Overview
Last updated: 2025-12-04 09:16:07
Introduction
Cloud Access Management (CAM) helps you securely manage permissions for most Tencent Cloud services. This document provides information on the products and services that support CAM in multiple dimensions, such as authorization granularity, console operation, authorization by tag, and reference documentation.
The table below lists Tencent Cloud services that support CAM.
Definitions:
Product: The name of Tencent Cloud services that support CAM. You can click on them to the corresponding service documentation for quick access to relevant information.
Abbreviation in CAM: Abbreviation of Tencent Cloud services that support CAM
Authorization granularity: The finest authorization granularity currently supported by the service.
Note:
Three authorization granularity levels are supported: service level, operation level, and resource level.
- Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service.
- Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
- Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.
Console: Whether sub-accounts can access the service through the console. "✓" means yes, while "-" means no.
Authorization by tag: Whether the service supports using tags for permission management. "✓" means yes, while "-" means no.
Reference document: Link to the document on CAM-based access control for the service. - means no documentation available yet.
Compute
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
|---|---|---|---|---|---|
| Auto Scaling | as | Resource level | Supported | Supported | Reference Document |
| BatchCompute | batch | Resource level | Supported | Supported | Reference Document |
| Cloud Dedicated Zone | cdz | Operation level | Supported | not supported | Reference Document |
| Cloud Virtual Machine | cvm | Resource level | Supported | Supported | Reference Document |
| Lighthouse | lighthouse | Resource level | Supported | Supported | Reference Document |
| TencentCloud Automation Tools | tat | Resource level | Supported | Supported | Reference Document |
| ## CDN and Edge platform | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| CDN | cdn | Resource level | Supported | Supported | Reference Document |
| Enterprise Content Delivery Network | ecdn | Resource level | Supported | Supported | Reference Document |
| Global Application Acceleration Platform | gaap | Resource level | Supported | Supported | Reference Document |
| ## Edge Computing | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Edge Computing Machine | ecm | Resource level | Supported | Supported | Reference Document |
| ## Container | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Tencent Cloud Mesh | tcm | Resource level | Supported | Supported | Reference Document |
| Tencent Container Registry | tcr | Resource level | Supported | Supported | Reference Document |
| tencent distributed cloud center | tdcc | Resource level | Supported | Supported | Reference Document |
| Tencent Kubernetes Engine | tke | Resource level | Supported | Supported | Reference Document |
| ## Distributed cloud | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Dedicated Cluster | cdc | Resource level | Supported | not supported | Reference Document |
| ## Microservice | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Tencent Cloud Elastic Microservice | tem | Resource level | Supported | Supported | Reference Document |
| ## Serverless | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| EventBridge | eb | Resource level | Supported | Supported | Reference Document |
| Serverless Cloud Function | scf | Resource level | Supported | Supported | Reference Document |
| ## Essential Storage Service | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud File Storage | cfs | Resource level | Supported | Supported | Reference Document |
| Cloud HDFS | chdfs | Resource level | Supported | Supported | Reference Document |
| COS | cos | Resource level | Supported | Supported | Reference Document |
| Data Accelerator Goose File System | goosefs | Resource level | Supported | Supported | Reference Document |
| ## Data Storage Service | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Infinite | ci | Resource level | Supported | Supported | Reference Document |
| Cloud Log Service | cls | Resource level | Supported | Supported | Reference Document |
| ## Data Migration | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Migration | cmg | Operation level | Supported | not supported | Reference Document |
| Cloud Migration | msp | Operation level | Supported | not supported | Reference Document |
| ## Relational Database | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Database | cdb | Resource level | Supported | Supported | Reference Document |
| Cloud Native Database TDSQL-C | cynosdb | Resource level | Supported | Supported | Reference Document |
| TencentDB For PostgreSQL | postgres | Resource level | Supported | Supported | Reference Document |
| TencentDB for SQL Server | sqlserver | Resource level | Supported | Supported | Reference Document |
| ## Relational database TDSQL | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| TDSQL for MySQL | dcdb | Resource level | Supported | Supported | Reference Document |
| ## NoSQL Database | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| TencentDB for CTSDB | ctsdb | Resource level | Supported | Supported | Reference Document |
| Cloud MongoDB | mongodb | Resource level | Supported | Supported | Reference Document |
| TencentDB for TcaplusDB | tcaplusdb | Resource level | Supported | Supported | Reference Document |
| ## Database SaaS Service | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| TencentDB for DBbrain | dbbrain | Resource level | Supported | not supported | Reference Document |
| Database Expert Service | dbexpert | Resource level | Supported | not supported | Reference Document |
| Database Management Console | dmc | Resource level | Supported | Supported | Reference Document |
| Data Transfer Service | dts | Resource level | Supported | Supported | Reference Document |
| ## Networking | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Loader Balance | clb | Resource level | Supported | Supported | Reference Document |
| Physical Direct Connect | dc | Resource level | Supported | Supported | Reference Document |
| vpc | vpc | Resource level | Supported | Supported | Reference Document |
| ## Network Security | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Firewall | cfw | Operation level | Supported | not supported | Reference Document |
| Tencent Cloud EdgeOne | teo | Resource level | Supported | Supported | Reference Document |
| ## Endpoint Security | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Workload Protection | cwp | Resource level | Supported | Supported | Reference Document |
| Tencent Container Security Service | tcss | Operation level | Supported | not supported | Reference Document |
| ## Data Security | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Operation and Maintenance Security Center (Bastion Host) | bh | Operation level | Supported | not supported | Reference Document |
| Data Security Governance Center | dsgc | Resource level | Supported | Supported | Reference Document |
| Key Management Service | kms | Resource level | Supported | Supported | Reference Document |
| Secrets Manager | ssm | Resource level | Supported | Supported | Reference Document |
| ## Business Security | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Audio Moderation System | ams | Operation level | Supported | not supported | Reference Document |
| captcha | captcha | Resource level | Supported | Supported | Reference Document |
| Customer Identity Access Management | ciam | Operation level | Supported | not supported | Reference Document |
| Image Moderation System | ims | Operation level | Supported | not supported | Reference Document |
| Risk Control Engine | rce | Operation level | Supported | not supported | Reference Document |
| Text Moderation System | tms | Operation level | Supported | not supported | Reference Document |
| Video Moderation System | vm | Operation level | Supported | not supported | Reference Document |
| ## Application Security | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Mobile Application Security | ms | Service level | Supported | not supported | Reference Document |
| Security Token Service | sts | Resource level | Supported | not supported | Reference Document |
| Vulnerability Scan Service | vss | Operation level | Supported | not supported | Reference Document |
| cloudWaf | waf | Resource level | Supported | Supported | Reference Document |
| ## Domains & Websites | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| dns | dnspod | Resource level | Supported | Supported | Reference Document |
| Domain | domain | Operation level | Supported | not supported | Reference Document |
| HTTPDNS | httpdns | Resource level | Supported | Supported | Reference Document |
| Private DNS | privatedns | Resource level | Supported | Supported | Reference Document |
| SSL Certification | ssl | Resource level | Supported | Supported | Reference Document |
| ## Big Data | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| bi | bi | Operation level | Supported | not supported | Reference Document |
| Cloud Data Warehouse ClickHouse | cdwch | Resource level | Supported | Supported | Reference Document |
| Cloud Data Warehouse PostgreSQL | cdwpg | Resource level | Supported | Supported | Reference Document |
| Data Lake Compute | dlc | Resource level | Supported | Supported | Reference Document |
| Elasticsearch MapReduce | emr | Resource level | Supported | Supported | Reference Document |
| Elasticsearch Service | es | Resource level | Supported | Supported | Reference Document |
| Oceanus stream computing | oceanus | Resource level | Supported | Supported | Reference Document |
| WeData | wedata | Resource level | Supported | Supported | Reference Document |
| ## AI Application | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| FaceFusion | facefusion | Operation level | Supported | not supported | Reference Document |
| ## Voice Technology | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Automatic Speech Recognition | asr | Resource level | Supported | Supported | Reference Document |
| TextToSpeech | tts | Operation level | Supported | not supported | Reference Document |
