tencent cloud

访问管理

产品简介
CAM 概述
产品功能
应用场景
基本概念
使用限制
用户类型
购买指南
快速入门
创建管理员用户
创建子账号并授权
子账号登录控制台
用户指南
概览
用户
访问密钥
用户组
角色
身份提供商
策略
权限边界
排除故障
下载安全分析报告
支持角色的业务
概览
计算
容器
微服务
基础存储服务
数据处理与分析
数据迁移
关系型数据库
企业级分布式数据库
NoSQL 数据库
数据库 SaaS 工具
数据库 SaaS 服务
网络
CDN与加速
网络安全
数据安全
应用安全
域名与网站
大数据
中间件
互动视频服务
实时互动
媒体点播
媒体处理服务
媒体处理
实时云渲染
游戏服务
云资源管理
管理与审计
开发者工具
监控与运维
其他文档
支持CAM的业务接口
概览
计算
边缘计算
容器
分布式云
微服务
Serverless
基础存储服务
数据处理与分析
数据迁移
关系型数据库
企业级分布式数据库
NoSQL 数据库
数据库 SaaS 工具
网络
CDN与加速
网络安全
终端安全
数据安全
业务安全
应用安全
域名与网站
办公协同
大数据
语音技术
图像创作
腾讯大模型
人工智能平台服务
自然语言处理
文字识别
中间件
通信服务
互动视频服务
实时互动
流媒体服务
媒体点播
媒体处理服务
媒体处理
实时云渲染
游戏服务
教育服务
医疗服务
云资源管理
管理与审计
开发者工具
监控与运维
其他文档
实践教程
安全实践教程
多身份人员权限管理
授予标签下部分操作权限
支持员工间资源隔离访问
企业多账号权限管理
查看员工腾讯云操作记录
使用 ABAC 管理员工资源访问权限
按标签鉴权时支持仅匹配标签键
商用案例
MySQL 相关案例
CLB 相关案例
CMQ 相关案例
COS 相关案例
CVM 相关案例
VPC 相关案例
云点播相关案例
其他案例
API 文档
History
Introduction
API Category
Making API Requests
User APIs
Policy APIs
Role APIs
Identity Provider APIs
Data Types
Error Codes
常见问题
角色相关问题
密钥相关问题
其他问题
CAM 用户与权限问题
词汇表
文档访问管理API 文档Data Types

Data Types

PDF
聚焦模式
字号
最后更新时间: 2026-03-26 22:23:11

AccessKey

Access key list

Used by actions: ListAccessKeys.

Name Type Description
AccessKeyId String Access key ID
Status String Key status. Valid values: Active (activated), Inactive (not activated)
CreateTime Timestamp Creation time

AccessKeyDetail

Access key

Used by actions: CreateAccessKey.

Name Type Description
AccessKeyId String Access key ID
SecretAccessKey String Access key, which is visible only when it is created. Keep it properly.
Status String Key status. Valid values: Active (activated), Inactive (not activated).
CreateTime Timestamp Creation time

AttachEntityOfPolicy

The entity associated with the policy

Used by actions: ListEntitiesForPolicy.

Name Type Description
Id String Entity ID
Name String Entity Name
Note: This field may return null, indicating that no valid value was found.
Uin Integer Entity UIN
Note: This field may return null, indicating that no valid value was found.
RelatedType Integer Type of entity association. 1: Associate by users; 2: Associate by User Groups
AttachmentTime String Policy association time
Note: this field may return null, indicating that no valid value was found.

AttachPolicyInfo

Associated policy

Used by actions: ListAttachedGroupPolicies, ListAttachedUserPolicies.

Name Type Description
PolicyId Integer Policy ID
PolicyName String Policy name
Note: This field may return null, indicating that no valid value was found.
AddTime Timestamp Time created
Note: This field may return null, indicating that no valid value was found.
CreateMode Integer How the policy was created: 1: Via console; 2: Via syntax
Note: This field may return null, indicating that no valid value was found.
PolicyType String Valid values: user and QCS
Note: This field may return null, indicating that no valid value was found.
Remark String Policy remarks
OperateOwnerUin String Root account of the operator associating the policy
Note: this field may return null, indicating that no valid values can be obtained.
OperateUin String The ID of the account associating the policy. If UinType is 0, this indicates that this is a sub-account UIN. If UinType is 1, this indicates this is a role ID
OperateUinType Integer If UinType is 0, OperateUin indicates that this is a sub-account UIN. If UinType is 1, OperateUin indicates that this is a role ID
Deactived Integer Queries if the policy has been deactivated
Note: this field may return null, indicating that no valid values can be obtained.
DeactivedDetail Array of String List of deprecated products
Note: this field may return null, indicating that no valid values can be obtained.

AttachedPolicyOfRole

Policy associated with the role

Used by actions: ListAttachedRolePolicies.

Name Type Description
PolicyId Integer Policy ID
PolicyName String Policy name
AddTime String Time of association
PolicyType String Policy type. User indicates custom policy; QCS indicates preset policy
Note: This field may return null, indicating that no valid value was found.
CreateMode Integer Policy creation method. 1: indicates the policy was created based on product function or item permission; other values indicate the policy was created based on the policy syntax
Deactived Integer Whether the product has been deprecated (0: no; 1: yes)
Note: this field may return null, indicating that no valid values can be obtained.
DeactivedDetail Array of String List of deprecated products
Note: this field may return null, indicating that no valid values can be obtained.
Description String Policy description
Note: this field may return null, indicating that no valid values can be obtained.

AttachedUserPolicy

Details of policies associated with the user

Used by actions: ListAttachedUserAllPolicies.

Name Type Description
PolicyId String Policy ID.
PolicyName String Policy name.
Description String Policy description.
AddTime String Creation time.
StrategyType String Policy type (1: custom policy; 2: preset policy).
CreateMode String Creation mode (1: create by product feature or project permission; other values: create by policy syntax).
Groups Array of AttachedUserPolicyGroupInfo Information on policies inherited from the user group.
Note: this field may return null, indicating that no valid values can be obtained.
Deactived Integer Whether the product has been deprecated (0: no; 1: yes).
Note: this field may return null, indicating that no valid values can be obtained.
DeactivedDetail Array of String List of deprecated products.
Note: this field may return null, indicating that no valid values can be obtained.

AttachedUserPolicyGroupInfo

Information on policies that are associated with the user and inherited from the user group

Used by actions: ListAttachedUserAllPolicies.

Name Type Description
GroupId Integer Group ID.
GroupName String Group name.

GroupIdOfUidInfo

Information on the association between a sub-user and a User Group

Used by actions: AddUserToGroup, RemoveUserFromGroup.

Name Type Required Description
GroupId Integer Yes User Group ID
Uid Integer No Sub-user UID
Uin Integer No Sub-user UIN. For UIN and UID, at least one of them is required.

GroupInfo

User Group information

Used by actions: ListGroups, ListGroupsForUser.

Name Type Description
GroupId Integer User group ID
GroupName String User Group name
CreateTime String Time User Group created
Remark String User Group description

GroupMemberInfo

User Group user information

Used by actions: GetGroup, ListUsersForGroup.

Name Type Description
Uid Integer Sub-user UID
Uin Integer Sub-user UIN
Name String Sub-user name
PhoneNum String Mobile number
CountryCode String Mobile number country/area code
PhoneFlag Integer Whether the mobile phone has been verified. 0: No; 1: Yes.
Email String Email address
EmailFlag Integer Whether the email has been verified. 0: No; 1: Yes.
UserType Integer User type. 1: Global collaborator; 2: Project collaborator; 3: Message recipient.
CreateTime String Time policy created
IsReceiverOwner Integer Whether the user is the primary message recipient. 0: No; 1: Yes.

LoginActionFlag

Login and sensitive operation flag

Used by actions: DescribeSafeAuthFlagColl.

Name Type Required Description
Phone Integer No Phone
Token Integer No Hard token
Stoken Integer No Soft token
Wechat Integer No WeChat
Custom Integer No Custom
Mail Integer No Mail
U2FToken Integer No U2F token

LoginActionFlagIntl

Login and sensitive operation flag

Used by actions: DescribeSafeAuthFlagIntl.

Name Type Required Description
Phone Integer No Mobile number
Token Integer No Hard token
Stoken Integer No Soft token
Wechat Integer No WeChat
Custom Integer No Custom
Mail Integer No Email

LoginActionMfaFlag

Login and sensitive operation flag

Used by actions: SetMfaFlag.

Name Type Required Description
Phone Integer No Mobile phone
Stoken Integer No Soft token
Wechat Integer No WeChat

OffsiteFlag

Suspicious login location settings

Used by actions: DescribeSafeAuthFlagColl, DescribeSafeAuthFlagIntl.

Name Type Required Description
VerifyFlag Integer No Verification flag
NotifyPhone Integer No Phone notification
NotifyEmail Integer No Email notification
NotifyWechat Integer No WeChat notification
Tips Integer No Alert

PolicyVersionDetail

Policy version details

Used by actions: GetPolicyVersion.

Name Type Description
VersionId Integer Policy version ID
Note: this field may return null, indicating that no valid values can be obtained.
CreateDate String Policy version creation time
Note: this field may return null, indicating that no valid values can be obtained.
IsDefaultVersion Integer Whether it is the operative version. 0: no, 1: yes
Note: this field may return null, indicating that no valid values can be obtained.
Document String Policy syntax text
Note: this field may return null, indicating that no valid values can be obtained.

PolicyVersionItem

Policy version list element structure

Used by actions: ListPolicyVersions.

Name Type Description
VersionId Integer Policy version ID
Note: this field may return null, indicating that no valid values can be obtained.
CreateDate String Policy version creation time
Note: this field may return null, indicating that no valid values can be obtained.
IsDefaultVersion Integer Whether it is the operative version. 0: no, 1: yes
Note: this field may return null, indicating that no valid values can be obtained.

RoleInfo

Role details

Used by actions: DescribeRoleList, GetRole.

Name Type Description
RoleId String Role ID
RoleName String Role name
PolicyDocument String Role policy document
Description String Role description
AddTime String Time role created
UpdateTime String Time role last updated
ConsoleLogin Integer If login is allowed for the role
RoleType String User role. Valid values: user, system, service_linked
Note: this field may return null, indicating that no valid values can be obtained.
SessionDuration Integer Valid period
Note: this field may return null, indicating that no valid values can be obtained.
DeletionTaskId String Task identifier for deleting a service-linked role
Note: this field may return null, indicating that no valid values can be obtained.
Tags Array of RoleTags Tags.
Note: This field may return null, indicating that no valid values can be obtained.
RoleArn String The Role Arn

RoleTags

Role tag type

Used by actions: CreateRole, CreateServiceLinkedRole, DescribeRoleList, GetRole, TagRole.

Name Type Required Description
Key String Yes Tag key.
Value String Yes Tag value.

SAMLProviderInfo

SAML identity provider

Used by actions: ListSAMLProviders.

Name Type Required Description
Name String Yes SAML identity provider name
Description String Yes SAML identity provider description
CreateTime String Yes Time SAML identity provider created
ModifyTime String Yes Time SAML identity provider last modified

SecretIdLastUsed

The last time the key was used.

Used by actions: GetSecurityLastUsed.

Name Type Description
SecretId String Key ID.
LastUsedDate Date The date when the key ID was last used (the value is obtained one day later).
Note: this field may return null, indicating that no valid value can be obtained.
LastSecretUsedDate Integer The most recent date the key was accessed
Note: This field may return null, indicating that no valid values can be obtained.

StrategyInfo

Policy information

Used by actions: ListPolicies.

Name Type Description
PolicyId Integer Policy ID
PolicyName String Policy name
AddTime Timestamp Time policy created
Note: This field may return null, indicating that no valid value was found.
Type Integer Policy type. 1: Custom policy; 2: Preset policy
Description String Policy description
Note: This field may return null, indicating that no valid value was found.
CreateMode Integer How the policy was created: 1: Via console; 2: Via syntax
Attachments Integer Number of associated users
ServiceType String Product associated with the policy
Note: This field may return null, indicating that no valid value was found.
IsAttached Integer This value should not be null when querying whether a marked entity has been associated with a policy. 0 indicates that no policy has been associated, while 1 indicates that a policy has been associated
Deactived Integer Queries if the policy has been deactivated
Note: this field may return null, indicating that no valid values can be obtained.
DeactivedDetail Array of String List of deprecated products
Note: this field may return null, indicating that no valid values can be obtained.
IsServiceLinkedPolicy Integer The deletion task identifier used to check the deletion status of the service-linked role
Note: this field may return null, indicating that no valid values can be obtained.
AttachEntityCount Integer The number of entities associated with the policy.
Note: this field may return null, indicating that no valid values can be obtained.
AttachEntityBoundaryCount Integer The number of entities associated with the permission boundary.
Note: this field may return null, indicating that no valid values can be obtained.
UpdateTime Timestamp The last edited time.
Note: this field may return null, indicating that no valid values can be obtained.

SubAccountInfo

Sub-user information

Used by actions: ListCollaborators, ListUsers.

Name Type Description
Uin Integer Sub-user user ID
Name String Sub-user username
Uid Integer Sub-user UID
Remark String Sub-user remarks
ConsoleLogin Integer If sub-user can log in to the console
PhoneNum String Mobile number
CountryCode String Country/Area code
Email String Email
CreateTime Timestamp Creation time
Note: this field may return null, indicating that no valid values can be obtained.
NickName String Nickname.
Note: This field may return null, indicating that no valid values can be obtained.

SubAccountUser

Sub-user information

Used by actions: DescribeSubAccounts.

Name Type Description
Uin Integer Sub-user ID
Name String Sub-user name
Uid Integer Sub-user UID. UID is the unique identifier of a user who is a message recipient, while UIN is a unique identifier of a user.
Remark String Sub-user remarks
CreateTime Timestamp Creation time
Note: this field may return null, indicating that no valid values can be obtained.
UserType Integer User type (1: root account; 2: sub-user; 3: WeCom sub-user; 4: collaborator; 5: message recipient)
LastLoginIp String Recent Login IP
LastLoginTime String Recent login time; if the returned value is empty, it means the console has never been logged in to.
上一篇: UpdateUserSAMLConfig下一篇: Error Codes

帮助和支持

本页内容是否解决了您的问题?

填写满意度调查问卷,共创更好文档体验。

文档反馈