腾讯云用户访问云资源时, CAM 通过以下评估逻辑决定允许或拒绝。
默认情况下,所有请求都将被拒绝。
CAM 会检查当前用户关联的所有策略。
注意:
目前支持的通用策略表如下:
策略说明 | 策略定义 |
---|---|
查询密钥需要 MFA 验证 | { "principal":"*", "action":"account:QueryKeyBySecretId", "resource":"*", "condition":{"string_equal":{"mfa":"0"}} } |
设置敏感操作需要 MFA 验证 | { "principal":"*", "action":"account:SetSafeAuthFlag", "resource":"*", "condition":{"string_equal":{"mfa":"0"}} } |
绑定 token 需要 MFA 验证 | { "principal":"*", "action":"account:BindToken", "resource":"*", "condition":{"string_equal":{"mfa":"0"}} } |
解绑 token 需要 MFA 验证 | { "principal":"*", "action":"account:UnbindToken", "resource":"*", "condition":{"string_equal":{"mfa":"0"}} } |
修改邮箱需要 MFA 验证 | { "principal":"*", "action":"account:ModifyMail", "resource":"*", "condition":{"string_equal":{"mfa":"0"}} } |
修改手机号需要 MFA 验证 | { "principal":"*", "action":"account:ModifyPhoneNum", "resource":"*", "condition":{"string_equal":{"mfa":"0"}} } |
本页内容是否解决了您的问题?