tencent cloud

Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.

FINANCE_QCSLinkedRoleInModifyInstancesOwner

Use Cases： The current role is the Finance service linked role, which will access your other service resources within the scope of the permissions of the associated policy.
Authorization Polices

• Policy Name： QcloudAccessForFinanceLinkedRoleInModifyInstancesOwner
• Policy Information：

  {
    "version": "2.0",
    "statement": [
        {
            "effect": "allow",
            "action": [
                "ssl:ModifyCertificateProject",
                "ssl:DescribeCertificate",
                "tag:UnTagResources",
                "tag:DescribeResourceTags",
                "tag:TagResources",
                "tag:AddProject",
                "tag:UpdateProject",
                "cdb:ModifyDBInstanceSecurityGroups",
                "cdb:DescribeDBSecurityGroups",
                "cdb:ModifyDBInstanceProject",
                "cdb:DescribeDBInstances",
                "cfs:DescribeCfsFileSystems",
                "ckafka:DescribeInstanceAttributes",
                "ckafka:DescribeInstances",
                "clb:DescribeLoadBalancers",
                "clb:DescribeListeners",
                "clb:SetLoadBalancerSecurityGroups",
                "clb:ModifyLoadBalancersProject",
                "cvm:DescribeInstances",
                "cvm:ModifyInstancesProject",
                "cvm:DescribeSecurityGroupPolicys",
                "cvm:AssociateSecurityGroups",
                "cvm:CreateSecurityGroup",
                "cvm:DescribeAddresses",
                "cvm:DescribeCbsStorages",
                "cvm:ModifyCbsStorageAttributes",
                "dcdb:DescribeDCDBInstances",
                "dcdb:ModifyDBInstancesProject",
                "dcdb:ModifyDBInstanceSecurityGroups",
                "dcdb:DescribeDBSecurityGroups",
                "mariadb:ModifyDBInstancesProject",
                "mariadb:DescribeDBInstances",
                "mariadb:ModifyDBInstanceSecurityGroups",
                "mariadb:DescribeDBSecurityGroups",
                "mongodb:DescribeDBInstances",
                "mongodb:AssignProject",
                "mongodb:DescribeAsyncRequestInfo",
                "mongodb:DescribeSecurityGroup",
                "mongodb:ModifyDBInstanceSecurityGroup",
                "redis:DescribeInstances",
                "redis:ModifyInstance",
                "redis:ModifyDBInstanceSecurityGroups",
                "redis:DescribeDBSecurityGroups",
                "vpc:DescribeVpcEx",
                "vpc:DescribeNetworkInterfaces",
                "vpc:DescribeNatGateways",
                "cvm:DisassociateNetworkInterfaceSecurityGroups",
                "cvm:AssociateNetworkInterfaceSecurityGroups",
                "cvm:DescribeSecurityGroups"
            ],
            "resource": "*"
        }
    ]
  }