tencent cloud

Cloud Access Management

プロダクトの概要
CAMの概要
製品機能
適用シーン
基本概念
使用制限
ユーザータイプ
購入ガイド
クイックスタート
管理者ユーザーを作成する
サブアカウントの作成と権限付与
サブアカウントのコンソールログイン
ユーザーガイド
概要
ユーザー
アクセスキー
ユーザーグループ
ロール
アイデンティティプロバイダー
ポリシー
権限境界
トラブルシューティング
セキュリティ分析レポートのダウンロード
CAM-Enabled Role
Overview
Compute
Container
Microservice
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Database SaaS Service
Networking
CDN and Acceleration
Network Security
Data Security
Application Security
Domains & Websites
Big Data
Middleware
Interactive Video Services
Real-Time Interaction
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
CAM-Enabled API
Overview
Compute
Edge Computing
Container
Distributed cloud
Microservice
Serverless
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Networking
CDN and Acceleration
Network Security
Endpoint Security
Data Security
Business Security
Application Security
Domains & Websites
Office Collaboration
Big Data
Voice Technology
Image Creation
Tencent Big Model
AI Platform Service
Natural Language Processing
Optical Character Recognition
Middleware
Communication
Interactive Video Services
Real-Time Interaction
Stream Services
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Education Sevices
Medical Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
実践のチュートリアル
セキュリティの実践チュートリアル
複数アイデンティティ権限管理
Tag下の一部操作権限を付与する
従業員間のリソース分離アクセスのサポート
企業マルチアカウント権限管理
従業員のTencent Cloud操作ログを閲覧する
ABACによる従業員のリソースアクセス権限管理
タグ認証時にタグキーのみマッチをサポート
商用事例
MySQL関連ケース
CLB 関連ケース
CMQ関連ケース
COS 関連ケース
CVM関連ケース
VPC 関連ケース
VOD関連ケース
その他のケース
よくあるご質問
ロール関連問題
キー関連の問題
その他の問題
CAMユーザーと権限の問題
用語一覧
ドキュメントCloud Access ManagementCAM-Enabled APIMiddlewareTDMQ for RocketMQ

TDMQ for RocketMQ

フォーカスモード
フォントサイズ
最終更新日: 2026-04-03 09:47:45

Fundamental information

Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
RocketMQ trocket Supported Supported Resource level Supported

Note:

The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

  • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
  • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
  • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

API authorization granularity

Two authorization granularity levels of API are supported: resource level, and operation level.

  • Resource level: It supports the authorization of a specific resource.
  • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

Write operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
AddMQTTClientSubscription AddMQTTClientSubscription Operation level * Supported
BindServerCertificate bind server certificate Resource level qcs::trocket:${Region}:uin/:instance/${InstanceId} Supported
ChangeMigratingTopicToNextStage Move a migrating topic to next stage Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
CreateChaosTask Create a chaos task Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
CreateClusterSyncTask CreateClusterSyncTask Operation level * Supported
CreateConsumerGroup Create a consumer group Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/* Supported
CreateInstance Create a new instance Resource level qcs::trocket:${region}:uin/${uin}:instance/* Supported
CreateInstanceEndpoint Create endpoint Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
CreateMQTTInsInternalEndpoint CreateMQTTInsInternalEndpoint Operation level * Supported
CreateMQTTInsPublicEndpoint CreateMQTTInsPublicEndpoint Operation level * Supported
CreateMQTTInstance CreateMQTTInstance Operation level * Supported
CreateMQTTJWKSAuthenticator CreateMQTTJWKSAuthenticator Operation level * Supported
CreateMQTTTopic CreateMQTTTopic Operation level * Supported
CreateMQTTUser CreateMQTTUser Operation level * Supported
CreateMigrationTask create migration task Resource level qcs::${ApiModule}:${Region}:uin/:instance/${InstanceId} Supported
CreatePerformanceTestJob Create a performance test job Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
CreateRole Create a role Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
CreateSmoothMigrationTask Create a smooth migration task Operation level * Supported
CreateTopic Create a topic Resource level qcs::trocket:${region}:uin/${uin}:topic/${InstanceId}/* Supported
DeleteBrokerNode Delete unable broker node. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
DeleteClusterSyncTask DeleteClusterSyncTask Operation level * Supported
DeleteConsumerGroup Delete a consumer group Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DeleteConsumerOffset Delete consumer offset. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
DeleteInstance Delete an instance Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DeleteInstanceEndpoint Delete an endpoint Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DeleteMQTTAuthenticator DeleteMQTTAuthenticator Operation level * Supported
DeleteMQTTClientSubscription DeleteMQTTClientSubscription Operation level * Supported
DeleteMQTTInsInternalEndpoint DeleteMQTTInsInternalEndpoint Operation level * Supported
DeleteMQTTInsPublicEndpoint DeleteMQTTInsPublicEndpoint Operation level * Supported
DeleteMQTTInstance DeleteMQTTInstance Operation level * Supported
DeleteMQTTTopic DeleteMQTTTopic Operation level * Supported
DeleteMQTTUser DeleteMQTTUser Operation level * Supported
DeleteRole Delete a role Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DeleteSmoothMigrationTask Delete a smooth migration task Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DeleteTopic Delet a topic Resource level qcs::trocket:${region}:uin/${uin}:topic/${InstanceId}/${Topic} Supported
DescribeNewOrderDetails Describe order details for create instance. Resource level qcs::trocket:${region}:uin/${uin}:instance/* Supported
DoHealthCheckOnMigratingTopic Do health check on a migrating topic Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
ImportACLForSmoothMigration Import ACL in a smooth migration task. Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
ImportSourceClusterConsumerGroups Import consumer groups from migrating cluster Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
ImportSourceClusterTopics Import topics from cluster which is in migration Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
ModifyBindCertificate modify the configuration of the bound certificate Resource level qcs::trocket:${Region}:uin/:instance/${InstanceId} Supported
ModifyBrokerNode Modify broker node. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
ModifyClusterSyncTask ModifyClusterSyncTask Operation level * Supported
ModifyConsumerGroup Modify a consumer group Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
ModifyInstance Modify an instance Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
ModifyInstanceEndpoint Modify an endpoint Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
ModifyInstancePayMode Modify an instance pay mode. Resource level qcs::trocket::uin/${uin}:instance/${instanceId} Supported
ModifyInstanceStatus Modify an instance status Resource level qcs::trocket:${region}:uin/${uin}:instance/${instanceId} Supported
ModifyMQTTInsPublicEndpoint ModifyMQTTInsPublicEndpoint Operation level * Supported
ModifyMQTTInstance ModifyMQTTInstance Operation level * Supported
ModifyMQTTInstanceCertBinding ModifyMQTTInstanceCertBinding Operation level * Supported
ModifyMQTTJWKSAuthenticator ModifyMQTTJWKSAuthenticator Operation level * Supported
ModifyMQTTTopic ModifyMQTTTopic Operation level * Supported
ModifyMQTTUser ModifyMQTTUser Operation level * Supported
ModifyRole Modify a role Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
ModifySmoothMigrationTask Modify a smooth migration task Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
ModifyTopic modify topic Resource level qcs::trocket:${region}:uin/${uin}:topic/${InstanceId}/${Topic} Supported
PauseClusterSyncTask PauseClusterSyncTask Operation level * Supported
PublishMQTTMessage PublishMQTTMessage Operation level * Supported
RemoveMigratingTopic Remove a migrating topic Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
RenewInstance Renew an instance. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
ReplaceServerCertificate replace server certificate when the certificate is about to expire Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
ResendDeadLetterMessage resend deadLetter message Resource level qcs::${ApiModule}:${Region}:uin/:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
ResetAllConsumerGroupOffset reset all consume group offset Resource level qcs::trocket:${Region}:uin/:instance/${InstanceId} Supported
ResetConsumerGroupOffset Reset consumer group offset Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
RestartClusterSyncTask RestartClusterSyncTask Operation level * Supported
RestoreInstance Restore the RocketMQ cluster Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
RollbackMigratingTopicStage Rollback migrating topic to previous stage Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
SendMessage Send a message Resource level qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} Supported
TerminatePerformanceTestJob Terminate a performance job Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
UnbindServerCertificate unBind server certificate Resource level qcs::trocket:${Region}:uin/:instance/${InstanceId} Supported

Other Operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
CheckMQTTJWKSEndpointConnection CheckMQTTJWKSEndpointConnection Operation level * Supported

List Operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
DescribeBindCertificateList query cluster cert bind list Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
DescribeClusterSyncTaskList DescribeClusterSyncTaskList Operation level * Supported
DescribeConsumerGroupList Describe consumer group list Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DescribeConsumerGroups Describe ConsumerGroup List. Resource level qcs::trocket::uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DescribeFusionInstanceList describe fusion instance list Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeFusionMigrationTaskList describe fusion migration task list Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeInstanceList Describe a list of instances Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeInstanceListForSSL The SSL platform queries the RocketMQ instance interface associated with the certificate Operation level * Supported
DescribeMQTTClientList DescribeMQTTClientList Operation level * Supported
DescribeMQTTInstanceList DescribeMQTTInstanceList Operation level * Supported
DescribeMQTTMessageList DescribeMQTTMessageList Operation level * Supported
DescribeMQTTProductSKUList DescribeMQTTProductSKUList Operation level * Supported
DescribeMQTTSubTopic DescribeMQTTSubTopic Operation level * Supported
DescribeMQTTSubscription DescribeMQTTSubscription Operation level * Supported
DescribeMQTTTopicList DescribeMQTTTopicList Operation level * Supported
DescribeMQTTUserList DescribeMQTTUserList Operation level * Supported
DescribePerformanceTestJobList Get a list of performance test jobs Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeProductNews Describe Product News Operation level * Supported
DescribeRoleList Describe role list Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeSmoothMigrationTaskList Describe a list of smooth migration tasks Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeTopicList Describe topic list Resource level qcs::trocket:${region}:uin/${uin}:topic/${InstanceId}/${Topic} Supported
DescribeTopics Describe all topics. Resource level qcs::trocket::uin/${uin}:topic/${InstanceId}/${Topic} Supported

Read operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
DescribeBrokerStatus Describe broker process status. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
DescribeChaosTask Describe the running info of chaos task Operation level * Supported
DescribeClusterSyncTaskDetail DescribeClusterSyncTaskDetail Operation level * Supported
DescribeConsumerClient Describe a consumer client Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DescribeConsumerClientLag Describe a consumer client lag Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeConsumerClientList Describe consumer clients Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DescribeConsumerGroup Describe a consumer group Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DescribeConsumerLag Describe a consumer lag number. Resource level qcs::trocket::uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DescribeConsumerStack describe consumer stack. Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${ClusterId}/${GroupId} Supported
DescribeDetailedRoleList Describe detailed role list for topic and group. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
DescribeInstance Describe an instance Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeInstanceDeliveryProgress Describe an instance delivery progress Resource level qcs::trocket:${region}:uin/${uin}:instance/${instanceId} Supported
DescribeInstanceFeatures Describe Instance Features. Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeInstanceTopUsages Describe instance usages Resource level qcs::trocket:${region}:uin/${uin}:instance/${instanceId} Supported
DescribeMQTTAuthenticator DescribeMQTTAuthenticator Operation level * Supported
DescribeMQTTClient DescribeMQTTClient Operation level * Supported
DescribeMQTTInsInternalEndpoint DescribeMQTTInsInternalEndpoint Operation level * Supported
DescribeMQTTInsPublicEndpoints DescribeMQTTInsPublicEndpoints Operation level * Supported
DescribeMQTTInsVPCEndpoints DescribeMQTTInsVPCEndpoints Operation level * Supported
DescribeMQTTInstance DescribeMQTTInstance Operation level * Supported
DescribeMQTTInstanceCert DescribeMQTTInstanceCert Operation level * Supported
DescribeMQTTInstanceRealtimeStats DescribeMQTTInstanceRealtimeStats Operation level * Supported
DescribeMQTTMessage DescribeMQTTMessage Operation level * Supported
DescribeMQTTTopic DescribeMQTTTopic Operation level * Supported
DescribeMessage Describe a message Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeMessageList Describe message list Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeMessageTrace Describe message traces Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeMetadataSyncResult DescribeMetadataSyncResult Operation level * Supported
DescribeMetadataSyncState DescribeMetadataSyncState Operation level * Supported
DescribeMigratingGroupStats Describe a consumer group realtime stats Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeMigratingTopicAccessInfo Describe access info of a migrating topic Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeMigratingTopicList Describe a list of migrating topics Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeMigratingTopicStats Describe statistics of a migrating topic Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeMigrationEndpoints Describe access endpoints of a migration task Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeMigrationTask describe migration task Resource level qcs::trocket:${region}:uin/${uin}:taskId/${TaskId} Supported
DescribeMigrationTaskList describe migration task list Operation level * Supported
DescribeModifyOrderDetails Describe order details for modify instanc. Resource level qcs::${ApiModule}:${Region}:uin/:instance/${InstanceId} Supported
DescribePerformanceTestJob Describe information of a performance test job Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribePerformanceTestJobMetric Get metric list of a performance test job Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribePerformanceTestJobNodes Get execution nodes information of a performance test job Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeProducerList Describe producer list Resource level qcs::trocket:${Region}:uin/:instance/${InstanceId} Supported
DescribeProductSKUs Describe product skus Operation level * Supported
DescribePurchaseConfig Describe user purchase config Operation level * Supported
DescribeRenewOrderDetails Describe order details for renew instance. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
DescribeRetryMessageList describe rocketMQ retry message list Resource level qcs::trocket:${region}:uin/${uin}:instance/${instanceId} Supported
DescribeSmoothMigrationTask Describe detail of a migration task Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeSourceClusterGroupList Describe consume groups of source cluster Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeSourceClusterTopicList Describe topics of source cluster Resource level qcs::trocket:${region}:uin/${uin}:taskId/${taskId} Supported
DescribeTopic Describe a topic Resource level qcs::trocket:${region}:uin/${uin}:topic/${InstanceId}/${Topic} Supported
DescribeTopicListByGroup Describe topic list by group Resource level qcs::trocket:${region}:uin/${uin}:consumerGroup/${InstanceId}/${ConsumerGroup} Supported
DescribeTopicQuota Describe topic quota. Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
DescribeTopicStatisticalList Describe topic type and count Resource level qcs::trocket:${region}:uin/${uin}:instance/${instanceId} Supported
ExportMessage Export messages Resource level qcs::trocket:${region}:uin/${uin}:instance/${InstanceId} Supported
QueryPriceRenewOrder Query price for renew instance. Resource level qcs::trocket::uin/${uin}:instance/${InstanceId} Supported
VerifyMessageConsumption Verify message consumption Resource level qcs::trocket:${region}:uin/${uin}:topic/${instanceId}/${topic} Supported
前の記事へ: TDMQ for RabbitMQ次の記事へ: Cloud Message Queue

ヘルプとサポート

この記事はお役に立ちましたか?

フィードバック