tencent cloud

Tencent Cloud Organization

  • Product Introduction
  • Purchase Guide
  • Operation Guide
    • Console Overview
    • Organization Settings
    • Department Management
    • Member Account Management
    • Member Finance Management
    • Member Access Management
    • Resource Management
    • Member Audit
    • Identity Center Management
  • API Documentation
    • History
    • Introduction
    • API Category
    • Making API Requests
    • Organization Settings APIs
    • Department and Member Management APIs
    • ListOrganizationIdentity
    • Unified Member Login APIs
    • Organization Service Management APIs
    • Organization Management Policy APIs
    • Resource Sharing APIs
    • Identity Center Management APIs
    • Identity Center User Management APIs
    • Identity Center User Group Management APIs
    • Identity Center Management SCIM Synchronization APIs
    • Identity Center Single Sign-On Management APIs
    • Identity Center Permission Configuration Management APIs
    • Identity Center Multi-Account Authorization Management APIs
    • Identity Center Sub-User Synchronization Management APIs
    • Data Types
    • Error Codes
    • TCO API 2018-12-25
  • Related Agreement
  • FAQs
  • Glossary
DocumentaçãoTencent Cloud OrganizationOperation GuideIdentity Center ManagementManage Multi-account AuthorizationConfigure CAM Role Synchronization

Configure CAM Role Synchronization

PDF
Modo Foco
Tamanho da Fonte
Última atualização: 2024-07-31 14:17:23

Overview

Based on the group account organizational structure, you can set allowed access users or user groups for each account, as well as their permission configuration.
This document provides an example of deploying permission configuration on a member account (Account1) for a user (user1) from the Identity Center. The permission configuration defines access only to CVM, ensuring that the user (user1) from the Identity Center can only access CVM resources in the member account (Account1).

Prerequisites

Make sure you have created permission configuration.
In this example, the permission configuration has been bound to preset policies, with no user-defined policies created.
Make sure you have created or synchronized a user.
In this example, a user (user1) is created with the Identity Center. For details, refer to Manage Users.

Directions

1. Go to TCO > Identity Center.
2. In the left sidebar, click CAM Synchronization > Multi-Account Authorization Management.
3. On the Multi-Account Authorization Management page, select the target account.
In this example, select the member account (Account1).
4. Click Configure CAM Role Synchronization.



5. On the Configure CAM Role Synchronization page, select the target user or user group, and then click Next.
In this example, select the user (user1).



6. Select the target Permission Configuration, and then click Next.



7. Review the configuration information, and then click Submit.



8. Wait for the configuration to finish, and then click Completed.

Result Verification

1. Log in to the Group Account Identity Center Portal using the Identity Center user (user1).
For detailed operations, refer to Identity Center User Login.
2. On the CAM Role Login tab, click Show Details in the permission column of the member account (Account1).
3. On the permission panel, click Log in in the Action column of the target permission configuration.
4. Access CVM resources in the member account (Account1) as a CAM Role.
Note:
Since only access to CVM is configured, you can only access CVM Resources. If you need to access other resources, modify policies in the permission configuration and redeploy the permission configuration.

Anterior: Overview of Multi-Account AuthorizationPróximo: View/Modify/Delete Authorization

Ajuda e Suporte

Esta página foi útil?

comentários