Cloud Data Warehouse for PostgreSQL
Last updated: 2025-12-04 09:16:17
Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.
| Product | Role Name | Role Types | Role Entity |
|---|---|---|---|
| Cloud Data Warehouse PostgreSQL | CDWPG_QCSLinkedRoleInPGCOS | Service-Related Roles | pgcos.cdwpg.cloud.tencent.com |
| Cloud Data Warehouse PostgreSQL | CDWPG_QCSLinkedRoleInPGKMS | Service-Related Roles | pgkms.cdwpg.cloud.tencent.com |
CDWPG_QCSLinkedRoleInPGCOS
Use Cases: The current role is the CDWPG service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
- Policy Name: QcloudAccessForCDWPGLinkedRoleInPGCOS
- Policy Information:
{ "version": "2.0", "statement": [ { "effect": "allow", "action": [ "cos:AbortMultipartUpload", "cos:GetBucket", "cos:GetBucketACL", "cos:GetBucketAccelerate", "cos:GetBucketCORS", "cos:GetBucketDomain", "cos:GetBucketEncryption", "cos:GetBucketIntelligentTiering", "cos:GetBucketInventory", "cos:GetBucketLifecycle", "cos:GetBucketLocation", "cos:GetBucketLogging", "cos:GetBucketNotification", "cos:GetBucketObjectVersions", "cos:GetBucketOrigin", "cos:GetBucketPolicy", "cos:GetBucketReferer", "cos:GetBucketReplication", "cos:GetBucketTagging", "cos:GetBucketVersionAcl", "cos:GetBucketVersioning", "cos:GetBucketWebsite", "cos:GetObject", "cos:GetObjectACL", "cos:DeleteObject", "cos:DeleteMultipleObjects", "cos:GetObjectTagging", "cos:GetObjectVersionAcl", "cos:GetService", "cos:HeadBucket", "cos:HeadObject", "cos:ListMultipartUploads", "cos:ListParts", "cos:OptionsObject", "cos:AppendObject", "cos:CompleteMultipartUpload", "cos:InitiateMultipartUpload", "cos:PostObject", "cos:PostObjectRestore", "cos:PutBucket", "cos:PutBucketEncryption", "cos:PutBucketIntelligentTiering", "cos:PutBucketInventory", "cos:PutBucketLifecycle", "cos:PutBucketLogging", "cos:PutBucketReplication", "cos:PutBucketVersioning", "cos:PutObject", "cos:PutObjectCopy", "cos:PutObjectTagging", "cos:UploadPart", "cos:UploadPartCopy", "chdfs:DescribeMountPoint", "chdfs:DescribeFileSystem", "chdfs:DescribeAccessGroups", "chdfs:DescribeAccessRules", "chdfs:ModifyFileSystem", "chdfs:ModifyAccessRules", "chdfs:CreateAccessGroup", "chdfs:CreateAccessRules", "chdfs:AssociateAccessGroups", "chdfs:DisassociateAccessGroups", "chdfs:DeleteAccessGroup", "chdfs:DeleteAccessRules", "chdfs:DescribeFileSystems", "chdfs:DescribeMountPoints" ], "resource": [ "*" ] } ] }
CDWPG_QCSLinkedRoleInPGKMS
Use Cases: The current role is the CDWPG service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices
- Policy Name: QcloudAccessForCDWPGLinkedRoleInPGKMS
- Policy Information:
{ "version": "2.0", "statement": [ { "action": [ "kms:ListKeyDetail", "kms:CreateKey", "kms:GenerateDataKey", "kms:Decrypt", "kms:BindCloudResource", "kms:UnbindCloudResource" ], "resource": "*", "effect": "allow" } ] }
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback