Product Introduction
Purchase Guide
Getting Started
User Guide
- Overview
- Users
- Access Key
- User Groups
- Role
- Identity Provider
- Policies
- Permissions Boundary
- Troubleshooting
- Downloading Security Analysis Report
CAM-Enabled Role
- Overview
- Compute
- Container
- Microservice
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Database SaaS Service
- Networking
- CDN and Acceleration
- Network Security
- Data Security
- Application Security
- Domains & Websites
- Big Data
- Tencent Big Model
- Middleware
- Interactive Video Services
- Real-Time Interaction
- Media On-Demand
- Media Process Services
- Media Process
- Cloud Real-time Rendering
- Game Services
- Cloud Resource Management
- Management and Audit Tools
- Developer Tools
- Monitor and Operation
- More
CAM-Enabled API
- Overview
- Compute
- Edge Computing
- Container
- Distributed cloud
- Microservice
- Serverless
- Essential Storage Service
- Data Process and Analysis
- Data Migration
- Relational Database
- Enterprise Distributed DBMS
- NoSQL Database
- Database SaaS Tool
- Networking
- CDN and Acceleration
- Network Security
- Endpoint Security
- Data Security
- Business Security
- Application Security
- Domains & Websites
- Office Collaboration
- Big Data
- Voice Technology
- Image Creation
- Tencent Big Model
- AI Platform Service
- Natural Language Processing
- Optical Character Recognition
- Middleware
- Communication
- Interactive Video Services
- Real-Time Interaction
- Stream Services
- Media On-Demand
- Media Process Services
- Media Process
- Cloud Real-time Rendering
- Game Services
- Education Sevices
- Medical Services
- Cloud Resource Management
- Management and Audit Tools
- Developer Tools
- Monitor and Operation
- More
Use Cases
- Security Practical Tutorial
- Multi-Identity Personnel Permission Management
- Authorizing Certain Operations by Tag
- Supporting Isolated Resource Access for Employees
- Enterprise Multi-Account Permissions Management
- Reviewing Employee Operation Records on Tencent Cloud
- Implementing Attribute-Based Access Control for Employee Resource Permissions Management
- During tag-based authentication, only tag key matching is supported
Business Use Cases
- TencentDB for MySQL
- CLB
- CMQ
- COS
- CVM
- VPC
- VOD
- Others
API Documentation
- History
- Introduction
- API Category
- Making API Requests
- User APIs
- Policy APIs
- Role APIs
- Identity Provider APIs
- Data Types
- Error Codes
FAQs
Glossary

Authorizing Cross-Account ’s Sub-account Read/Write Access to Specified File

Download

Focus Mode

Font Size

Last updated: 2024-01-23 18:02:53

The enterprise account, CompanyGranter (ownerUin: 12345678; appID: 1250000000), has an object, Object1, that is located in the dir1 directory of the Bucket1 bucket in the Guangzhou region. The sub-account of another enterprise account, CompanyGrantee (ownerUin: 87654321), requires read/write permission for Object1.
This involves permission propagation.
Step 1: CompanyGrantee creates the following policy according to policy syntax.
 {
    "version": "2.0",
    "statement":[
     {
         "effect": "allow",
         "action": "cos:*",
         "resource": "qcs::cos:ap-shanghai:uid/1250000000:Bucket1-1250000000/dir1/Object1"
     }
    ]
}
Step 2: associate the sub-account with the policy. To learn how to associate a policy with a user account, see Authorization Management.
Step 3: the CompanyGranter enterprise account grants CompanyGrantee enterprise account access to Object1 by configuring the policy and ACL in the COS Console. For more information, see COS documentation.

Help and Support

Was this page helpful?

You can also Contact sales or Submit a Ticket for help.

Help us improve! Rate your documentation experience in 5 mins.

Feedback

tencent cloud

Cloud Access Management

Authorizing Cross-Account ’s Sub-account Read/Write Access to Specified File

Help and Support