tencent cloud

Cloud Access Management

Product Introduction
CAM Overview
Features
Scenarios
Basic Concepts
Use Limits
User Types
Purchase Guide
Getting Started
Creating Admin User
Creating and Authorizing Sub-account
Logging In to Console with Sub-account
User Guide
Overview
Users
Access Key
User Groups
Role
Identity Provider
Policies
Permissions Boundary
Troubleshooting
Downloading Security Analysis Report
CAM-Enabled Role
Overview
Compute
Container
Microservice
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Database SaaS Service
Networking
CDN and Acceleration
Network Security
Data Security
Application Security
Domains & Websites
Big Data
Middleware
Interactive Video Services
Real-Time Interaction
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
CAM-Enabled API
Overview
Compute
Edge Computing
Container
Distributed cloud
Microservice
Serverless
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Networking
CDN and Acceleration
Network Security
Endpoint Security
Data Security
Business Security
Application Security
Domains & Websites
Office Collaboration
Big Data
Voice Technology
Image Creation
Tencent Big Model
AI Platform Service
Natural Language Processing
Optical Character Recognition
Middleware
Communication
Interactive Video Services
Real-Time Interaction
Stream Services
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Education Sevices
Medical Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
Use Cases
Security Practical Tutorial
Multi-Identity Personnel Permission Management
Authorizing Certain Operations by Tag
Supporting Isolated Resource Access for Employees
Enterprise Multi-Account Permissions Management
Reviewing Employee Operation Records on Tencent Cloud
Implementing Attribute-Based Access Control for Employee Resource Permissions Management
During tag-based authentication, only tag key matching is supported
Business Use Cases
TencentDB for MySQL
CLB
CMQ
COS
CVM
VPC
VOD
Others
API Documentation
History
Introduction
API Category
Making API Requests
User APIs
Policy APIs
Role APIs
Identity Provider APIs
Data Types
Error Codes
FAQs
Role
Key
Others
CAM Users and Permissions
Glossary
문서Cloud Access ManagementCAM-Enabled APIInteractive Video ServicesLow-code Interactive Classroom

Low-code Interactive Classroom

PDF
포커스 모드
폰트 크기
마지막 업데이트 시간: 2026-04-03 09:44:23

Fundamental information

Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
Low-code interactive classroom lcic Supported not supported Operation level Supported

Note:

The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

  • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
  • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
  • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

API authorization granularity

Two authorization granularity levels of API are supported: resource level, and operation level.

  • Resource level: It supports the authorization of a specific resource.
  • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

Write operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
AddGroupMember AddGroupMember Operation level * Supported
BatchAddGroupMember BatchAddGroupMember Operation level * Supported
BatchCreateGroupWithMembers BatchCreateGroupWithMembers Operation level * Supported
BatchCreateRoom BatchCreateRoom Operation level * Supported
BatchDeleteGroupMember BatchDeleteGroupMember Operation level * Supported
BatchDeleteRecord BatchDeleteRecord Operation level * Supported
BatchRegister BatchRegister Operation level * Supported
BindDocumentToRoom BindDocumentToRoom Operation level * Supported
CreateDocument Create Document Operation level * Supported
CreateGroupLiveCodes CreateGroupLiveCodes Operation level * Supported
CreateGroupWithMembers CreateGroupWithMembers Operation level * Supported
CreateGroupWithSubGroup CreateGroupWithSubGroup Operation level * Supported
CreateRoom Create Room Operation level * Supported
CreateSupervisor Create Supervisor Operation level * Supported
DeleteAppCustomContent Delete App CustomContent Operation level * Supported
DeleteDocument Delete Document Operation level * Supported
DeleteGroup DeleteGroup Operation level * Supported
DeleteGroupMember DeleteGroupMember Operation level * Supported
DeletePlaybackItem delete class playback item Operation level * Supported
DeleteRecord Delete Record Operation level * Supported
DeleteRoom Delete Room Operation level * Supported
DeleteSupervisor DeleteSupervisor Operation level * Supported
DeleteUser DeleteUser Operation level * Supported
DeleteWhiteBoardSnapshot Delete White Board Snapshot Operation level * Supported
EndRoom EndRoom Operation level * Supported
ForbidSendMsg ForbidSendMsg Operation level * Supported
KickUserFromRoom KickUserFromRoom Operation level * Supported
ModifyApp Modify App Operation level * Supported
ModifyGroup ModifyGroup Operation level * Supported
ModifyLiveRelayConfig ModifyLiveRelayConfig Operation level * Supported
ModifyRoom Modify Room Operation level * Supported
ModifyUserProfile Modify UserProfile Operation level * Supported
RegisterUser Registe rUser Operation level * Supported
SendRoomNormalMessage SendRoomNormalMessage Operation level * Supported
SendRoomNotificationMessage SendRoomNotificationMessage Operation level * Supported
SetAppCustomContent Set App CustomContent Operation level * Supported
SetMarquee SetMarquee Operation level * Supported
SetWatermark SetWatermark Operation level * Supported
StartRoom StartRoom Operation level * Supported
UnbindDocumentFromRoom UnbindDocumentFromRoom Operation level * Supported
UnblockKickedUser UnblockKickedUser Operation level * Supported

Read operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
BatchDescribeDocument BatchDescribeDocument Operation level * Supported
BatchGetPlaybackToken batch get playback tokens Operation level * Supported
DescribeAnswerList DescribeAnswerList Operation level * Supported
DescribeAppDetail Describe App Detail Operation level * Supported
DescribeCurrentMemberList DescribeCurrentMemberList Operation level * Supported
DescribeDeveloper DescribeDeveloper Operation level * Supported
DescribeDocument describe document Operation level * Supported
DescribeDocumentsByRoom DescribeDocumentsByRoom Operation level * Supported
DescribeGroup DescribeGroup Operation level * Supported
DescribeGroupList DescribeGroupList Operation level * Supported
DescribeGroupLiveCodes DescribeGroupLiveCodes Operation level * Supported
DescribeGroupMemberList DescribeGroupMemberList Operation level * Supported
DescribeLiveRelayConfig DescribeLiveRelayConfig Operation level * Supported
DescribeMarquee DescribeMarquee Operation level * Supported
DescribePlayRecords describe playback play records Operation level * Supported
DescribePlaybackList get playback list Operation level * Supported
DescribeQuestionList DescribeQuestionList Operation level * Supported
DescribeRecord DescribeRecord Operation level * Supported
DescribeRecordStream DescribeRecordStream Operation level * Supported
DescribeRecordTask DescribeRecordTask Operation level * Supported
DescribeRoom Describe Room Operation level * Supported
DescribeRoomForbiddenUser DescribeRoomForbiddenUser Operation level * Supported
DescribeRoomStatistics DescribeRoomStatistics Operation level * Supported
DescribeScoreList DescribeScoreList Operation level * Supported
DescribeSdkAppIdUsers DescribeSdkAppIdUsers Operation level * Supported
DescribeSupervisors DescribeSupervisors Operation level * Supported
DescribeUser Describe User Operation level * Supported
DescribeUserDetail DescribeUserDetail Operation level * Supported
DescribeWhiteBoardSnapshot Describe White Board Snapshot Operation level * Supported
GetPlaybackToken get playback token Operation level * Supported
GetRoomEvent GetRoomEvent Operation level * Supported
GetRoomMessage GetRoomMessage Operation level * Supported
GetRooms GetRooms Operation level * Supported
GetVideoDetails GetVideoDetails Operation level * Supported
GetVideoTrend GetVideoTrend Operation level * Supported
GetVideoUsage GetVideoUsage Operation level * Supported
GetWatermark GetWatermark Operation level * Supported
LoginOriginId Login OriginId Operation level * Supported
LoginOriginIdWithRoom Login OriginId With Room Operation level * Supported
LoginUser Login User Operation level * Supported
LoginUserWithRoom Login User With Room Operation level * Supported

Other Operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
StartRecord StartRecord Operation level * Supported
StopRecord StopRecord Operation level * Supported
이전 주제: Tencent Real-Time Communication다음 주제: Real-time Teleoperation

도움말 및 지원

문제 해결에 도움이 되었나요?

피드백