tencent cloud

Granting Operation-Level Permission to Sub-account
Download PDF
Last updated:2026-01-05 10:03:13
Granting Operation-Level Permission to Sub-account
Last updated: 2026-01-05 10:03:13
Download PDF

Scenarios

This document introduces how to use a Tencent Cloud root account to grant operation-level permissions to sub-accounts. You may grant different read/write permissions to sub-accounts as needed.

Prerequisites

You have created sub-accounts for employees using the Tencent Cloud root account. For detailed operations, see Creating a Sub-account.

Operation Steps

Granting Full Read/Write Permissions

Note:
After being granted the full read/write permissions, the sub-accounts will have full read/write capabilities for all resources under the root account.
1. Use the root account to log in to the Cloud Access Management (CAM) console.
2. In the left sidebar, select Policy to go to the policy management list page. In the right search bar, enter Full Read-Write Permission Policy to search. The policy name is as follows:
Managed Edition: QcloudTDMQFullAccess.
Serverless Edition: QcloudTrabbitFullAccess.

3. In the search results, click Associate User/Group/Role in the Operation column and select the sub-accounts to be authorized.

4. Click OK to complete the authorization. This policy will be displayed in the user's policy list.


Granting Read-Only Permissions

Note:
After being granted the read-only permissions, the sub-accounts will have the read-only capability for all resources under the root account.
1. Use the root account to log in to the Cloud Access Management (CAM) console.
2. In the left sidebar, select Policy to go to the policy management list page. In the right search bar, enter Read-Only Access Policy to search. The policy name is as follows:
Managed Edition: QcloudTDMQReadOnlyAccess.
Serverless Edition: QcloudTrabbitReadOnlyaccess.

3. In the search results, click Associate User/Group/Role in the Operation column and select the sub-accounts to be authorized.

4. Click OK to complete the authorization. This policy will be displayed in the user's policy list.


Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback