Product Introduction
Purchase Guide
Getting Started
User Guide
- Overview
- Users
- Access Key
- User Groups
- Role
- Identity Provider
- Policies
- Permissions Boundary
- Troubleshooting
- Downloading Security Analysis Report
CAM-Enabled Role
- Overview
- Compute
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Database SaaS Service
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Tencent Big Model
- Middleware
- Interactive Video Services
- Real-Time Interaction
- Media On-Demand
- Media Process Services
- Media Process
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Developer Tools
- Monitor and Operation
- More
CAM-Enabled API
- Overview
- Compute
- Edge Computing
- Container
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Endpoint Security
- Data Security
- Business Security
- Application Security
- Domains & Websites
- Office Collaboration
- Big Data
- Voice Technology
- Image Creation
- Tencent Big Model
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Middleware
- Communication
- Interactive Video Services
- Real-Time Interaction
- Stream Services
- Media On-Demand
- Media Process Services
- Media Process
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Medical Services
- Cloud Resource Management
- Management and Audit Tools
- Developer Tools
- Monitor and Operation
- More
Use Cases
- Security Practical Tutorial
- Multi-Identity Personnel Permission Management
- Authorizing Certain Operations by Tag
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Reviewing Employee Operation Records on Tencent Cloud
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- During tag-based authentication, only tag key matching is supported
Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- CVM
- VPC
- VOD
- Others
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- User APIs
- Policy APIs
- Role APIs
- Identity Provider APIs
- Data Types
- Error Codes
FAQs
Glossary

Authorizing Sub-account Full Access to Specific Directory

Focus Mode

Font Size

Last updated: 2024-01-23 18:02:53

The enterprise account, CompanyExample (ownerUin: 12345678; appID: 1250000000), has a sub-account, Developer, that requires full access permissions to the dir1 directory of the Bucket1 bucket of the COS service in Shanghai region under the CompanyExample enterprise account.
Solution A:
Step 1: create the following policy by using policy syntax.
{
    "version": "2.0",
    "statement":[
     {
         "effect": "allow",
         "action": "cos:*",
         "resource": ["qcs::cos:ap-shanghai:uid/1250000000:Bucket1-1250000000/dir1/*",
                    "qcs::cos:ap-shanghai:uid/1250000000:Bucket1-1250000000/dir1"]
     }
   ]
}
Step 2: associate the sub-account with the policy. To learn how to associate a policy with a user account, see Authorization Management.
Solution B:
Configure the policy and ACL in the COS Console. For more information, see the COS documentation.

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Cloud Access Management

Authorizing Sub-account Full Access to Specific Directory

Help and Support