tencent cloud

Cloud Access Management

Product Introduction
CAM Overview
Features
Scenarios
Basic Concepts
Use Limits
User Types
Purchase Guide
Getting Started
Creating Admin User
Creating and Authorizing Sub-account
Logging In to Console with Sub-account
User Guide
Overview
Users
Access Key
User Groups
Role
Identity Provider
Policies
Permissions Boundary
Troubleshooting
Downloading Security Analysis Report
CAM-Enabled Role
Overview
Compute
Container
Microservice
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Database SaaS Service
Networking
CDN and Acceleration
Network Security
Data Security
Application Security
Domains & Websites
Big Data
Middleware
Interactive Video Services
Real-Time Interaction
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
CAM-Enabled API
Overview
Compute
Edge Computing
Container
Distributed cloud
Microservice
Serverless
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Networking
CDN and Acceleration
Network Security
Endpoint Security
Data Security
Business Security
Application Security
Domains & Websites
Office Collaboration
Big Data
Voice Technology
Image Creation
Tencent Big Model
AI Platform Service
Natural Language Processing
Optical Character Recognition
Middleware
Communication
Interactive Video Services
Real-Time Interaction
Stream Services
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Education Sevices
Medical Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
Use Cases
Security Practical Tutorial
Multi-Identity Personnel Permission Management
Authorizing Certain Operations by Tag
Supporting Isolated Resource Access for Employees
Enterprise Multi-Account Permissions Management
Reviewing Employee Operation Records on Tencent Cloud
Implementing Attribute-Based Access Control for Employee Resource Permissions Management
During tag-based authentication, only tag key matching is supported
Business Use Cases
TencentDB for MySQL
CLB
CMQ
COS
CVM
VPC
VOD
Others
API Documentation
History
Introduction
API Category
Making API Requests
User APIs
Policy APIs
Role APIs
Identity Provider APIs
Data Types
Error Codes
FAQs
Role
Key
Others
CAM Users and Permissions
Glossary
DokumentasiCloud Access ManagementCAM-Enabled APIEdge ComputingEdge Computing Machine

Edge Computing Machine

PDF
Mode fokus
Ukuran font
Terakhir diperbarui: 2026-04-03 09:42:50

Fundamental information

Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
Edge Computing Machine ecm Supported Supported Resource level Partially supported

Note:

The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

  • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
  • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
  • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

API authorization granularity

Two authorization granularity levels of API are supported: resource level, and operation level.

  • Resource level: It supports the authorization of a specific resource.
  • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

Write operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
AllocateAddresses Create elastic public IP Operation level * Supported
AllocateIpv6AddressesBandwidth IPv6 addresses allocate public network bandwidth Operation level * Supported
AssignIpv6Addresses Assign the Ipv6 addresses Resource level qcs::ecm::uin/:eni/${NetworkInterfaceId} Supported
AssignPrivateIpAddresses AssignPrivateIpAddresses Resource level qcs::ecm::uin/:eni/${NetworkInterfaceId} Supported
AssociateAddress Bind elastic public IP Operation level * Supported
AssociateHaVipAddressIp AssociateHaVipAddressIp Operation level * not supported
AssociateNetworkInterfaceSecurityGroups AssociateNetworkInterfaceSecurityGroups Resource level qcs::ecm::uin/:eni/${NetworkInterfaceIds} Supported
AssociateSecurityGroups Apply the security group to the edge instances Resource level qcs::ecm::uin/:instance/${InstanceIds} Supported
AttachDisks AttachDisks Resource level qcs::ecm::uin/${uin}:volume/${volumeId} not supported
AttachNetworkInterface AttachNetworkInterface Resource level qcs::ecm::uin/:instance/${InstanceId} Supported
AttachSSC AttachSSC Operation level * not supported
BatchDeregisterTargets Batch deregister the targets Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
BatchModifyTargetWeight Batch modify the target weight Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
BatchRegisterTargets Batch register the targets Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
CloneNetworkInterfaceSecurityGroup CloneNetworkInterfaceSecurityGroup Resource level qcs::ecm::uin/:eni/${TargetNetworkInterfaceIds} Supported
ConvertVpcId ConvertVpcId Operation level * not supported
CreateDisks CreateDisks Operation level * not supported
CreateHaVip Create highly available virtual IP Operation level * Supported
CreateImage Create image Resource level qcs::ecm::uin/:instance/${InstanceId} Supported
CreateListener Create the new listener Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
CreateLoadBalancer Create the new loadBalancer Operation level * Supported
CreateModule Create new edge module Operation level * Supported
CreateNetworkInterface Create the elastic network interface Operation level * Supported
CreateNetworkInterfaces CreateNetworkInterfaces Operation level * Supported
CreateNodeTemplate Create node template Operation level * Supported
CreateRouteTable Create route table Operation level * Supported
CreateRoutes Create routing policy Operation level * Supported
CreateSecurityGroup CreateSecurityGroup Operation level * Supported
CreateSecurityGroupPolicies Create security group policies Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
CreateSecurityGroupWithPolicies Create security group with policies Operation level * Supported
CreateSmartConnection Create smart connection Operation level * not supported
CreateSubnet CreateSubnet Resource level qcs::ecm::uin/:subnet/* Supported
CreateVpc CreateVpc Operation level * Supported
DeleteFailedImage DeleteFailedImage Operation level * Supported
DeleteHaVip Delete highly available virtual IP Operation level * Supported
DeleteImage Delete image Operation level * Supported
DeleteInstancesActionTimer DeleteInstancesActionTimer Operation level * Supported
DeleteListener Delete the listener Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
DeleteLoadBalancer Delete the loadBalancer Resource level qcs::ecm::uin/:lb/${LoadBalancerIds} Supported
DeleteLoadBalancerListeners Delete the multiple loadBalancer listeners Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
DeleteModule Delete the edge module Resource level qcs::ecm::uin/:module/${ModuleId} Supported
DeleteNetworkInterface DeleteNetworkInterface Resource level qcs::ecm::uin/:eni/${NetworkInterfaceId} Supported
DeleteNodeTemplate Delete node template Operation level * Supported
DeleteRouteTable Delete route table Operation level * Supported
DeleteRoutes Delete routing policy Operation level * Supported
DeleteSecurityGroup DeleteSecurityGroup Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
DeleteSecurityGroupPolicies DeleteSecurityGroupPolicies Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
DeleteSmartConnection Delete smart connection Operation level * not supported
DeleteSnapshots DeleteSnapshots Resource level qcs::ecm::uin/${uin}:snapshot/${snapshotId} not supported
DeleteSubnet DeleteSubnet Resource level qcs::ecm::uin/:subnet/${SubnetId} Supported
DeleteVpc DeleteVpc Resource level qcs::ecm::uin/:vpc/${VpcId} Supported
DetachDisks DetachDisks Resource level qcs::ecm::uin/${uin}:volume/${volumeId} not supported
DetachNetworkInterface DetachNetworkInterface Resource level qcs::ecm::uin/:instance/${InstanceId} Supported
DetachSSC DetachSSC Operation level * not supported
DisableRoutes Disable subnet routing Operation level * Supported
DisassociateAddress Disassociate elastic public IP Operation level * Supported
DisassociateHaVipAddressIp DisassociateHaVipAddressIp Operation level * not supported
DisassociateInstancesKeyPairs This command is used to unbind the key of the instance Operation level * Supported
DisassociateNetworkInterfaceSecurityGroups DisassociateNetworkInterfaceSecurityGroups Resource level qcs::ecm::uin/:eni/${NetworkInterfaceIds} Supported
DisassociateSecurityGroups Cancel the application of the security group to the edge instances Resource level qcs::ecm::uin/:instance/${InstanceIds} Supported
EnableRoutes Enable subnet routing Operation level * Supported
