tencent cloud

Private DNS

Release Notes
Product Introduction
Overview
Strengths
Use Limits
Scenarios
Purchase Guide
Billing Overview
Value-Added Service Packages
Non-Standard TLDs
Getting Started
Activating Private DNS
Creating Private Domain
Deleting Private Domain
Modifying Associated VPC
Operation Guide
Setting DNS Record
Modifying DNS Record
Deleting DNS Record
Importing DNS Records
Exporting DNS Records
Associating the VPCs of Another Account
Bulk Operation
Reverse DNS and PTR Record
Subdomain Recursive DNS Description
DNS Statistics Description
Round-Robin DNS Description
Recursive Resolution Description
Cloud Access Management
Cloud Access Management Overview
Authorizable Resource Types
Sample Access Management Policy
Use Cases
Configuring the NSCD Service for Cache Acceleration to Improve DNS Availability
API Documentation
History
Introduction
API Category
Making API Requests
Private DNS APIs
Data Types
Error Codes
FAQs
Private DNS
Will Private DNS override public domain names?
PDNS Policy
Privacy Policy
Data Processing And Security Agreement
Related Agreement
Private DNS Service Level Agreement
Glossary
DocumentationPrivate DNSCloud Access ManagementSample Access Management Policy

Sample Access Management Policy

PDF
Focus Mode
Font Size
Last updated: 2025-07-16 16:04:10

Overview

Cloud Access Management (CAM) is used to manage the access permissions for the resources under Tencent Cloud accounts. With CAM, you can use the identity management and policy management features to control which Tencent Cloud resources can be accessed by which sub-accounts. This document describes how to use certain policies in the console.

Samples

Full access policy in Private DNS

To grant a user the permission to create and manage private domains in Private DNS, associate the QcloudPrivateDNSFullAccess policy with the user. Associate the preset policy QcloudPrivateDNSFullAccess with the user as instructed in Authorization Management. The policy syntax is as follows:
{
  "version": "2.0",
  "statement": [
  {
    "action": [
        "privatedns:*"
     ],
     "resource": "*",
     "effect": "allow"
   }
  ]
}

Read-only policy in Private DNS

To grant a user the permission to view private domains in Private DNS but not create or delete them, associate the QcloudPrivateDNSReadOnlyAccess policy with the user. Associate the preset policy QcloudCVMInnerReadOnlyAccess with the user as instructed in Authorization Management. The policy syntax is as follows:
{
  "version": "2.0",
  "statement": [
  {
    "action": [
       "privatedns:Describe*"
     ],
     "resource": "*",
     "effect": "allow"
    }
  ]
}


Previous Topic: Authorizable Resource TypesNext Topic: Configuring the NSCD Service for Cache Acceleration to Improve DNS Availability

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback