tencent cloud


Access Management

Last updated: 2022-03-18 16:14:42

    What permissions are needed to upload a file?

    VOD offers multiple upload methods such as upload from server, upload from client, pull from URL. The permissions required for each method are as follows:

    Upload Method Permission to Resources Permission to Operations Remarks
    Upload from server Specified subapplication ApplyUpload
    Upload from client Specified subapplication ApplyUpload
    Pull from URL Specified subapplication PullUpload -
    LVB recording All subapplications - The LVB recording feature needs to be enabled

    Local upload of videos in the VOD console is a form of upload from client.

    A "no permission" error is returned for upload from server, but upload through other methods can succeed. Why?

    This is probably because the server SDK is too old. Please upgrade the SDK to the latest version.

    What permission is needed to watch videos?

    To watch a video is essentially to make a request to VOD CDN as an ordinary viewer rather than a Tencent Cloud account, so you do not need to grant a viewer any permissions (if hotlink protection or video encryption is enabled, the conditions as described in applicable documents must be met before the video can be watched, but these are irrelevant to access control).

    Can permissions to an individual file be granted?

    No. The resource granularity of VOD access control is subapplication.

    What if permission settings are in conflicts?

    The possible reasons of conflicts are as follows:

    • A custom policy contains multiple statements where there are conflicting descriptions (for example, one statement allows access to a resource, but another one denies such access).
    • A sub-user is bound to multiple policies where there are conflicting descriptions.

    As VOD permission management is based on CAM, VOD permissions are determined in accordance with the policy judgment logic of CAM.

    Does VOD support cross-account resource access?

    Cross-account resource access refers to that root account A grants all or some of its VOD permissions to root account B (or its sub-accounts), that is, the grantor and grantee are two independent Tencent Cloud accounts. VOD does not support cross-account resource access, i.e., a Tencent Cloud account can only grant VOD permissions to its own sub-accounts.

    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support