolateInstances qcs::lighthouse:$region:$account:instance/$instanceId
      ModifyInstancesAttribute qcs::lighthouse:$region:$account:instance/$instanceId
      ModifyInstancesRenewFlag qcs::lighthouse:$region:$account:instance/$instanceId
      RebootInstances qcs::lighthouse:$region:$account:instance/$instanceId
      ResetInstance qcs::lighthouse:$region:$account:instance/$instanceId
      ResetInstancesPassword qcs::lighthouse:$region:$account:instance/$instanceId
      StartInstances qcs::lighthouse:$region:$account:instance/$instanceId
      StopInstances qcs::lighthouse:$region:$account:instance/$instanceId
      TerminateInstances qcs::lighthouse:$region:$account:instance/$instanceId
      DescribeInstancesDeniedActions qcs::lighthouse:$region:$account:instance/$instanceId
      DescribeInstancesReturnable qcs::lighthouse:$region:$account:instance/$instanceId
      DescribeInstancesTrafficPackages qcs::lighthouse:$region:$account:instance/$instanceId
      DescribeInstanceVncUrl qcs::lighthouse:$region:$account:instance/$instanceId
      DescribeResetInstanceBlueprints qcs::lighthouse:$region:$account:instance/$instanceId

      Snapshot

      API Resource
      CreateInstanceSnapshot qcs::lighthouse:$region:$account:instance/$instanceId
      qcs::lighthouse:$region:$account:snapshot/*
      DeleteSnapshots qcs::lighthouse:$region:$account:snapshot/$snapshotId
      ApplyInstanceSnapshot qcs::lighthouse:$region:$account:instance/$instanceId
      qcs::lighthouse:$region:$account:snapshot/$snapshotId
      DescribeSnapshotsDeniedActions qcs::lighthouse:$region:$account:snapshot/$snapshotId
      ModifySnapshotAttribute qcs::lighthouse:$region:$account:snapshot/$snapshotId

      Firewall

      API Resource
      CreateFirewallRules qcs::lighthouse:$region:$account:instance/$instanceId
      DeleteFirewallRules qcs::lighthouse:$region:$account:instance/$instanceId
      DescribeFirewallRules qcs::lighthouse:$region:$account:instance/$instanceId
      ModifyFirewallRules qcs::lighthouse:$region:$account:instance/$instanceId
      ModifyFirewallRuleDescription qcs::lighthouse:$region:$account:instance/$instanceId

      Key

      API Resource
      DeleteKeyPairs qcs::lighthouse:$region:$account:keypair/$keypairId
      AssociateInstancesKeyPairs qcs::lighthouse:$region:$account:instance/$instanceId
      qcs::lighthouse:$region:$account:keypair/$keypairId
      DescribeInstanceLoginKeyPairAttribute qcs::lighthouse:$region:$account:instance/$instanceId
      DisassociateInstancesKeyPairs qcs::lighthouse:$region:$account:instance/$instanceId
      qcs::lighthouse:$region:$account:keypair/$keypairId
      ModifyInstancesLoginKeyPairAttribute qcs::lighthouse:$region:$account:instance/$instanceId

      Image

      API Resource
      CreateBlueprint qcs::lighthouse:$region:$account:instance/$instanceId
      qcs::lighthouse:$region:$account:blueprint/*
      DeleteBlueprints qcs::lighthouse:$region:$account:blueprint/$blueprintId
      DescribeBlueprintInstances qcs::lighthouse:$region:$account:instance/$instanceId
      ModifyBlueprintAttribute qcs::lighthouse:$region:$account:blueprint/$blueprintId

      Bundle

      API Resource
      DescribeModifyInstanceBundles qcs::lighthouse:$region:$account:instance/$instanceId

      Billing

      API Resource
      InquirePriceRenewInstances qcs::lighthouse:$region:$account:instance/$instanceId
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2023 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy