tencent cloud

Cloud Access Management

Product Introduction
CAM Overview
Features
Scenarios
Basic Concepts
Use Limits
User Types
Purchase Guide
Getting Started
Creating Admin User
Creating and Authorizing Sub-account
Logging In to Console with Sub-account
User Guide
Overview
Users
Access Key
User Groups
Role
Identity Provider
Policies
Permissions Boundary
Troubleshooting
Downloading Security Analysis Report
CAM-Enabled Role
Overview
Compute
Container
Microservice
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Database SaaS Service
Networking
CDN and Acceleration
Network Security
Data Security
Application Security
Domains & Websites
Big Data
Middleware
Interactive Video Services
Real-Time Interaction
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
CAM-Enabled API
Overview
Compute
Edge Computing
Container
Distributed cloud
Microservice
Serverless
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Networking
CDN and Acceleration
Network Security
Endpoint Security
Data Security
Business Security
Application Security
Domains & Websites
Office Collaboration
Big Data
Voice Technology
Image Creation
Tencent Big Model
AI Platform Service
Natural Language Processing
Optical Character Recognition
Middleware
Communication
Interactive Video Services
Real-Time Interaction
Stream Services
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Education Sevices
Medical Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
Use Cases
Security Practical Tutorial
Multi-Identity Personnel Permission Management
Authorizing Certain Operations by Tag
Supporting Isolated Resource Access for Employees
Enterprise Multi-Account Permissions Management
Reviewing Employee Operation Records on Tencent Cloud
Implementing Attribute-Based Access Control for Employee Resource Permissions Management
During tag-based authentication, only tag key matching is supported
Business Use Cases
TencentDB for MySQL
CLB
CMQ
COS
CVM
VPC
VOD
Others
API Documentation
History
Introduction
API Category
Making API Requests
User APIs
Policy APIs
Role APIs
Identity Provider APIs
Data Types
Error Codes
FAQs
Role
Key
Others
CAM Users and Permissions
Glossary
문서Cloud Access ManagementCAM-Enabled APIBusiness SecurityRisk Control Engine

Risk Control Engine

PDF
포커스 모드
폰트 크기
마지막 업데이트 시간: 2026-04-03 09:45:36

Fundamental information

Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
Risk Control Engine rce Supported not supported Operation level Partially supported

Note:

The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

  • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
  • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
  • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

API authorization granularity

Two authorization granularity levels of API are supported: resource level, and operation level.

  • Resource level: It supports the authorization of a specific resource.
  • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

Write operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
AddNameList add name list Operation level * Supported
ApplyDecision Apply Decision Operation level * Supported
ApplyReceipt Apply Receipt Operation level * Supported
AssessRisk Assess Risk Operation level * Supported
CreateChannel create channel Operation level * Supported
CreateDataReport CreateDataReport Operation level * Supported
CreateEvent CreateEvent Operation level * Supported
CreateEventMapping CreateEventMapping Operation level * Supported
CreateLaboratory CreateLaboratory Operation level * Supported
CreateMonitor CreateMonitor Operation level * Supported
CreateNameList CreateNameList Operation level * Supported
CreateNameListCust Create Name List Operation level * Supported
CreateRiskMonitoringManagement CreateRiskMonitoringManagement Operation level * Supported
CreateSendCaptcha CreateSendCaptcha Operation level * Supported
CreateService CreateService Operation level * Supported
CreateStrategy CreateStrategy Operation level * Supported
CreateStrategyByService CreateStrategyByService Operation level * Supported
CreateStrategyCollection CreateStrategyCollection Operation level * Supported
CreateStrategyCopy CreateStrategyCopy Operation level * Supported
CreateStrategyCust CreateStrategyCust Operation level * Supported
DeleteDataReport DeleteDataReport Operation level * Supported
DeleteEvent DeleteEvent Operation level * Supported
DeleteEventMapping DeleteEventMapping Operation level * Supported
DeleteMonitor DeleteMonitor Operation level * Supported
DeleteNameList DeleteNameList Operation level * Supported
DeleteNameListCust Delete Name List Operation level * Supported
DeleteNameListData DeleteNameListData Operation level * Supported
DeleteNameListDataCust Delete Name List Data Operation level * Supported
DeleteRiskMonitoringManagement DeleteRiskMonitoringManagement Operation level * Supported
DeleteSavedQueryFilterCust DeleteSavedQueryFilterCust Operation level * Supported
DeleteStrategyLaboratory DeleteStrategyLaboratory Operation level * Supported
DescribeExportRequestData DescribeExportRequestData Operation level * Supported
DetectASync DetectASync Operation level * Supported
DetectSync DetectSync Operation level * Supported
ImportExperimentDetail ImportExperimentDetail Operation level * Supported
ImportNameListData ImportNameListData Operation level * Supported
ImportNameListDataCust Create Name List Data Operation level * Supported
ManageMarketingRisk ManageMarketingRisk Operation level * Supported
ModifyDataReport ModifyDataReport Operation level * Supported
ModifyEvent ModifyEvent Operation level * Supported
ModifyMonitor ModifyMonitor Operation level * Supported
ModifyNameList ModifyNameList Operation level * Supported
ModifyNameListCust Modify Name List Operation level * Supported
ModifyNameListData ModifyNameListData Operation level * Supported
ModifyNameListDataCust Modify Name List Data Operation level * Supported
ModifyRiskMonitoringManagement ModifyRiskMonitoringManagement Operation level * Supported
ModifyRiskMonitoringManagementStatus ModifyRiskMonitoringManagementStatus Operation level * Supported
ModifySavedQueryFilterCust ModifySavedQueryFilterCust Operation level * Supported
ModifySite Modify site qps limit Operation level * Supported
ModifySiteConfig Modify site configuration Operation level * Supported
ModifyStrategy ModifyStrategy Operation level * Supported
ModifyStrategyCust ModifyStrategyCust Operation level * Supported
ModifyStrategyLaboratory ModifyStrategyLaboratory Operation level * Supported
ProcessStrategyLaboratory ProcessStrategyLaboratory Operation level * Supported
PublishStrategyCust PublishStrategyCust Operation level * Supported
SaveQueryFilterCust SaveQueryFilterCust Operation level * Supported
StartStrategyLaboratory StartStrategyLaboratory Operation level * Supported
StopStrategyLaboratory StopStrategyLaboratory Operation level * Supported
ThreatIntelligence ThreatIntelligence Operation level * Supported
UpdateStrategyInfoCust UpdateStrategyInfoCust Operation level * Supported

Read operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
AssessEcosystemDeviceRisk Assess Ecosystem Device Risk Operation level * Supported
AssessEnvironmentRisk Assess Environment Risk Operation level * Supported
CheckStrategyLaboratory CheckStrategyLaboratory Operation level * Supported
DescribeApplicationRiskAssessment Query application risk assessment results Operation level * Supported
DescribeAsyncDetectionRecords DescribeAsyncDetectionRecords Operation level * Supported
DescribeCameraRisk describe camera risk Operation level * Supported
DescribeChannelExist describe channel exist Operation level * Supported
DescribeCommonDictCust DescribeCommonDictCust Operation level * Supported
DescribeCustomerPermission This interface is used to query the business permissions of the customer console. Operation level * Supported
DescribeDataReportList DescribeDataReportList Operation level * Supported
DescribeDeviceRisk describe device risk Operation level * Supported
DescribeDeviceRiskCount This interface is used to query the equipment risk overview. Operation level * Supported
DescribeDeviceRiskHistoryCount DescribeDeviceRiskHistoryCount Operation level * Supported
DescribeDeviceRiskHistoryList DescribeDeviceRiskHistoryList Operation level * Supported
DescribeDeviceRiskList This interface is used to query the device risk list. Operation level * Supported
DescribeDeviceRiskTrend This interface is used to query equipment risk trends. Operation level * Supported
DescribeDownloadList DescribeDownloadList Operation level * Supported
DescribeEventCodeList DescribeEventCodeList Operation level * Supported
DescribeEventDataList DescribeEventDataList Operation level * Supported
DescribeEventMapping DescribeEventMapping Operation level * Supported
DescribeEventMonitorList DescribeEventMonitorList Operation level * Supported
DescribeFunctionPackage DescribeFunctionPackage Operation level * Supported
DescribeHistoryRecordCount DescribeHistoryRecordCount Operation level * Supported
DescribeHistoryRecordList DescribeHistoryRecordList Operation level * Supported
DescribeIDRisk This interface is used to query the account risk level using the risk query tool. Operation level * Supported
DescribeInitStrategyList DescribeInitStrategyList Operation level * Supported
DescribeInterceptSitesCount Query the number of protected sites enabled Operation level * Supported
DescribeLaboratoryAppCodeList DescribeLaboratoryAppCodeList Operation level * Supported
DescribeLaboratoryErrorList DescribeLaboratoryErrorList Operation level * Supported
DescribeLaboratoryEventCodeList DescribeLaboratoryEventCodeList Operation level * Supported
DescribeLaboratoryExperimentDetail DescribeLaboratoryExperimentDetail Operation level * Supported
DescribeLaboratoryExperimentHitDetail DescribeLaboratoryExperimentHitDetail Operation level * Supported
DescribeLaboratoryFeatureVariableList DescribeLaboratoryFeatureVariableList Operation level * Supported
DescribeLaboratoryFieldCodeList DescribeLaboratoryFieldCodeList Operation level * Supported
DescribeLaboratoryLabDetail DescribeLaboratoryLabDetail Operation level * Supported
DescribeLaboratoryLabList DescribeLaboratoryLabList Operation level * Supported
DescribeLaboratoryNameListVariableList DescribeLaboratoryNameListVariableList Operation level * Supported
DescribeLaboratoryOperatorList DescribeLaboratoryOperatorList Operation level * Supported
DescribeLaboratoryStrategyLabList DescribeLaboratoryStrategyLabList Operation level * Supported
DescribeLatestExportDownloadLink DescribeLatestExportDownloadLink Operation level * Supported
DescribeLatestExportRequestData DescribeLatestExportRequestData Operation level * Supported
DescribeMonitorList DescribeMonitorList Operation level * Supported
DescribeNameList DescribeNameList Operation level * Supported
DescribeNameListCust Describe Name List Operation level * Supported
DescribeNameListDataList DescribeNameListDataList Operation level * Supported
DescribeNameListDataListCust Describe Name List Data Operation level * Supported
DescribeNameListDataType DescribeNameListDataType Operation level * Supported
DescribeNameListDetail DescribeNameListDetail Operation level * Supported
DescribeNameListDetailCust DescribeNameListDetailCust Operation level * Supported
DescribeNameListHistory DescribeNameListHistory Operation level * Supported
DescribeNameListHistoryCust DescribeNameListHistoryCust Operation level * Supported
DescribeOverConcurrencyLimitCount The number of queries exceeds the concurrent limit. Operation level * Supported
DescribeRCESitesInvokeLimitSum Query the sum of site current limit values Operation level * Supported
DescribeRCEUser DescribeRCEUser Operation level * Supported
DescribeRequestTop DescribeRequestTop Operation level * Supported
DescribeRequestTrends DescribeRequestTrends Operation level * Supported
DescribeRequestsOverView DescribeRequestsOverView Operation level * Supported
DescribeRiskApiAnalysis risk api analysis Operation level * Supported
DescribeRiskApiList query risk api list Operation level * Supported
DescribeRiskApiStat risk api statistic Operation level * Supported
DescribeRiskAssessment This interface is used to query the risk assessment results Operation level * Supported
DescribeRiskMonitoringManagement DescribeRiskMonitoringManagement Operation level * Supported
DescribeRiskTrends DescribeRiskTrends Operation level * Supported
DescribeRuleTopList DescribeRuleTopList Operation level * Supported
DescribeRuleTrends DescribeRuleTrends Operation level * Supported
DescribeServiceStatus DescribeServiceStatus Operation level * Supported
DescribeSiteAccessCount Query site request statistics Operation level * Supported
DescribeSiteCount This interface is used to view the data overview in the gateway monitoring menu. Operation level * Supported
DescribeSiteDuration Query the average time-consuming trend of the site Operation level * Supported
DescribeSiteErrorCodeTop5 Query error code TOP5 distribution chart Operation level * Supported
DescribeSiteMaxQPSTrend Query request peak QPS distribution chart Operation level * Supported
DescribeSiteQPSLimit Query QPS limits of all sites Operation level * Supported
DescribeSiteQPSTrend Query the trend chart of each request volume Operation level * Supported
DescribeSiteQps This interface is used to view traffic trend statistics in the gateway monitoring menu. Operation level * Supported
DescribeSiteStatusCodeCount This interface is used to view the status code distribution in the gateway monitoring menu. Operation level * Supported
DescribeSites This interface is used to query the gateway site information in the gateway monitoring menu. Operation level * Supported
DescribeStrategicEffectList This interface is used to query the policy effect list. Operation level * Supported
DescribeStrategicEffectOverView This interface is used to display an overview of strategy effects. Operation level * Supported
DescribeStrategyDetail DescribeStrategyDetail Operation level * Supported
DescribeStrategyList DescribeStrategyList Operation level * Supported
DescribeStrategyTrends DescribeStrategyTrends Operation level * Supported
DescribeSyncDetectionDetail DescribeSyncDetectionDetail Operation level * Supported
DescribeSyncDetectionRecords DescribeSyncDetectionRecords Operation level * Supported
DescribeTaskList DescribeTaskList Operation level * Supported
DescribeThreatCosUrl DescribeThreatCosUrl Operation level * Supported
DescribeThreatFrequency DescribeThreatFrequency Operation level * Supported
DescribeThreatPermission DescribeThreatPermission Operation level * Supported
DescribeTrustedIdInfo query TrustedId information Operation level * Supported
DescribeUserActivityDetailCust DescribeUserActivityDetailCust Operation level * Supported
DescribeUserActivityProfileCust DescribeUserActivityProfileCust Operation level * Supported
DescribeUserInfoResources Query user resource package usage details Operation level * Supported
DescribeUserInfoUsageCnt DescribeUserInfoUsageCnt Operation level * Supported
DescribeUserPaymentTrackingSummaryCust DescribeUserPaymentTrackingSummaryCust Operation level * Supported
DescribeUserPromotionTrackingSummaryCust DescribeUserPromotionTrackingSummaryCust Operation level * Supported
DescribeUserUsageCnt DescribeUserUsageCnt Operation level * Supported
DescribeVirusDetection DescribeVirusDetection Operation level * Supported
DescribeVirusDetectionAdvanced DescribeVirusDetectionAdvanced Operation level * Supported
DescribeWxOpenIdRisk DescribeWxOpenIdRisk Operation level * Supported
DescribeWxRiskScore DescribeWxRiskScore Operation level * Supported
DownloadSyncDetectionDetail DownloadSyncDetectionDetail Operation level * Supported
GetAccountProtectionDetailCust GetAccountProtectionDetailCust Operation level * Supported
GetAccountProtectionRiskSummaryCust GetAccountProtectionRiskSummaryCust Operation level * Supported
GetAvailableServiceTypesCust GetAvailableServiceTypesCust Operation level * Supported
GetCosPresignedURL GetCosPresignedURL Operation level * Supported
GetNameMapping GetNameMapping Operation level * Supported
GetPaymentProtectionDetailCust GetPaymentProtectionDetailCust Operation level * Supported
GetPaymentProtectionRiskDrillDownCust GetPaymentProtectionRiskDrillDownCust Operation level * Supported
GetPaymentProtectionRiskSummaryCust GetPaymentProtectionRiskSummaryCust Operation level * Supported
GetPromotionProtectionDetailCust Get Promotion Protection Detail Operation level * Supported
GetPromotionProtectionRiskSummaryCust GetPromotionProtectionRiskSummaryCust Operation level * Supported
GetServiceEventCodesCust GetServiceEventCodesCust Operation level * Supported
GetSourceTemplateDownload GetSourceTemplateDownload Operation level * Supported
GetStrategyDetailCust GetStrategyDetailCust Operation level * Supported
GetStrategyHostingSegmentCust GetStrategyHostingSegmentCust Operation level * Supported
ListAccountProtectionDetailsCust ListAccountProtectionDetailsCust Operation level * Supported
ListAccountProtectionHistoryFieldsCust ListAccountProtectionHistoryFieldsCust Operation level * Supported
ListPaymentProtectionDetailsCust ListPaymentProtectionDetailsCust Operation level * Supported
ListPaymentProtectionHistoryFieldsCust ListPaymentProtectionHistoryFieldsCust Operation level * Supported
ListPromotionProtectionDetailsCust ListPromotionProtectionDetailsCust Operation level * Supported
ListPromotionProtectionHistoryFieldsCust Describe promotion protection history fields Operation level * Supported
ListQueryFieldsCust ListQueryFields Operation level * Supported
ListSavedQueryFilterCust ListSavedQueryFilterCust Operation level * Supported
ListStrategyInfoListCust ListStrategyInfoListCust Operation level * Supported
ListUserActivityGeoDetailsCust ListUserActivityGeoDetailsCust Operation level * Supported
ListUserActivitySummaryCust ListUserActivitySummaryCust Operation level * Supported
ListUserPaymentTrackingDetailsCust ListUserPaymentTrackingDetailsCust Operation level * Supported
ListUserPromotionTrackingDetailsCust ListUserPromotionTrackingDetailsCust Operation level * Supported
ListVariableFieldsCust ListVariableFieldsCust Operation level * Supported
ListVariableNameListCust ListVariableNameListCust Operation level * Supported
ManageIPPortraitRisk ManageIPPortraitRisk Operation level * Supported
ManageUniversalFraudProtection ManageUniversalFraudProtection Operation level * not supported
ManageUrlRisk ManageUrlRisk Operation level * Supported
ManageUrlRiskAdvanced ManageUrlRiskAdvanced Operation level * Supported
RiskControlEngine RiskControlEngine Operation level * Supported

Other Operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
GetCosPresignedURLCust Get Cos Presign Url Operation level * Supported
이전 주제: Customer Identity and Access Management다음 주제: Web Application Firewall

도움말 및 지원

문제 해결에 도움이 되었나요?

피드백