Cloud Access Management

A secure access management solution for products and resources.

Get Started

Overview

Benefits

Features

Scenarios

Overview

 

Cloud Access Management (CAM) by Cloud is a comprehensive system for managing permissions and users, designed to ensure secure and precise management of products and resources. Within CAM, you can create users and roles, assigning them security credentials such as console login passwords and Cloud API keys. Additionally, you have the capability to request temporary security credentials to grant access to resources. Through CAM, you can effectively manage permissions, controlling the actions users and roles can perform and the resources they can access. If your organization already has a private network account system, you do not need to create sub-users or collaborators for organizational users. Identity providers (IdPs) offer single sign-on (SSO) for these users, and IdP-verified external users can directly access your resources.

Benefits

compliance value

User Management and Access Permissions

Within CAM, users can be created and provided with distinct security credentials, including Cloud API keys, login passwords, and MFA devices. Additionally, temporary keys can be requested to grant users access to  services and resources. Furthermore, permissions and user actions can be managed effectively through CAM.

open source

Role and Role Permission Management

In CAM, you have the ability to create roles and oversee their permissions, enabling precise control over user and service operations. Additionally, you can designate specific roles for different entities as needed.

secure

Federated User and Federated User Permission Management

You have the option to activate the federated identity feature, which permits existing identities (users, groups, and roles) within your organization to access the CAM console, utilize APIs, and access resources without necessitating the creation of individual users for each identity. Cloud is compatible with SAML 2.0-based identity management solutions.

Features

Access Permissions Management

You can grant access to resources linked to the root account without the need to share identity credentials.

Customized Permissions

You have the capability to assign personalized permissions to individuals for specific resources. For instance, you can authorize particular sub-accounts to have read permissions for COS buckets, while granting write permissions to other sub-accounts and root accounts for the same COS buckets.

Multi-factor Authentication

Enhancing account security, multi-factor authentication requires the entry of both the account password or access key and a code from a designated device when logging in or performing sensitive operations.

Federated Identity

CAM facilitates temporary access to your account for users who have already acquired a password from a third-party authentication system, such as your organization’s network or an Internet identity provider.

PCI DSS Compliance

CAM is confirmed to be compliant with the Payment Card Industry (PCI) Data Security Standard (DSS), enabling merchants or service providers to securely process, store, and transmit credit card data.

Scenarios

Refined Access Control for Resources

Single Sign-on to Cloud

Multi-factor Authentication for Improved Account Security

Through CAM, you have the flexibility to tailor access permissions for your services and resources. You can establish users or roles within CAM and allocate distinct security credentials (such as console login passwords or Cloud API keys) to them, or request temporary security credentials for accessing resources. Additionally, you can oversee permissions to regulate the actions users and roles are authorized to execute and the resources they are permitted to access.

Through CAM, you can leverage your current authentication system to provide access permissions to your employees and services for services and resources. Cloud offers federated authentication utilizing SAML 2.0 (Security Assertion Markup Language 2.0), ensuring compatibility with your organizational account systems within a private network. For further details, refer to the documentation on SAML 2.0-based Federated Authentication.

Multi-factor authentication enhances security by introducing an extra layer of protection beyond the traditional username and password. Presently, two authentication methods are available: hardware/virtual MFA device code and mobile verification code. Depending on the setup, users may need to input a valid authentication code to confirm their identity and device environment before accessing sensitive operations or logging in.

Compute

Cloud Virtual Machine

A secure, stable, and highly flexible computing service

Cloud Lighthouse

A new-gen cloud server service for SMEs and developers

Cloud Bare Metal

Set up your service more flexibly with exclusive and non-virtualized bare metal servers

Cloud GPU Service

A high-density computing server with graphics processing capabilities

CVM Dedicated Host

A physically isolated computing service with exclusive resources

Auto Scaling

An efficient and cost-effective computing resource management policy

Batch Compute

An efficient and cost-effective computing resource management policy

Cloud Automation Tools

Efficient and secure native Ops and deployment tool

Edge Computing

Edge Computing Machine

Distributed low-latency elastic computing resources close to users

Container

Kubernetes Engine

A scalable and high-performing container management service

Kubernetes Engine for Serverless

A secure, elastic, and cost-effective serverless Kubernetes service

Cloud Mesh

Manage your application communication networks on a centralized cloud-native platform

Distributed Cloud

Cloud Dedicated Zone

Deploy dedicated resources on the data center as required by the customer

Edge Zone

Low-delay, wide-coverage, and low-cost edge cloud computing services

Microservice

Cloud Elastic Microservice

A secure, reliable, and highly elastic serverless microservice platform

Serverless

Serverless Cloud Function

A secure and efficient serverless function computing platform

Serverless Application Center

One-stop serverless application development service

EventBridge

A secure and efficient event management platform

Essential Storage Service

Cloud Object Storage

A highly available, reliable, and scalable object storage service

Cloud File Storage

A secure and scalable file sharing and storage solution

Cloud Block Storage

A reliable, scalable, and persistent block storage service

Data Migration

Migration Service Platform

A service platform enabling quick and convenient system migration

Data Process and Analysis

Cloud Infinite

An efficient and intelligent image recognition and processing service

Cloud Log Service

A one-stop logging solution for log collection, search and analysis

Relational Database

Cloud Native Database TDSQL-C

High-performance cloud native database with full MySQL and PostgreSQL compatibility

CloudDB for MySQL

A high-performance, reliable, and flexible database hosting service

CloudDB for MariaDB

A community-driven open-source database

CloudDB for PostgreSQL

An open-source database supporting geospatial data processing

CloudDB for SQL Server

A genuinely licensed SQL Server database in the cloud

NoSQL Database

CloudDB for Redis

A high-performance, low-latency, and scalable Redis database

CloudDB for MongoDB

A high-performance distributed MongoDB database

CloudDB for TcaplusDB

A high-performance distributed NoSQL data storage service

CloudDB for Tendis

A Redis-compatible elastic KV storage service

CloudDB for CTSDB

A powerful, distributed, and scalable time series database in the cloud

CloudDB for Graph Database

A one-stop database service for storage, computation, and visual analysis of massive amounts of graph data

Cloud VectorDB

Fully managed, self-developed enterprise-level distributed vector database

Enterprise Distributed DBMS

ADSQL for MySQL

A high-performance database featuring automated sharding

ADSQL-A for PostgreSQL

An online real-time data warehouse service featuring high performance, scalability, security, and cost effectiveness

ADSQL-H LibraDB

A stable, efficient, and out-of-the-box HTAP database

Database SaaS Tool

Data Transfer Service

A seamless data transfer and migration service with no downtime

Database Expert Service

Professional and efficient database service

Database Management Center

Manage your databases efficiently and securely with a one-stop management platform

CloudDB for DBbrain

A cloud database autonomous service for database performance optimization

Networking

Virtual Private Cloud

An isolated and secure virtual private network in Cloud

Cloud Load Balancer

A secure, stable and elastically scalable traffic distribution service

Direct Connect

A dedicated network with low latency for optical fiber communications

Cloud Connect Network

A fast and easy service to interconnect resources on and off cloud

Elastic Network Interface

A multi-ENI hot swap service for CVM

NAT Gateway

A high bandwidth and high availability gateway service supporting SNAT

Peering Connection

A cross-regional network connection service for data synchronization

Flow Logs

A full-time, full-process, and non-intrusive traffic collection service

Anycast Internet Acceleration

An IP Anycast service that optimizes Internet access

Bandwidth Package

A multi-IP aggregated billing method that reduces Internet access costs

VPN Connection

An easy to build network-based IPsec-encrypted tunneling service

CDN and Edge platform

Cloud EdgeOne

Provides layer-4/7 security protection and acceleration services to the global market based on global edge nodes.

Enterprise Content Delivery Network

A one-stop acceleration service for dynamic and hybrid resources.

Content Delivery Network

A fast, stable, intelligent, and secure content delivery service

Global Application Acceleration Platform

A high-speed network connection service for application acceleration.

Secure Content Delivery Network

A content delivery network integrated with multiple security protection capabilities

Global Office Access

Quick and secure access to organizational resources from any network

Network Security

Anti-DDoS Advanced

A protection solution against high-traffic DDoS attacks for services in and outside the cloud

Anti-DDoS Pro

A convenient anti-DDoS service for cloud-based businesses

Cloud Firewall

Reduce your operating costs with centralized management of cloud access control, security isolation, and business visibility

Anti-DDoS

A reliable system that offers DDoS protection solutions to different industries

Data Security

Data Security Governance Center

DSGC provides cloud native data security services

Bastion Host

Cloud resource security operation and maintenance gateway

Key Management Service

A secure, easy-to-use key management service for encrypted data

Secrets Manager

A simple, stable, and secure credential management service

Application Security

Web Application Firewall

A one-stop intelligent security protection platform for website services

Vulnerability Scan Service

Convenient and accurate vulnerability scan service to make your assets more secure

Mobile Security

A stable and effective mobile application security service

Anti-Cheat Expert

A professional mobile game security solution empowering games

T-Sec WeTest Game Quality Monitoring

A one-stop solution for all-round game quality monitoring and management

Endpoint Security

Cloud Workload Protection Platform

Protect your servers with the all-around security services

Container Security Service

ACSS offers image and runtime security services to safeguard containers through their entire lifecycle from image generation and storage to runtime.

Business Security

Captcha

All-around CAPTCHA verification services

Text Moderation System

Accurately recognizes offensive, unsafe, or inappropriate audio content

Image Moderation System

Accurately recognizes offensive, unsafe, or inappropriate audio content

Audio Moderation System

Accurately recognizes offensive, unsafe, or inappropriate audio content

Video Moderation System

Detects pornographic and other non-compliant content in videos

Customer Identity Access Management

Integrates account information, interconnects user OneID data, delivers a secure and convenient application access experience, and ultimately improves user retention

Risk Control Engine

Real-Time protection against account and payment frauds

Security Services

Penetration Testing Service

Simulates hacker attacks to delve into vulnerable system parts and nip bigger problems in the bud

Security Management

Cloud Security Center

Cloud's native security management platform

Domains & Websites

Domains

A leading domain registrar offering comprehensive domain registration and management services

SSL Certificate Service

A one-stop digital certificate management service

Private DNS

A secure, stable, and efficient private DNS service

HTTPDNS

A secure, stable, and efficient mobile DNS service to avoid domain name hijacking and cross-network access problems caused by local DNS

DNSPod

Provides fast, stable, and highly available DNS services

Office Collaboration

VooV Meeting

VooV Meeting enables online collaborations.

Cloud Enterprise Drive

A secure and efficient enterprise collaboration platform

Enterprise Applications

Ecard

Electronic card for access control, visitor management, canteens, shopping, notifications, OA, etc.

Data Analysis

Elastic MapReduce

A secure and flexible cloud-hosted Hadoop service

Elasticsearch Service

A ready-to-use cloud-based Elasticsearch service

Cloud Data Warehouse

A simple and easy-to-use ClickHouse hosting service in the cloud

Cloud Data Warehouse for PostgreSQL

A convenient and cost-effective in-cloud data warehousing service

Data Lake Compute

A next-gen cloud-native agile data lake analysis service

Stream Compute Service

A cloud-based streaming data aggregation and computing service

Image Recognition

Analysis Platform for Pneumonia CT Image

A chest CT image analysis and research platform

Face Recognition

Face Recognition

Accurate and real-time facial detection, analysis, recognition, and search services

eKYC

Verify user identities via secure face recognition service

Voice Technology

Text To Speech

An intelligent service that provides lifelike speech synthesis

Automatic Speech Recognition

A highly cost-effective speech recognition service with a high recognition accuracy and wide applicability

AI Platform Service

Cloud TI Platform

A one-stop machine learning service platform for AI engineers

Cloud AI Digital Human

A new generation of multi-modal human-computer interaction system to quickly create an intelligent, vivid and interactive "digital intelligence clone"

Intelligent Music Solution

Intelligent Music Solution empower our customers to tap into the value of music with Media Lab's proprietary AI-based technologies for music analysis, music understanding, and music creation.

Natural Language Processing

Machine Translation

Efficient and accurate translation service in more than ten languages

Optical Character Recognition

Optical Character Recognition

A precise, fast and versatile image and text recognition service

Internet of Things

IoT Hub

A cloud solution that helps developers quickly build IoT applications

Message Queue

TDMQ for CKafka

A high-performance and reliable Kafka-compatible messaging system

TDMQ for RocketMQ

Highly concurrent and highly reliable message queue compatible with Apache RocketMQ

TDMQ for RabbitMQ

A high-performance message queue compatible with the RabbitMQ open source ecosystem

TDMQ for Pulsar

Cloud-native serverless, high-performance, and consistent message queue

TDMQ for CMQ

The original Cloud CMQ, a high-performance message queuing service

Middleware

API Gateway

A full lifecycle management API hosting service

Communication

Chat

A communication service supporting one-to-one chat, group chat, chat room, system notification, and other messaging capabilities

Short Message Service

A fast, stable, and easy-to-use messaging service with global reachability

Push Notification Service

A reliable and fast push notification service with high delivery rate

Cloud Contact Center

Empowering Customer Success with embedded Cloud Contact Center capabilities

Simple Email Service

A secure, stable, and simple email push service

Interactive Video Services

Alto Real-Time Communication (ARTC)

Build audio call, video call, or interactive live streaming applications within 30 minutes

Low-Code Interactive Classroom

Quickly set up your cross-platform interactive classroom in 15 minutes to provide highly stable and cost-effective online interactive classroom services for your school or enterprise

Stream Services

StreamLive

A broadcast-grade live video streaming service

StreamPackage

A stable, secure, and effective media packaging service

StreamLink

A fast and reliable real-time video transport service for global users

Cloud Streaming Services

A fast, stable, and professional cloud-based live streaming services

Media On-Demand

Video on Demand

A one-stop media transcoding and distribution platform

VOD On EdgeOne

Flexible VOD solution

Media Process Services

Media Processing Service

A professional and versatile multimedia processing service

Media SDK

Mobile Live Video Broadcasting

A quick integration solution to push and pull live streams on mobile devices

User Generated Short Video SDK

Create short video mobile applications easily

Effect SDK

An advanced video processing solution with beauty filters and stickers

Cloud Real-time Rendering

Cloud Application Rendering

Move your application to the cloud for real-time rendering and streaming so your users can use it through web pages, apps, or other devices

Game Services

Game Multimedia Engine (GME)

A one-stop gaming voice solution that is easy to integrate

Game Video Service

Game Video Transcoder

Flexible and easy-to-use video transcoding and compression service

Game Video Processor

A human visual standard-based game video processing platform

Game Video Analyzer

A smart video content analysis system for content categorization and highlights generation

Education Services

iHearing Oral Evaluation

Supports oral English and Chinese evaluation with great adaption to the pronunciation characteristics in Asia Pacific

Interactive Whiteboard

A real-time, smooth, and feature-rich online interactive whiteboard service

Blockchain Service

Cloud Blockchain RPC

A high-performance blockchain RPC service

Building Services

Cloud Weiling

An IoT operating system well adapted to smart building scenarios

Instavue Smart Video Analysis System

Integrates IoT technology and AI smart vision capabilities to help accurately tap into the value of massive videos

Cloud Resource Management

API

Access Cloud resources quickly via APIs

Cloud Command Line Interface

Quickly call Cloud APIs to manage your cloud resources

Cloud Infrastructure as Code (IC)

An efficient and secure infrastructure management platform

Smart Advisor

An out-of-the-box cloud resource risk assessment service

Infrastructure Automation for Terraform

Manage Cloud resources securely and efficiently

Control Center

Set up a landing zone to centrally manage all of your enterprise accounts.

Management and Audit Tools

Cloud Access Management

A convenient and secure permission and user management service

CloudAudit

A logging and tracking service for Cloud resource operations

Cloud Organization

Centrally manage multiple accounts with user-based permissions

Developer Tools

CODING Code Repositories

A secure, fast, and convenient Git/SVN code repository service

CODING Project Management

A PM tool and service for agile and fast iteration

CODING Test Management

An agile testing method for better test-R&D collaboration

CODING Continuous Integration

A cloud-based code build service for Java, Python, and more

CODING Artifact Repositories

An efficient management service for artifacts after code compilation

CODING Continuous Deployment

A continuous, controllable, and automated deployment of artifacts

Mobile Framework

One-stop mobile development and operation platform

Cloud Mini Program Platform

One-stop development, placing small programs into enterprise-owned APPs

Monitor and Operation

Cloud Observability Platform

A cloud resource data monitoring platform for intelligent data analysis

Managed Service for Prometheus

A lightweight, stable, and highly available managed Prometheus service

Application Performance Management

Monitor your application performance in real time with a scalable and cost-effective management service

Real User Monitoring

A real user experience monitoring service for web and mini program frontends

Cloud Managed Service for Grafana

Secure, stable, low-cost, and highly scalable managed Grafana service

Cloud Automated Testing

A globally deployed real user performance test service

Education

Cloud Online Education Solutions

Versatile solutions for supporting diverse online education scenarios

Gaming

Gaming Solution

A comprehensive solution to help you build your cloud gaming platform

Game Media Solutions

A one-stop toolkit for gaming videos

Financial Services

Financial Services Solution

Integrated full-process fintech solutions designed for various digital transformation scenarios

Audio & Video

Audio/Video Solution

A one-stop video solution for all your cloud media applications

LVB Recording Solution

A solution for on-cloud recording, content production, and video distribution

Interactive Classroom Solution

Offers a one-stop online education solution

Interactive Live Streaming Solution

Covers various low-latency live video streaming use cases such as anchor competition and interactive live streaming

Audio Chat Social Networking Solution

Provides a one-stop "real-time audio interaction" solution

Real Estate

Cloud LinkBase (Weiling)

An IoT building operating system well adapted to smart building scenarios