tencent cloud

Feedback

Cloud Data Warehouse for PostgreSQL

Last updated: 2024-11-08 09:53:01

    Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.

    Product Role Name Role Types Role Entity
    Cloud Data Warehouse PostgreSQL CDWPG_QCSLinkedRoleInPGCOS Service-Related Roles pgcos.cdwpg.cloud.tencent.com
    Cloud Data Warehouse PostgreSQL CDWPG_QCSLinkedRoleInPGKMS Service-Related Roles pgkms.cdwpg.cloud.tencent.com

    CDWPG_QCSLinkedRoleInPGCOS

    Use Cases: The current role is the CDWPG service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
    Authorization Polices

    • Policy Name: QcloudAccessForCDWPGLinkedRoleInPGCOS
    • Policy Information:
    {
        "version": "2.0",
        "statement": [
            {
                "effect": "allow",
                "action": [
                    "cos:AbortMultipartUpload",
                    "cos:GetBucket",
                    "cos:GetBucketACL",
                    "cos:GetBucketAccelerate",
                    "cos:GetBucketCORS",
                    "cos:GetBucketDomain",
                    "cos:GetBucketEncryption",
                    "cos:GetBucketIntelligentTiering",
                    "cos:GetBucketInventory",
                    "cos:GetBucketLifecycle",
                    "cos:GetBucketLocation",
                    "cos:GetBucketLogging",
                    "cos:GetBucketNotification",
                    "cos:GetBucketObjectVersions",
                    "cos:GetBucketOrigin",
                    "cos:GetBucketPolicy",
                    "cos:GetBucketReferer",
                    "cos:GetBucketReplication",
                    "cos:GetBucketTagging",
                    "cos:GetBucketVersionAcl",
                    "cos:GetBucketVersioning",
                    "cos:GetBucketWebsite",
                    "cos:GetObject",
                    "cos:GetObjectACL",
                    "cos:DeleteObject",
                    "cos:DeleteMultipleObjects",
                    "cos:GetObjectTagging",
                    "cos:GetObjectVersionAcl",
                    "cos:GetService",
                    "cos:HeadBucket",
                    "cos:HeadObject",
                    "cos:ListMultipartUploads",
                    "cos:ListParts",
                    "cos:OptionsObject",
                    "cos:AppendObject",
                    "cos:CompleteMultipartUpload",
                    "cos:InitiateMultipartUpload",
                    "cos:PostObject",
                    "cos:PostObjectRestore",
                    "cos:PutBucket",
                    "cos:PutBucketEncryption",
                    "cos:PutBucketIntelligentTiering",
                    "cos:PutBucketInventory",
                    "cos:PutBucketLifecycle",
                    "cos:PutBucketLogging",
                    "cos:PutBucketReplication",
                    "cos:PutBucketVersioning",
                    "cos:PutObject",
                    "cos:PutObjectCopy",
                    "cos:PutObjectTagging",
                    "cos:UploadPart",
                    "cos:UploadPartCopy",
                    "chdfs:DescribeMountPoint",
                    "chdfs:DescribeFileSystem",
                    "chdfs:DescribeAccessGroups",
                    "chdfs:DescribeAccessRules",
                    "chdfs:ModifyFileSystem",
                    "chdfs:ModifyAccessRules",
                    "chdfs:CreateAccessGroup",
                    "chdfs:CreateAccessRules",
                    "chdfs:AssociateAccessGroups",
                    "chdfs:DisassociateAccessGroups",
                    "chdfs:DeleteAccessGroup",
                    "chdfs:DeleteAccessRules",
                    "chdfs:DescribeFileSystems",
                    "chdfs:DescribeMountPoints"
                ],
                "resource": [
                    "*"
                ]
            }
        ]
    }
    

    CDWPG_QCSLinkedRoleInPGKMS

    Use Cases: The current role is the CDWPG service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
    Authorization Polices

    • Policy Name: QcloudAccessForCDWPGLinkedRoleInPGKMS
    • Policy Information:
    {
        "version": "2.0",
        "statement": [
            {
                "action": [
                    "kms:ListKeyDetail",
                    "kms:CreateKey",
                    "kms:GenerateDataKey",
                    "kms:Decrypt",
                    "kms:BindCloudResource",
                    "kms:UnbindCloudResource"
                ],
                "resource": "*",
                "effect": "allow"
            }
        ]
    }
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support