tencent cloud

Tencent Cloud TCHouse-C

DocumentationTencent Cloud TCHouse-COperation GuideCAMGranularity Details for API Authorization of TCHouse-C Cloud Data Warehouse Accessing CAM

Granularity Details for API Authorization of TCHouse-C Cloud Data Warehouse Accessing CAM

Download
Focus Mode
Font Size
Last updated: 2026-05-27 10:19:47
API authorization granularity is divided into two levels: resource-level and operation-level.
Resource-level API: This type of API supports authorization for a specific resource.
Operation-level API: This type of API does not support authorization for a specific resource. If the policy syntax specifies a concrete resource during authorization, CAM determines that this API is out of scope and denies permission.
The details of API authorization granularity for Tencent Cloud TCHouse-C's integration with CAM are as follows:

Read Operations

API Name
API Description
Authorization Granularity
6-Segment Resource Format
DescribeInstances
Get cluster instance list
Resource level
qcs::cdwch:$region:$account:cdwchInstance/*
DescribeInstance
Get Instance Details
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$cdwchInstanceId
DescribeMetricMeta
Get Instance Monitoring Metadata
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$cdwchInstanceId
DescribeMetricData
Get Monitoring Chart Data
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$cdwchInstanceId
DescribeOverviewData
Get Monitoring Overview Data
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$cdwchInstanceId
DescribeInstanceNodes
Get Cluster Node List
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$cdwchinstanceId
DescribeInstanceState
Get Cluster Instance Status
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$InstanceId
DescribeGoodsDetail
Generate GoodsDetail and the GoodsDetail structure for billing-related APIs
Operation level
-
DescribeSpec
Get Cluster Specifications
Operation level
-
DescribeInstanceOperations
Get Cluster Operation List
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$InstanceId
DescribeInstanceConfigs
Get Parameter List
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$InstanceId
DescribeBackUpJob
Get Backup Job List
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}
DescribeBackUpJobDetail
Get Backup Job Details
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}
DescribeBackUpTables
Get Backupable Table Information
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}
DescribeBackUpSchedule
Get Backup Policy Information
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}
DescribeCNInstances
Get cluster instance list
Resource level
qcs::cdwch:${region}:uin/${uin}:cdwchInstance/*
DescribeInstanceMonitorPort
Get Monitoring IP address Port
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}

Write Operations

API Name
API Description
Authorization Granularity
6-Segment Resource Format
ModifyInstance
Modify Cluster Instance Information
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$InstanceId
ModifyInstanceConfigs
Modify Cluster Configuration API
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$InstanceId
TerminateInstance
Returning Instances
Resource level
qcs::cdwch:$region:$account:cdwchInstance/$InstanceId
OpenBackUp
Enable or disable a policy
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}
DeleteBackUpData
Delete backup data
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}
RecoverBackUpJob
Backup and recovery
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}
CreateBackUpSchedule
Create or modify a backup policy
Resource level
qcs::${ApiModule}:${Region}:uin/:cdwchInstance/${InstanceId}

Previous Topic: Policy StructureNext Topic: Parameter Configuration

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback