Skip to main content

CloudBase for Platform

What is CloudBase for Platform

A solution for AI Coding, Vibe Coding, and similar platforms (e.g. Lovable, Bolt.new, Vercel v0, Figma Make) that lets any platform configure and manage the backend on behalf of its users. Platforms can offer a seamless, out-of-the-box backend experience without exposing the complexity of databases, cloud functions, or object storage—users get a working app from a single prompt or a few clicks.

What you get: An isolated environment per tenant, each containing a database, cloud functions, static hosting, and a unified HTTP access endpoint. Resources are isolated between tenants; creation, billing, deployment, database, and monitoring are all managed programmatically via Tencent Cloud APIs.

Use cases: SaaS, internal platforms, multi-tenant systems, or AI Coding / Vibe Coding platforms that want isolated backend capabilities per customer/tenant and management via API rather than console only.

Unit of management: The environment. One environment = one tenant's full set of resources (database, cloud functions, HTTP access service, static hosting, etc.). Typically one tenant, one environment. All operations are done programmatically via the Tencent CloudBase API.

Account and environment relationship: Uses a single-account model—one Tencent Cloud account (root or sub-user with CloudBase permissions) can create multiple environments. Each tenant maps to one environment; all resources and billing belong to that account for unified management. Environment count is subject to account quotas; you can query the environment quota before creating. To increase the limit, contact us.

Account, environment, and resource hierarchy:

Creating environments and billing

Create an environment for each new tenant and manage billing and quotas.

Steps

Step 1: Confirm prerequisites

Before creating, verify account status and available resources:

Step 2: Call CreateEnv to create the environment

Call CreateEnv. The API places and pays the order automatically. Key parameters:

ParameterDescription
PackageIdPackage ID, e.g. baas_personal; retrieve options with DescribeBaasPackageList
AliasEnvironment alias
ResourcesResource types to provision at creation; see table below
PeriodDuration in months (default 1)
TagsEnvironment tags for access isolation and resource grouping; recommended to tag by tenant ID or product line

Resources values:

ValueDescription
flexdbDocument database (NoSQL), MongoDB-style API
storageObject storage (CloudBase storage)
functionCloud Functions (including HTTP functions)

Choose the resource types your use case needs. Other resources (e.g. MySQL) can be enabled after environment creation.

Step 3: Wait for provisioning and confirm status

Environment provisioning is asynchronous. Poll DescribeEnvs until the environment status is available, then check usage and billing:

Quota notes: COS resources and Cloud Functions (non-Shanghai regions) both have account-level or regional quotas. If you plan to create a large number of environments, discuss quotas with the CloudBase team first.

Environment lifecycle API reference

Deploying backend for tenants

Requests enter through the HTTP access service and are routed to the corresponding cloud function. Supports REST APIs, WebSocket, and container image deployment.

Complete call sequence from getting environment info to publicly reachable:

Steps

Step 1: Get environment and log config

Call DescribeEnvs; extract LogsetId / TopicId from EnvInfo.LogServices[0] and pass as ClsLogsetId / ClsTopicId to CreateFunction for log delivery.

Step 2: Package the code

Zip the function directory and Base64-encode it, 50 MB limit. For larger packages, upload to COS first and reference via CosBucketName / CosObjectName / CosBucketRegion (bucket name without -appid suffix, path starts with /).

Step 3: Create or update the function

Call CreateFunction or UpdateFunctionCode. Required: Type: 'HTTP', Namespace (environment ID), Handler. For WebSocket, additional parameters are required—see WebSocket functions.

Step 4: Wait for function ready

Poll ListFunctions until Status = Active.

Step 5: Configure HTTP access route

Call CreateCloudBaseGWAPI. Key parameters: EnableUnion: true, Path, ServiceId (environment ID), Type: 6, Name (function name), AuthSwitch: 2 (auth off), PathTransmission: 2 (path pass-through), EnableRegion: true, Domain.

Step 6: Wait for service ready

Poll DescribeCloudBaseGWAPI until APISet[0].UnionStatus = 1 to get the public access URL.

(Optional) Bind custom domain

Call BindCloudBaseAccessDomain with ServiceId (environment ID), Domain, BindFlag: 2. For HTTPS, pass CertId—request the certificate in the SSL console first. For domains on Tencent Cloud DNSPod, use DescribeRecordFilterList to check whether a CNAME record exists; if not, call CreateRecord to create it.

These APIs can be called via the Manager SDK commonService. You can also use the Tencent Cloud SDK 3.0 to call Cloud Functions APIs directly. Multi-language support: Python, Java, PHP, Go, Node.js, .NET, C++, Ruby.

Cloud Functions API reference

Pass the CloudBase environment ID as Namespace to operate on functions within that environment. See SCF API overview for full parameters.

WebSocket functions

WebSocket functions extend the standard HTTP function. Pass these additional fields to CreateFunction:

ProtocolType: 'WS',
ProtocolParams: {
  WSParams: {
    IdleTimeOut: 7200   // idle connection timeout, 10–7200 s
  }
},
Timeout: 7200           // function timeout, must be >= IdleTimeOut, 15–7200 s

Note: Timeout must be ≥ IdleTimeOut, otherwise function creation will fail.

Single-instance concurrency (Session-Based for WebSocket, Request-Based for HTTP):

InstanceConcurrencyConfig: {
  DynamicEnabled: 'FALSE',
  MaxConcurrency: 10,
  Type: 'Session-Based',        // WebSocket: Session-Based; HTTP: Request-Based
  SessionConfig: {
    SessionExpireTime: 7200,
    IdleSessionExpireTime: 3600,
    SessionDestroyStrategy: 'IdleDestroy',
    SessionKeyType: 'Header',
    SessionKey: 'x-ws-session'
  },
  InstanceIsolationEnabled: 'FALSE'
}

Container image deployment

Suited for complex dependencies, large packages, or custom runtime environments.

Prerequisites:

  1. Authorize image pull: Grant the cloud function role the QcloudAccessForSCFRoleInPullImage policy—one-time operation: Click to authorize
  2. Prepare image repository: Create a repository in Tencent Container Registry (TCR); see Get access credentials and Push image.
  3. Image requirements: Linux-based amd64 image; container must listen on port 9000.

On Apple Silicon Macs or other ARM hosts, you must add --platform linux/amd64—otherwise the deployed function will fail to start:

docker build --platform linux/amd64 -t your-image-name .

When deploying, replace Code.ZipFile with Code.ImageConfig in CreateFunction:

Code: {
  ImageConfig: {
    ImageType: 'personal',   // personal edition repository
    ImageUri: 'ccr.ccs.tencentyun.com/your-ns/your-image:tag',
    // RegistryId: ''        // required for enterprise edition repository
  }
}

Reference: ImageConfig parameter description

HTTP access service API reference

Domains and secure domains

Bind custom domains and certificates for tenant environments' static hosting or HTTP access service; maintain a secure domain allowlist for origins that may call CloudBase.

Steps

Step 1: Request an SSL certificate

Before binding an HTTPS domain, request or upload a certificate in the SSL console to obtain a CertId.

Step 2: Bind custom domain

Choose the appropriate API based on the target:

Step 3: Configure DNS CNAME

After binding, add a CNAME record at your DNS provider pointing to the CloudBase hostname (e.g. xxx.tcbaccess.tencentcloudbase.com). For domains on Tencent Cloud DNSPod:

  1. Check whether the CNAME record exists: DescribeRecordFilterList
  2. If not, create it: CreateRecord, set Value to the CloudBase hostname

Access works only after both binding and DNS propagation are complete.

Step 4: Add secure domains (optional)

Secure domains control which front-end origins can call CloudBase. Add your tenant front-end domains to the allowlist:

Domain API reference

Database

Each environment includes two database options; tenants are isolated per environment.

  • Document database (FlexDB / NoSQL): Collection/document storage, MongoDB-style API; collection CRUD, index management. Enable by including flexdb in Resources at environment creation.
  • Relational database (MySQL): Standard SQL and DDL, table management; front-end can access via Web SDK with a Supabase-style API.
  • Permissions and security: Database-level ACL and table-level security rules for read/write and row-level access control.

Document database

Steps

Step 1: Enable

Include flexdb in Resources when calling CreateEnv; no additional steps required.

Step 2: Create collections

Call CreateTable with EnvId and the collection name.

Step 3: Manage indexes and permissions

  • Query or update collection indexes: UpdateTable
  • Configure read/write ACL and security rules to control tenant data access

Document database API reference

MySQL

Steps

Step 1: Enable MySQL

Call CreateMySQL to enable. The operation is asynchronous—poll for completion:

Step 2: Initialize schema

Once enabled, call RunSql to execute DDL statements such as CREATE TABLE and CREATE INDEX.

Step 3: Configure accounts and access

MySQL API reference

Lifecycle management (tcb.tencentcloudapi.com):

Account management (cynosdb.tencentcloudapi.com):

Connection and cluster (cynosdb.tencentcloudapi.com):

Backup (cynosdb.tencentcloudapi.com):

Monitoring and logging

View per-environment metrics and HTTP access service status, and search CLS logs for troubleshooting and usage analysis.

Steps

Step 1: Query monitoring data

Choose the appropriate granularity:

Step 2: Search logs

Call SearchClsLog with:

  • EnvId: environment ID
  • Time range
  • QueryString: CLS syntax, e.g. module:database, src:app

Returns up to 100 results per call with cursor pagination up to 10,000 total.

Monitoring and logging API reference

Development and integration options

Depending on your stack and scenario, you can manage environments and resources with:

OptionUse caseDocs
Manager SDK (Node.js)Integrate in your system or scripts; recommendedManager SDK
Manager APICall REST API directly or from your backendCloudBase API intro
MCP toolsAI Coding platforms (Cursor, Claude Code, etc.); AI agent calls CloudBaseCloudBase MCP, Skills

MCP supports two connection modes—see Connection modes:

Local mode (recommended): MCP Server runs locally via npx; full functionality including file upload and template download. Requires Node.js.

{
  "mcpServers": {
    "cloudbase": {
      "command": "npx",
      "args": ["@cloudbase/cloudbase-mcp@latest"],
      "env": {
        "CLOUDBASE_ENV_ID": "<env_id>",
        "TENCENTCLOUD_SECRETID": "<SecretId>",
        "TENCENTCLOUD_SECRETKEY": "<SecretKey>"
      }
    }
  }
}

Hosted mode: MCP Server runs on Tencent Cloud; IDE connects via HTTP. No local Node.js required, but local file operations (e.g. template download) are not supported.

{
  "mcpServers": {
    "cloudbase": {
      "type": "http",
      "url": "https://tcb-api.cloud.tencent.com/mcp/v1?env_id=<env_id>",
      "headers": {
        "X-TencentCloud-SecretId": "<SecretId>",
        "X-TencentCloud-SecretKey": "<SecretKey>"
      }
    }
  }
}

Hosted mode supports disabling specific plugins via the disable_plugins URL parameter (e.g. &disable_plugins=rag&disable_plugins=env). Available plugins: env, database, functions, hosting, storage, setup, rag, cloudrun, gateway, security-rule, capi, etc. See MCP tools for the full list.

Suggested implementation order

  1. Environment creation and billing: Create a single-tenant environment, enable billing, and support usage queries.
  2. Deploy backend: Deploy HTTP cloud functions to expose APIs or WebSocket.
  3. HTTP access service and domain: Configure routes and custom domain for exposure and access control.
  4. Database and permissions: Enable database for tenants, create tables, configure permissions and security rules.
  5. Monitoring and logging: Use metrics and CLS logs for troubleshooting and usage analysis.

Terminology

TermDescription
EnvironmentOne tenant's full set of resources (database, cloud functions, HTTP access service, static hosting, etc.); typically one tenant per environment.
HTTP cloud functionOn-demand cloud function exposed via HTTP access service; suited for REST APIs and light logic.
HTTP access serviceUnified HTTP entry that routes requests to HTTP cloud functions (term used in Tencent Cloud docs).

References

Official docs

AI Coding / MCP

Platform integrations