检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
SIS does not support IAM fine-grained authorization. The IAM account has the same permissions as the main account. You can create IAM users for employees or applications. For details, see Creating an IAM User. Parent topic: Permissions
Before using IAM Identity Center, you must enable the Organizations service and create an organization. Then, you can log in to IAM Identity Center using the organization's management account.
Currently, you can only associate IAM Identity Center users/groups and permission sets with member accounts in your organization, rather than organizational units (OUs) or the whole organization.
Error Codes None Parent topic: IAM User Management
Associating Accounts with Users and Permission Sets After IAM Identity Center users/groups and permission sets are created, you can associate one or more member accounts in your organization with the created users/groups and permission sets.
Creating Permissions Policies for ABAC Overview After you add tags to resources and enable and configure access control attributes in IAM Identity Center, you need to add attribute-based access control rules to custom identity policies of the permission set.
Deleting a Service Instance Function This API is used to delete an IAM Identity Center service instance. It can be called only from the organization's management account.
Creating a User and Granting Permissions This section describes the fine-grained permissions management provided by IAM for your Automation. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Customizing User Portal URL After you enable IAM Identity Center, a unique user portal URL is automatically generated. You can customize the URL only once. After the URL is changed, it cannot be modified any longer. Procedure Log in to the Huawei Cloud management console.
Figure 1 Relationship between an account and its IAM users Identifying IAM Users When you create an IAM user, IAM provides the following methods to identify that user: An IAM username, which is specified when you create the IAM user.
If your account does not require individual IAM users, skip over this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. Figure 1 shows the procedure for granting permissions.
Log in to Huawei Cloud as an IAM user. Tenant name: Name of the account used to create the IAM user IAM username and IAM user password: Username and password specified during IAM user creation using the Tenant name Create a microservice engine on the CSE console.
Creating a User and Granting SCM Permissions This topic describes how to use IAM to implement fine-grained permissions control for your SCM resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Create a user group on the IAM console and assign the CodeArts PerfTest Administrator permissions to the group. Create an IAM user. Create a user on the IAM console and add the user to the group created in 1. Log in and verify permissions.
Creating a User and Granting PCA Permissions to the User This topic describes how to use IAM to implement fine-grained permissions control for your PCA resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Creating a User Group and Granting Permissions This section describes how to use IAM to implement fine-grained permissions control for your EdgeSec resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Creating a User and Granting Permissions Use IAM to implement fine-grained permissions control for your Direct Connect resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Creating a User and Granting Permissions This section describes how to use IAM to implement fine-grained permissions control for your Enterprise Router resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Creating a User Group and Granting Permissions This topic describes how to use IAM to implement fine-grained permissions control for your WAF resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Disabling, Enabling, or Deleting a User You can disable the access permissions of an IAM Identity Center user that is not required temporarily. You can enable it again if needed. You can also delete IAM Identity Center users. Deleted users cannot be restored.
