TencentDB for CTSDB
Last updated: 2025-11-08 09:58:06
Fundamental information
| Product | Abbreviation in CAM | Console | Authorization by Tag | Authorization Granularity | IP Restriction |
|---|---|---|---|---|---|
| TencentDB for CTSDB | ctsdb | Supported | Supported | Resource level | Partially supported |
Note:
The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.
- Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
- Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
- Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.
API authorization granularity
Two authorization granularity levels of API are supported: resource level, and operation level.
- Resource level: It supports the authorization of a specific resource.
- Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.
Write operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| AssociateSecurityGroups | AssociateSecurityGroups | Operation level | * | Supported |
| CreateCluster | create ctsdb instance | Operation level | * | Supported |
| CreateComponent | create component | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| CreateDatabase | create database for instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| CreateHourResource | create post pay instance | Operation level | * | not supported |
| CreateUser | CreateUser | Resource level | qcs::ctsdb::uin/${uin}:instance/${instance} | Supported |
| DeleteUser | DeleteUser | Resource level | qcs::ctsdb:${Region}:uin/${uin}:instance/${instance} | Supported |
| DestroyCluster | destroy ctsdb instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DestroyComponent | destroy component for instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DestroyDatabase | destroy database for instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DisableAutoscale | disable autoscale | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DisassociateSecurityGroups | DisassociateSecurityGroups | Operation level | * | Supported |
| EnableAutoscale | enable autoscale | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| GrantUser | GrantUser | Resource level | qcs::ctsdb::uin/${uin}:instance/${instance} | Supported |
| InitDBInstance | Initialize the database instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| ModifyAccountPassword | modify account password for instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| ModifyCluster | modify cluster info | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| ModifyClusterSecurity | modify instance security group | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| ModifyComponent | modify component | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| ModifyDBInstanceName | Modify the name of database instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| ModifyDBInstanceProject | Modify the project to which the database instance belongs | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| ModifyDBInstanceUserPassword | ModifyDBInstanceUserPassword | Operation level | * | not supported |
| ModifyDatabase | modify database for instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| ModifyHourResource | modify post pay resource | Operation level | * | not supported |
| RecycleDBInstance | Recycling the database instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| SetRenewFlag | config auto renew flag | Operation level | * | not supported |
| SetUserPassword | SetUserPassword | Resource level | qcs::ctsdb:${Region}:uin/${uin}:instance/${instance} | Supported |
| UpdateUser | UpdateUser | Resource level | qcs::ctsdb:${Region}:uin/${uin}:instance/${instance} | Supported |
Read operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| DescribeAccessPool | show access pool info | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DescribeBackupRules | describe backup rules | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DescribeClusters | List of description instances | Operation level | * | Supported |
| DescribeDBInstanceMetricInfo | Querying Metric Information in a Database Instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| DescribeDBInstanceMetricList | Query the list of metrics in database instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| DescribeDBInstanceMetricQuery | Describe the database instance metric query | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| DescribeFeatureSupport | DescribeFeatureSupport | Resource level | qcs::ctsdb:${Region}:uin/${uin}:instance/${instance} | Supported |
| DescribePublicKey | DescribePublicKey | Operation level | * | Supported |
| DescribeSaleSpec | Querying Database Instance Specifications Available for Sale | Operation level | * | not supported |
| DescribeSaleSpecs | describe sale specs | Operation level | * | Supported |
| DescribeSaleZone | Query areas where database instances can be sold | Operation level | * | not supported |
| DescribeShrinkableDBInstanceNode | DescribeShrinkableDBInstanceNode | Operation level | * | Supported |
| DescribeUsers | DescribeUsers | Resource level | qcs::ctsdb:${Region}:uin/${uin}:instance/${instance} | Supported |
List Operations
| API | API Description | Authorization Granularity | Six-segment Resource Description | IP Restriction |
|---|---|---|---|---|
| DescribeAccounts | show account list for instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DescribeBackups | describe backup list | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| DescribeCommonDBInstance | DescribeCommonDBInstance | Operation level | * | Supported |
| DescribeDBInstances | List of description instances | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/$instanceId | not supported |
| DescribeDBInstancesWithSecurityGroup | DescribeDBInstancesWithSecurityGroup | Operation level | * | Supported |
| DescribeDatabases | show database list for instance | Resource level | qcs::ctsdb:${region}:uin/${uin}:instance/${instance} | Supported |
| GetProductRegions | GetProductRegions | Operation level | * | Supported |
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback