tencent cloud

Overview
Download PDF
Last updated: 2025-03-20 19:21:45
Overview
Last updated: 2025-03-20 19:21:45
Download PDF
If you have multiple users managing the APM service, and they all share your Tencent Cloud account access key, you may face the following problems:
Your key will be easily compromised because it is shared by several users.
You cannot restrict the access from other users and your service will be vulnerable to the security risks caused by their maloperations.
You can avoid the above problems by allowing different users to manage different services through sub-accounts. By default, sub-accounts have no permissions to use APM. Therefore, you need to create a policy to grant different permissions to sub-accounts.

Overview

Cloud Access Management (CAM) is a Tencent Cloud web service that helps you securely manage and control access to your Tencent Cloud resources. CAM allows you to create, manage, or terminate users (groups), and control who have access to which Tencent Cloud resources based on identity and policy management.
When using CAM, you can associate a policy with a user or user group to allow or forbid them to use specified resources to complete specified tasks. For more information on CAM policies, see Syntax Logic. For more information on how to use CAM policies, see Concepts.

Authorization method

Sub-users have no application performance monitoring permissions by default. The root account needs to grant sub-users relevant permissions before they can access application performance monitoring (APM) normally.

Grant APM Preset Policy

APM creates the preset policies QcloudAPMFullAccess (full read-write access to APM) and QcloudAPMReadOnlyFullAccess (read-only access to APM) by default. You can quickly perform preset policy authorization by searching for the policy name. For more information, see grant permissions.
In most usage scenarios, you only need to grant sub-users the APM preset policy to allow them to access application performance monitoring (APM) normally.

Grant a Custom Policy

If you need to perform refined authorization based on specific res
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No

Feedback