ImagePreheat ImagePreheat Operation level * Supported
ImportCustomImage Import custom image Operation level * Supported
ImportCvmImage ImportCvmImage Operation level * Supported
ImportImage Import image Operation level * Supported
MigrateNetworkInterface MigrateNetworkInterface Resource level qcs::ecm::uin/:instance/${DestinationInstanceId} Supported
MigratePrivateIpAddress Migrate the private Ip addresses from elastic network interface Resource level qcs::ecm::uin/:instance/${InstanceId} Supported
ModifyAddressAttribute Modify elastic public IP attribute Operation level * Supported
ModifyAddressesBandwidth Modify elastic public IP bandwidth Operation level * Supported
ModifyDefaultSubnet ModifyDefaultSubnet Resource level qcs::ecm::uin/:subnet/${SubnetId} Supported
ModifyHaVipAttribute Modify highly available virtual IP attribute Operation level * Supported
ModifyImageAttribute Modify image attribute Operation level * Supported
ModifyInstancesAttribute Modify the edge instance attributes Operation level * Supported
ModifyIpv6AddressesAttribute ModifyIpv6AddressesAttribute Resource level qcs::ecm::uin/:eni/${NetworkInterfaceId} Supported
ModifyIpv6AddressesBandwidth Adjust Elastic Public IPv6 Addresses Bandwidth. Operation level * Supported
ModifyListener Modify the listener attribute Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
ModifyLoadBalancerAttributes Modify the loadBalancer attribute Resource level qcs::ecm::uin/:lb/${LoadBalancerIds} Supported
ModifyModuleConfig Modify the edge module configuration Resource level qcs::ecm::uin/:module/${ModuleId} Supported
ModifyModuleDisableWanIp Modify the edge module public IP allocation seting Resource level qcs::ecm::uin/${uin}:module/${ModuleId} Supported
ModifyModuleImage Modify the edge module default OS image setting Resource level qcs::ecm::uin/:module/${ModuleId} Supported
ModifyModuleIpDirect Modify the edge module direct IP setting Resource level qcs::ecm::uin/:module/${ModuleId} Supported
ModifyModuleName Modify the edge module name Resource level qcs::ecm::uin/:module/${ModuleId} Supported
ModifyModuleNetwork Modify the edge module default bandwidth setting Resource level qcs::ecm::uin/:module/${ModuleId} Supported
ModifyModuleSecurityGroups Modify the edge module default security group setting Resource level qcs::ecm::uin/:module/${ModuleId} Supported
ModifyNetworkInterfaceAttribute ModifyNetworkInterfaceAttribute Resource level qcs::ecm::uin/:eni/${NetworkInterfaceId} Supported
ModifyPrivateIpAddressesAttribute Modify the private Ip addresses of elastic network interface Resource level qcs::ecm::uin/${uin}:eni/${NetworkInterfaceId} Supported
ModifyRouteTableAttribute Modify route table attribute Operation level * Supported
ModifySecurityGroupAttribute ModifySecurityGroupAttribute Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
ModifySecurityGroupPolicies ModifySecurityGroupPolicies Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
ModifySmartConnection Modify smart connection Operation level * not supported
ModifySubnetAttribute ModifySubnetAttribute Resource level qcs::ecm::uin/:subnet/${SubnetId} Supported
ModifyTargetPort Modify the target port Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
ModifyTargetWeight Modify the target weight Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
ModifyVpcAttribute ModifyVpcAttribute Resource level qcs::ecm::uin/:vpc/${VpcId} Supported
RebootInstances Reboot the edge instance Operation level * Supported
ReleaseAddresses Release elastic public IP Operation level * Supported
ReleaseIpv6Addresses Release the Ipv6 addresses Resource level qcs::ecm::uin/:eni/${NetworkInterfaceId} Supported
ReleaseIpv6AddressesBandwidth Cancel the ability of IPv6 addresses to access the internet. Operation level * Supported
RemovePrivateIpAddresses RemovePrivateIpAddresses Resource level qcs::ecm::uin/:eni/${NetworkInterfaceId} Supported
ReplaceRouteTableAssociation Replace route table binding relation Operation level * Supported
ReplaceRoutes Replace routing policy Operation level * Supported
ReplaceSecurityGroupPolicy ReplaceSecurityGroupPolicy Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
ResetInstances Reinstall the edge instance OS Resource level qcs::ecm::uin/:instance/${InstanceIdSet} Supported
ResetInstancesMaxBandwidth Modify the edge instance bandwidth upper limit setting Resource level qcs::ecm::uin/:instance/${InstanceIdSet} Supported
ResetInstancesNewFlag ResetInstancesNewFlag Resource level qcs::ecm::uin/:instance/${InstanceIdSet} Supported
ResetInstancesPassword Reset the edge instance OS login password Operation level * Supported
ResetRoutes Reset route table name and routing policy Operation level * Supported
RunInstances RunInstances Operation level * Supported
SetLoadBalancerSecurityGroups Set loadBalancer security groups Operation level * Supported
SetSecurityGroupForLoadbalancers Bind or unbind a security group to multiple loadBalancer instances Operation level * Supported
StartInstances Start the edge instances Operation level * Supported
StopInstances Stop the edge instances Operation level * Supported
TerminateDisks TerminateDisks Resource level qcs::ecm::uin/${uin}:volume/${volumeId} not supported
TerminateInstances Terminate the edge instance Operation level * Supported
UpdateInstancesActionTimer UpdateInstancesActionTimer Operation level * Supported
UpdateModuleInstanceType UpdateModuleInstanceType Resource level qcs::ecm::uin/:module/${ModuleId} Supported

