This document describes how to use a Tencent Cloud root account to grant operation-level permissions to its sub-accounts. You may grant different read/write permissions to sub-accounts as needed.
Prerequisites
A sub-account has been created for an employee using the Tencent Cloud root account. For detailed operations, see Creating a Sub-account.
Operation Steps
Granting Full Read/Write Permissions
Note:
After being granted the full read/write permissions, a sub-account will have full read/write permissions for all resources under the root account.
2. In the left sidebar, select Policies to go to the Policy Management page. Enter Full Read/Write Permissions Policy in the search bar on the right to search for it. The policy name is as follows:
4.x: QcloudTDMQFullAccess
5.x: QcloudTrocketFullAccess
3. In the search results, click Associate User/Group/Role in the operation column and select the sub-account to be authorized.
4. Click OK to complete the authorization. This policy will appear in the user's policy list.
Granting Read-Only Permissions
Note
After being granted the read-only permission, a sub-account will have the read-only permission for all resources under the root account.
2. In the left sidebar, select Policies to go to the Policy Management page. In the search bar on the right, enter Read-Only Access Policy to search for it. The policy name is as follows:
4.x: QcloudTDMQReadOnlyAccess
5.x: QcloudTrocketReadOnlyaccess
3. In the search results, click Associate User/Group/Role in the operation column and select the sub-account to be authorized.
4. Click OK to complete the authorization. This policy appears in the user's policy list.
