创建子账号(用户)
第一步:新建用户
![](https://qcloudimg.tencent-cloud.cn/image/document/23696d05289e5d9201a00e05c2d97849.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/23696d05289e5d9201a00e05c2d97849.png)
选择快速创建。
![](https://qcloudimg.tencent-cloud.cn/image/document/e1e5c58bd41b218a0b29681f555cb020.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/e1e5c58bd41b218a0b29681f555cb020.png)
第二步: 填写创建信息
填写用户名,单击创建用户完成创建.
![](https://qcloudimg.tencent-cloud.cn/image/document/72283bd955ed5bfa683c3d6fdb9cb849.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/72283bd955ed5bfa683c3d6fdb9cb849.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/ff097baf6dabcd3c8664b5cc452713d2.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/ff097baf6dabcd3c8664b5cc452713d2.png)
第三步:查看创建的用户
![](https://qcloudimg.tencent-cloud.cn/image/document/298132391ea8d3c46497a77f2d0e6c67.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/298132391ea8d3c46497a77f2d0e6c67.png)
创建 JSON 策略
第一步:新建自定义策略
![](https://qcloudimg.tencent-cloud.cn/image/document/c3d1db19a41db8a5fb497c4affb9e57c.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/c3d1db19a41db8a5fb497c4affb9e57c.png)
第二步:选择策略类型
选择按策略语法创建。
![](https://qcloudimg.tencent-cloud.cn/image/document/ad5de125e71e1146efd42d3559889875.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/ad5de125e71e1146efd42d3559889875.png)
第三步:选择模板类型
选择空白模板 > 单击下一步。
![](https://qcloudimg.tencent-cloud.cn/image/document/6642a4188930009c40707e97fd4b317c.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/6642a4188930009c40707e97fd4b317c.png)
第四步:填写策略信息并保存
填写策略名称、填写描述,将需要的 预设 JSON 策略 复制粘贴至策略内容,单击完成创建策略。
![](https://qcloudimg.tencent-cloud.cn/image/document/f500a8219925771527ea2e06b430ec6f.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/f500a8219925771527ea2e06b430ec6f.png)
策略内容(注意:resource中的条件需要替换成主账号的uin,如下图)
![](https://qcloudimg.tencent-cloud.cn/image/document/05ff3a5d4b09088bddbce736df20d510.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/05ff3a5d4b09088bddbce736df20d510.png)
关联或授予策略
方式一:在策略列表关联相关用户
![](https://qcloudimg.tencent-cloud.cn/image/document/ffcd776e896501191530dd0ff9ebdced.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/ffcd776e896501191530dd0ff9ebdced.png)
第二步:选择需要授权的用户/用户组/角色,单击确定完成策略关联。
![](https://qcloudimg.tencent-cloud.cn/image/document/ab526198af10f6f3e4b1ffcd697e8a3c.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/ab526198af10f6f3e4b1ffcd697e8a3c.png)
方式二:在用户列表授予策略
![](https://qcloudimg.tencent-cloud.cn/image/document/cf34a6eb7473f069a398e4953561fe3e.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/cf34a6eb7473f069a398e4953561fe3e.png)
第二步:选择自定义策略,单击确定进入自定义策略列表。
![](https://qcloudimg.tencent-cloud.cn/image/document/c17e2c0e3c44ed9dfca4b7b1963bf9fa.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/c17e2c0e3c44ed9dfca4b7b1963bf9fa.png)
第三步:选择此前配置好的自定义策略,单击确定完成策略授予。
![](https://qcloudimg.tencent-cloud.cn/image/document/6cde6973892224d752678351428593ae.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/6cde6973892224d752678351428593ae.png)
预设 JSON 策略
场景一:子账号只能读写自己
如果您需要限制 所有子账号 :
只能查看和编辑自己创建的音色
可使用以下 JSON 策略:
{"statement": [{"action": ["vrs:GetVRSTasks"],"effect": "allow","resource": ["qcs::vrs::uin/{替换为您的主账户uin}:subUin/${uin}"]},{"action": ["vrs:GetVRSResource","vrs:DescribeTempToken","vrs:DetectEnvAndSoundQuality","vrs:GetTrainingText","vrs:CreateVRSTask","vrs:GetAuditionQuota","vrs:DescribePidOrders","vrs:DescribeVRSTaskStatus","vrs:DescribeOpenStatus","vrs:ActivateService"],"effect": "allow","resource": ["*"]}],"version": "2.0"}
场景二:子账号拥有全读写权限(等同于主账号)
如果您需要允许 所有子账号 拥有与主账号同等的全读写权限
可用预设策略:QcloudVRSFullAccess 并关联 / 授权所有用户
![](https://qcloudimg.tencent-cloud.cn/image/document/58d8cc876b0ce500464f0618d79f8c48.png)
![](https://qcloudimg.tencent-cloud.cn/image/document/58d8cc876b0ce500464f0618d79f8c48.png)