Read operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
DescribeAddressQuota Describe elastic public IP quota Operation level * Supported
DescribeAddresses DescribeAddresses Operation level * Supported
DescribeAlarmInfo DescribeAlarmInfo Operation level * Supported
DescribeAvailableBandwidth DescribeAvailableBandwidth Operation level * Supported
DescribeBaseOverview Describe the basic statistics of the overview page Operation level * Supported
DescribeBlockStorages DescribeBlockStorages Operation level * Supported
DescribeConfig Describe limit config info Operation level * Supported
DescribeCustomImageTask Describe import image task Operation level * Supported
DescribeCustomerConfig DescribeCustomerConfig Operation level * Supported
DescribeCustomerLimitConfig DescribeCustomerLimitConfig Operation level * Supported
DescribeCustomerNeedApply DescribeCustomerNeedApply Operation level * Supported
DescribeDefaultSubnet Describe default subnet of zone Operation level * Supported
DescribeDiskConfigQuota DescribeDiskConfigQuota Operation level * not supported
DescribeDisks DescribeDisks Resource level qcs::ecm::uin/${uin}:volume/${volumeId} not supported
DescribeHaVips Describe highly available virtual IP Operation level * Supported
DescribeImage Operation level * Supported
DescribeImage Operation level * Supported
DescribeImages Describe image list Operation level * Supported
DescribeInstanceQuota DescribeInstanceQuota Operation level * Supported
DescribeInstanceTypeConfig Describe Instance config Operation level * Supported
DescribeInstanceTypeConfigs DescribeInstanceTypeConfigs Operation level * Supported
DescribeInstanceUsage Query the usage of instances, currently supporting queries on a monthly basis Operation level * Supported
DescribeInstanceVncUrl Describe the edge instance VNC url Resource level qcs::ecm::uin/:instance/${InstanceId} Supported
DescribeInstancesActionTimer DescribeInstancesActionTimer Resource level qcs::ecm::uin/:instance/${InstanceIds} Supported
DescribeInstancesDeniedActions Describe the edge instance denied actions Resource level qcs::ecm::uin/:instance/${InstanceIdSet} Supported
DescribeInstancesStatus DescribeInstancesStatus Operation level * Supported
DescribeListeners Query the listeners list Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
DescribeLoadBalanceTaskStatus Query the loadBalancer task status Operation level * Supported
DescribeLocalDNS DescribeLocalDNS Operation level * not supported
DescribeModuleDetail Describe the edge module details Resource level qcs::ecm::uin/:module/${ModuleId} Supported
DescribeMonthPeakNetwork Describe the monthly peak and billable bandwidth on the node Operation level * Supported
DescribeNetworkStatistics DescribeNetworkStatistics Operation level * Supported
DescribeNode Describe the edge node list Operation level * Supported
DescribeNodeTemplate Describe node template Operation level * Supported
DescribeNodeTemplateDetail Describe node template detail Operation level * Supported
DescribeNodeTraffic DescribeNodeTraffic Operation level * Supported
DescribePackingQuota DescribePackingQuota Operation level * Supported
DescribePackingQuotaGroup DescribePackingQuotaGroup Operation level * Supported
DescribePeakBaseOverview Describe basic information peak data Operation level * Supported
DescribePeakNetworkOverview Describe network peak data Operation level * Supported
DescribePreheatedZone DescribePreheatedZone Operation level * Supported
DescribePriceRunInstance Query the price of the ECM instance model specifications Operation level * Supported
DescribeRegions DescribeRegions Operation level * Supported
DescribeRouteConflicts Describe routing policy conflict list Operation level * Supported
DescribeRouteTables Describe route table list Operation level * Supported
DescribeScheduleImagePreheat DescribeScheduleImagePreheat Operation level * Supported
DescribeSecurityGroupAssociationStatistics DescribeSecurityGroupAssociationStatistics Resource level qcs::ecm::uin/:sg/${SecurityGroupIds} Supported
DescribeSecurityGroupLimits Describe security group limits Operation level * Supported
DescribeSecurityGroupPolicies DescribeSecurityGroupPolicies Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
DescribeSecurityGroupPolicyTemplates DescribeSecurityGroupPolicyTemplates Operation level * Supported
DescribeSimpleInstances DescribeSimpleInstances Operation level * Supported
DescribeSimpleNode DescribeSimpleNode Operation level * Supported
DescribeSmartConnections Describe smart connection Operation level * not supported
DescribeSnapshots DescribeSnapshots Resource level qcs::ecm::uin/${uin}:snapshot/${SnapshotId} not supported
DescribeTargetHealth Get the health status of loadBalancer backend service Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
DescribeTargets Query the backend service list of loadBalancer Resource level qcs::ecm::uin/:lb/${LoadBalancerId} Supported
DescribeTaskResult Describe async task execution result Operation level * Supported
DescribeTaskStatus Describe task status Operation level * Supported
DescribeUpdatableInstanceType DescribeUpdatableInstanceType Operation level * Supported
DescribeUsedNode DescribeUsedNode Operation level * Supported
DescribeUserNode DescribeUserNode Operation level * Supported
DescribeUserNodeOption DescribeUserNodeOption Operation level * Supported
DescribeZones DescribeZones Operation level * Supported
QueryVpcTaskResult QueryVpcTaskResult Operation level * not supported

List Operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
DescribeImportImageOs Describe OS list supported by import image Operation level * Supported
DescribeInstances DescribeInstances Operation level * Supported
DescribeLBConfLimit DescribeLBConfLimit Operation level * Supported
DescribeLoadBalancers Query the loadBalancer list Resource level qcs::ecm::uin/:lb/${LoadBalancerIds} not supported
DescribeModule DescribeModule Resource level qcs::ecm::uin/:module/${ModuleId} Supported
DescribeNetworkInterfaces DescribeNetworkInterfaces Operation level * Supported
DescribeNoPreheatZone DescribeNoPreheatZone Operation level * Supported
DescribeRegionIpv6Addresses describe ipv6 dddresses for ecm region. Operation level * Supported
DescribeSecurityGroups DescribeSecurityGroups Resource level qcs::ecm::uin/:sg/${SecurityGroupId} Supported
DescribeSubnets DescribeSubnets Resource level qcs::ecm::uin/:subnet/${SubnetId} Supported
DescribeVpcs DescribeVpcs Resource level qcs::ecm::uin/:vpc/${VpcId} Supported
Topik sebelumnya: Cloud Dedicated ZoneTopik selanjutnya: Tencent Kubernetes Engine

Bantuan dan Dukungan

Apakah halaman ini membantu?

masukan