tencent cloud

TencentDB for DBbrain

Release Notes and Announcements
Release Notes
Announcements
Product Introduction
Overview
Features
Strengths
Use Cases
Feature List
Region List
Purchase Guide
Operation Guide
Cloud Access Management
Self-Built Database Access
Instance Overview
Instance Management
Monitoring and Alarms
Health Report and Kill Session Report Management
MySQL/TDSQL-C for MySQL Performance Optimization
TDSQL for MySQL/MariaDB Performance Optimization
Distributed cache database (Distributed Cache) diagnostic optimization
MongoDB Performance Optimization
Full-Link Analysis
Practical Tutorial
Fixing High CPU Utilization on MySQL Instance
Fixing Lock Conflict on MySQL Instance
How to Address High CPU Utilization Issues in Distributed Cache Instances
Fixing High CPU Utilization in MongoDB Instance
Fixing Short Node Oplog Retention Period in MongoDB Instance
API Documentation
History
Introduction
Introduction
API Category
Making API Requests
Session Killing APIs
Exception Detection APIs
Other APIs
Redis related APIs
Health Report Email Sending APIs
Space Analysis APIs
Slow Log Analysis APIs
Security Audit APIs
Database Audit APIs
Data Types
Error Codes
DBbrain APIs 2019-10-16
FAQs
Self-Built Database Issues
MySQL Performance
Product
Service Level Agreement
Glossary
Contact Us
DokumentasiTencentDB for DBbrainOperation GuideCloud Access ManagementAuthorizable Resource Types

Authorizable Resource Types

PDF
Mode fokus
Ukuran font
Terakhir diperbarui: 2021-08-10 15:35:36
Resource-level permission is used to specify which resources a user can manipulate. DBbrain supports certain resource-level permissions. This means that for the TencentDB operations that support resource-level permission, you can control when a user is allowed to perform operations or what resources the user can use. The following table describes the types of resources that can be authorized in CAM.
Resource Type
Resource Description Method in the Authorization Policy
TencentDB instance resources
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
The table below lists the DBbrain API operations that currently support resource-level permission control as well as the resources and condition keys supported by each operation. When specifying a resource path, you can use the "*" wildcard in the path.
Any DBbrain API operation not listed in the table does not support resource-level permission. For such an operation, you can still authorize a user to perform it, but you must specify * as the resource element in the policy statement.
API Operation
Resource Path
DescribeSlowLogTopSqls
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeSlowLogTimeSeriesStats
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBDiagHistory
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBDiagEvent
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CreateAuditLogStatsTask
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeAuditLogStatsTasks
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeAuditLogSeriesForSqlTime
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeAuditLogTopSqls
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeAuditLogMetricRatio
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DeleteAuditLogStatsTask
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBSpaceStatus
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeTopSpaceTables
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBPerfTimeSeries
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeSqlExplain
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CreateDiagUserInstances
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DeleteDiagUserInstances
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeProcessList
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CreateDBDiagReportTask
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBDiagReportTasks
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeDBDiagReport
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DeleteDBDiagReportTasks
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeSqlAdvice
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeHealthScoreTimeSeries
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
DescribeHealthScore
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId
CreateDBDiagReportUrl
qcs::cdb:$region:$account:instanceId/*
qcs::cdb:$region:$account:instanceId/$instanceId

Topik sebelumnya: Authorization Policy SyntaxTopik selanjutnya: Introduction to Self-Built Database Access

Bantuan dan Dukungan

Apakah halaman ini membantu?

masukan