| ## AI Platform | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Image Content Generate | aiart | Operation level | Supported | not supported | Reference Document |
| Tencent Cloud AI Digital Human | ivh | Operation level | Supported | not supported | Reference Document |
| ## Natural Language Processing | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| TMT | tmt | Operation level | Supported | not supported | Reference Document |
| ## Tencent Big Model | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| LLM Knowledge Engine Basic API | lkeap | Operation level | Supported | not supported | Reference Document |
| ## Optical Character Recognition | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| OCR | ocr | Resource level | Supported | not supported | Reference Document |
| ## Middleware | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| CKafka | ckafka | Resource level | Supported | Supported | Reference Document |
| Cloud Message Queue | cmq | Resource level | Supported | not supported | Reference Document |
| RabbitMQ Serverless | trabbit | Resource level | Supported | Supported | Reference Document |
| RocketMQ | trocket | Resource level | Supported | Supported | Reference Document |
| ## Communication | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| IM | im | Resource level | Supported | Supported | Reference Document |
| Simple Email Service-ses | ses | Resource level | Supported | Supported | Reference Document |
| Short Message Service | sms | Resource level | Supported | Supported | Reference Document |
| Tencent Push Notification Service | tpns | Resource level | Supported | Supported | Reference Document |
| ## Real-Time Interaction | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Low-code interactive classroom | lcic | Operation level | Supported | not supported | Reference Document |
| Remote Real-time Operation | trro | Operation level | Supported | not supported | Reference Document |
| Tencent Real-Time Communication | trtc | Resource level | Supported | Supported | Reference Document |
| ## Video Service | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| StreamLink | mdc | Operation level | Supported | not supported | Reference Document |
| StreamLive | mdl | Operation level | Supported | not supported | Reference Document |
| StreamPackage | mdp | Operation level | Supported | not supported | Reference Document |
| ## Media On-Demand | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| VOD | vod | Resource level | Supported | Supported | Reference Document |
| ## Media Process | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Media Processing Service | mps | Resource level | Supported | Supported | Reference Document |
| ## Cloud Real-time Rendering | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Application Rendering | car | Operation level | Supported | not supported | Reference Document |
| ## Game Services | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Game Multimedia Engine | gme | Resource level | Supported | Supported | Reference Document |
| ## Education Sevices | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Tencent Interactive Whiteboard | tiw | Resource level | Supported | Supported | Reference Document |
| ## Cloud Resource Management | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Tencent Cloud Smart Advisor | advisor | Resource level | Supported | Supported | Reference Document |
| Cloud API | api | Operation level | Supported | not supported | Reference Document |
| Identity Aware Platform | iap | Operation level | Supported | not supported | Reference Document |
| Tencent Cloud Super App as a Service | tcmpp | Operation level | Supported | not supported | Reference Document |
| Tencent Cloud Super App as a Service | tcsas | Operation level | Supported | not supported | Reference Document |
| ## Developer Tools | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Application | cloudapp | Operation level | Supported | not supported | Reference Document |
| ## Monitor and Operation | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Application Performance Management | apm | Resource level | Supported | Supported | Reference Document |
| cat | cat | Operation level | Supported | not supported | Reference Document |
| Performance Test Service | pts | Resource level | Supported | Supported | Reference Document |
| Real User Monitoring | rum | Resource level | Supported | Supported | Reference Document |
| ## APIs and Tools | |||||
| Product | Abbreviation in CAM | Authorization Granularity | Console | Authorize by Tag | Reference Document |
| --------- | --------- | --------- | --------- | --------- | --------- |
| Cloud Access Management | cam | Operation level | Supported | not supported | Reference Document |
| Cloud Audit | cloudaudit | Operation level | Supported | not supported | Reference Document |
| Control Center | controlcenter | Resource level | Supported | not supported | Reference Document |
| Tencent Cloud Organization | organization | Operation level | Supported | not supported | Reference Document |
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback