Release Notes and Announcements

Image Release Notes

Announcements

Product Introduction

Overview

Basic Concepts

Strengths

Scenarios

Use Limits

Region and Network Connectivity

Product Comparison

User Guide

Billing

Billing Overview

Instance Package

Pricing Details

Purchase Methods

Configuration Adjustment (for Upgrade Only)

Overdue Payments

Refund

Getting Started

One-Click Application Creation Using Lighthouse

Quick Instance Creation

User Guide

Instances

Cloud Disks

Images

Firewall

Private Network Interconnection

Data Backup and Restoration Using Snapshots

Cloud Access Management

OPS and Monitoring

File Transfer

Use Cases

Website Building

Development Environment Building

Cloud Storage System Building

E-commerce Platform Building

Personal Live Streaming Room Building

FTP Service Building

SSL Certificate Installation

Troubleshooting

Windows Instance: RDP Connection to the Remote Computer Fails

Windows Instance: Offline Password Resetting Fails or Invalid

Linux/Windows Instance: Online Password Resetting Fails or Invalid

API Documentation

History

Introduction

API Category

Making API Requests

Image APIs

Firewall APIs

Key APIs

Instance APIs

Snapshot APIs

CCN APIs

Other APIs

Cloud Disk APIs

Scene APIs

Package APIs

Quota APIs

Region APIs

Data Types

Error Codes

FAQs

Agreements

Data Processing And Security Agreement

Authorization Policy Syntax

PDF

포커스 모드

폰트 크기

마지막 업데이트 시간: 2022-05-12 12:24:12

Policy syntax
{     
      "version":"2.0", 
      "statement": 
      [ 
         { 
            "effect":"effect", 
            "action":["action"], 
            "resource":["resource"], 
             "condition": {"key":{"value"}} 
         } 
     ] 
} 
Element
Description
version
It is required. Currently, only the value "2.0" is allowed.
statement
It describes the details of one or more permissions. It contains a permission or permission set of multiple other elements such as `effect`, `action`, `resource`, and `condition`. One policy has only one `statement`.
effect
It is required and describes whether the statement result is an "allow" or an explicit "deny".
action
It is required and describes the allowed or denied action (operation). An operation can be an API (prefixed with "name") or a feature set (a set of specific APIs prefixed with "permid").
resource
It is required and describes the details of authorization. A resource is described in a six-segment format. Detailed resource definitions vary by product. For more information on how to specify a resource, see the product documentation corresponding to the resource statement you are writing.
condition
It is optional and describes the condition for the policy to take effect. A condition consists of an operator, action key, and action value. A condition value may contain information such as time and IP address. Some services allow you to specify additional values in a condition.
﻿
Sample CAM Policy for Lighthouse
The following policy grants the permission to view the list of Lighthouse instances and prohibits the user xxxxxx from viewing the details of the instance lhins-e31oxxxx. 
{
    "version": "2.0",
    "statement": [
        {
            "effect": "allow",
            "action": [
                "lighthouse:DescribeInstances"
            ],
            "resource": [
                "*"
            ]
        },
        {
            "effect": "deny",
            "action": [
                "lighthouse:DescribeInstances"
            ],
            "resource": [
                "qcs::lighthouse::uin/xxxxxx:instance/lhins-e31oxxxx"
            ]
        }
    ]
}
Lighthouse Resource Path
Each Lighthouse policy statement has its own applicable resources generally in the following format:
qcs:project_id:service_type:region:account:resource
project_id: Describes the project information, which is only used to enable compatibility with legacy CAM logic and can be left empty.
service_type: Describes the product abbreviation such as lighthouse.
region: Describes the region information, such as ap-guangzhou.
account: Describes the root account of the resource owner, such as uin/xxxxxx.
resource: Detailed resource information of each product, for example, instance/instance_id1 or instance/*.

도움말 및 지원

문제 해결에 도움이 되었나요?

더 자세한 내용은 문의하기 또는 티겟 제출 을 통해 문의할 수 있습니다.

피드백

tencent cloud

Tencent Cloud Lighthouse

Authorization Policy Syntax

Policy syntax

Sample CAM Policy for Lighthouse

Lighthouse Resource Path

도움말 및 지원

Element	Description
version	It is required. Currently, only the value "2.0" is allowed.
statement	It describes the details of one or more permissions. It contains a permission or permission set of multiple other elements such as `effect`, `action`, `resource`, and `condition`. One policy has only one `statement`.
effect	It is required and describes whether the statement result is an "allow" or an explicit "deny".
action	It is required and describes the allowed or denied action (operation). An operation can be an API (prefixed with "name") or a feature set (a set of specific APIs prefixed with "permid").
resource	It is required and describes the details of authorization. A resource is described in a six-segment format. Detailed resource definitions vary by product. For more information on how to specify a resource, see the product documentation corresponding to the resource statement you are writing.
condition	It is optional and describes the condition for the policy to take effect. A condition consists of an operator, action key, and action value. A condition value may contain information such as time and IP address. Some services allow you to specify additional values in a condition.