tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Cloud Access Management
    Documentation

    Virtual Private Cloud

    Last updated: 2024-05-02 09:11:52

      Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.

      Product Role Name Role Types Role Entity
      vpc VPC_QCSLinkedRoleInEipTat Service-Related Roles eiptat.vpc.cloud.tencent.com
      vpc VPC_QCSLinkedRoleInSnapshot Service-Related Roles snapshot.vpc.cloud.tencent.com
      vpc VPC_QCSLinkedRoleInVpcflowlog Service-Related Roles vpcflowlog.vpc.cloud.tencent.com
      vpc VPC_QCSLinkedRoleInPrivateLink Service-Related Roles privatelink.vpc.cloud.tencent.com
      vpc VPC_QCSLinkedRoleInFlowLogAdvanceAnalysis Service-Related Roles flowlogadvanceanalysis.vpc.cloud.tencent.com

      VPC_QCSLinkedRoleInEipTat

      Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
      Authorization Polices

      • Policy Name: QcloudAccessForVpcLinkedRoleInEipTat
      • Policy Information:
      {
    "statement": [
        {
            "action": [
                "tat:DescribeCommands",
                "tat:DescribeInvocations",
                "tat:DescribeInvocationTasks",
                "tat:CreateCommand",
                "tat:DeleteCommand",
                "tat:InvokeCommand",
                "tat:RunCommand"
            ],
            "effect": "allow",
            "resource": [
                "*"
            ]
        }
    ],
    "version": "2.0"
}

      VPC_QCSLinkedRoleInSnapshot

      Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
      Authorization Polices

      • Policy Name: QcloudAccessForVPCLinkedRoleInSnapshot
      • Policy Information:
      {
    "version": "2.0",
    "statement": [
        {
            "effect": "allow",
            "action": [
                "cos:GetService",
                "cos:HeadBucket",
                "cos:GetBucket",
                "cos:PutBucket",
                "cos:ListMultipartUploads",
                "cos:GetObject*",
                "cos:HeadObject",
                "cos:GetBucketObjectVersions",
                "cos:OptionsObject",
                "cos:ListParts",
                "cos:DeleteObject",
                "cos:PostObject",
                "cos:PostObjectRestore",
                "cos:PutObject*",
                "cos:InitiateMultipartUpload",
                "cos:UploadPart",
                "cos:UploadPartCopy",
                "cos:CompleteMultipartUpload",
                "cos:AbortMultipartUpload",
                "cos:DeleteMultipleObjects",
                "cos:AppendObject"
            ],
            "resource": "*"
        }
    ]
}

      VPC_QCSLinkedRoleInVpcflowlog

      Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
      Authorization Polices

      • Policy Name: QcloudAccessForVPCLinkedRoleInVpcflowlog
      • Policy Information:
      {
    "version": "2.0",
    "statement": [
        {
            "effect": "allow",
            "resource": [
                "*"
            ],
            "action": [
                "ckafka:DescribeInstances",
                "ckafka:DescribeTopic",
                "ckafka:DescribeRoute",
                "ckafka:DeleteRoute",
                "ckafka:DescribeInstanceAttributes",
                "ckafka:DescribeInstancesDetail",
                "ckafka:CreateRoute"
            ]
        }
    ]
}

      Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
      Authorization Polices

      • Policy Name: QcloudAccessForVPCLinkedRoleInPrivateLink
      • Policy Information:
      {
    "version": "2.0",
    "statement": [
        {
            "action": [
                "redis:DescribeInstances",
                "cdb:DescribeDBInstances",
                "clb:DescribeGatewayLoadBalancers"
            ],
            "resource": "*",
            "effect": "allow"
        }
    ]
}

      VPC_QCSLinkedRoleInFlowLogAdvanceAnalysis

      Use Cases: The current role is the VPC service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
      Authorization Polices

      • Policy Name: QcloudAccessForVPCRoleInFlowLogAdvanceAnalysis
      • Policy Information:
      {
    "version": "2.0",
    "statement": [
        {
            "action": [
                "cls:DescribeLogsets",
                "cls:CreateLogset",
                "cls:CreateTopic",
                "cls:DescribeTopics",
                "cls:DeleteTopic",
                "cls:DescribeIndex",
                "cls:ModifyIndex",
                "cls:CreateIndex",
                "cls:DeleteIndex",
                "cls:GetDashboard",
                "cls:CreateDashboard",
                "cls:DeleteDashboard",
                "cls:ModifyDashboard",
                "cls:ListDashboard",
                "cls:pushLog"
            ],
            "resource": "*",
            "effect": "allow"
        }
    ]
}
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy