Cloud Access Management

Secure access management for Tencent Cloud products and resources

Cloud Access Management (CAM) by Tencent Cloud is a permission and user management system designed for secure and precise products management and access. You can create users and roles in CAM and assign security credentials such as console login passwords and Cloud API keys to them. You can also request temporary security credentials to enable Tencent Cloud resources access.You can manage permissions to control what actions users and roles can perform and what resources they can access. Additionally, you won't need to create organizational users' sub-users or collaborators if your organization already has private network account system. Identity provider (IdP) will provide single sign-on (SSO) for these users. IdP-verified external users can access your Tencent Cloud resources directly.

Benefits

User Management and Access Permissions

You can create users in CAM, assign them separate security credentials including Cloud API keys, login passwords and MFA devices. You can also request temporary keys to let users access Tencent Cloud services and resources.You can manage permissions and user actions.

Management of Roles and Their Permissions

You can create roles and manage their permissions in CAM to control user and service operations. You can also set roles different entities should take.

Management of Federated Users and Their Permissions

You can enable the federated identity feature to allow existing identities (users, groups and roles) in your organization to access the CAM console, call APIs and access resources without having to create users for each identity. Tencent Cloud supports SAML 2.0-based identity management solutions.

Features

Managing Access Permissions

You can authorize access to root account resources without sharing identity credentials.

Customized Permissions

You can grant individualized permissions to different people for targeted resources. For example, you can grant certain sub-accounts COS bucket read permission while granting other sub-accounts and root accounts COS bucket write permission.

Multi-factor Authentication

Multi-factor authentication improves account security. When attempting to log in or conduct sensitive operations, you need to enter the account password or access key as well as a code from specifically configured device.

Federated Identity

CAM allows users who have already obtained a password from a third-party authentication system (for example, in your organization network or through an internet identity provider) to gain temporary access to your Tencent Cloud account.

PCI DSS Compliance

Verified to be compliant with the Payment Card Industry (PCI) Data Security Standard (DSS), CAM supports the processing, storage and transmission of credit card data by merchants or service providers.

Compatible with Most Tencent Cloud Products

For a complete list of CAM-compatible Tencent Cloud products.

Managing Access Permissions
Customized Permissions
Multi-factor Authentication
Federated Identity
PCI DSS Compliance
Compatible with Most Tencent Cloud Products