tencent cloud

Cloud Access Management

DokumentasiCloud Access ManagementCAM-Enabled RoleMiddlewareMessage Queue CKafka

Message Queue CKafka

Unduh
Mode fokus
Ukuran font
Terakhir diperbarui: 2026-06-24 09:46:39

Service roles and service-linked roles are predefined by Tencent Cloud services and, upon user authorization, the corresponding services can access and use resources by assuming these service-linked roles. This document provides detailed information on the use cases and associated authorization policies of these specific service-linked roles.

Product Role Name Role Types Role Entity
CKafka CKafka_QCSLinkedRoleInSslQuery Service-Related Roles sslcert.ckafka.cloud.tencent.com
CKafka CKafka_QCSLinkedRoleInKmsAccess Service-Related Roles kmsAccess.ckafka.cloud.tencent.com
CKafka cosCkafka_QCSRole Service Role ckafka.qcloud.com

CKafka_QCSLinkedRoleInSslQuery

Use Cases: The current role is related to the CKafka service, used to authorize Ckafka to query SSL resources
Authorization Polices

  • Policy Name: QcloudAccessForCKafkaLinkedRoleInSslQuery
  • Policy Information:
    {
  "version": "2.0",
  "statement": [
      {
          "effect": "allow",
          "action": [
              "ssl:DescribeCertificateDetail",
              "ssl:DescribeCertificates"
          ],
          "resource": "*"
      }
  ]
}

CKafka_QCSLinkedRoleInKmsAccess

Use Cases: The current role is related to the CKafka service, which will access your KMS service resources within policy-permitted scope.
Authorization Polices

  • Policy Name: QcloudAccessForCKafkaLinkedRoleInKmsAccess
  • Policy Information:
    {
  "version": "2.0",
  "statement": [
      {
          "effect": "allow",
          "action": [
              "kms:GetRegions",
              "kms:GetServiceStatus",
              "kms:ListAlgorithms",
              "kms:UnbindCloudResource",
              "kms:BindCloudResource",
              "kms:Decrypt",
              "kms:GenerateDataKey",
              "kms:CreateKey",
              "kms:ListKeyDetail"
          ],
          "resource": "*"
      }
  ]
}

cosCkafka_QCSRole

Use Cases:
Authorization Polices

  • Policy Name: QcloudCOSAccessForCkafkaRole
  • Policy Information:
    {
  "version": "2.0",
  "statement": [
      {
          "action": [
              "cos:PutObject",
              "cos:GetObject",
              "cos:DeleteObject",
              "cos:ListParts",
              "cos:UploadPart"
          ],
          "resource": "*",
          "effect": "allow"
      }
  ]
}
Topik sebelumnya: LLM Service TokenHubTopik selanjutnya: TDMQ for RabbitMQ

Bantuan dan Dukungan

Apakah halaman ini membantu?

masukan