检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Figure 4 Selecting Identity and Access Management Grant the admin or Full Access permission to the IAM user. Once done, the IAM user can view service monitoring data.
Characteristics of User Groups A user group can contain multiple IAM users, and an IAM user can be added to multiple user groups. User groups cannot be nested. They can only contain IAM users, not other user groups. By default, each account has only one preset admin user group.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. VBS Permissions By default, new IAM users do not have permissions assigned.
Grants the permission to associate the IAM agency with a role. iam:roles:createRole Grants the permission to create an IAM agency role. iam:agencies:deleteAgency Grants the permission to delete an IAM agency.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. CSBS Permissions By default, new IAM users do not have permissions assigned.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. CSBS Permissions By default, new IAM users do not have permissions assigned.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
You can use IAM to securely control access to your SFS Turbo resources. Table 1 SFS Turbo access control Method Description Reference Permissions control IAM permissions IAM permissions define which actions on your cloud resources are allowed or denied.
With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials, providing access to DRS resources. Grant only the permissions required for users to perform a specific task.
Table 3 Dependency policies and roles Console Function Dependent Services Roles or Policies Required OBS authorization Identity and Access Management (IAM) Creating an agency: iam:agencies:createAgency Listing agencies: iam:agencies:listAgencies Querying agency details: iam:agencies
IAM User IAM users can bind a virtual MFA device on the IAM console. The procedure is the same as that for binding a virtual MFA device for a Huawei Cloud account.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see the IAM Service Overview. DCS Permissions By default, new IAM users do not have permissions assigned.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
If your account does not need individual IAM users for permissions management, you can skip this section. IAM is a free service. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.
Policies that contain actions supporting both IAM projects and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
IAM account authorization: FunctionGraph can use IAM to grant different function operation permissions to IAM users. Parent Topic: Security
For details about how to obtain the group name, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
For example, to obtain the IAM token in the CN North-Beijing1 region, obtain the endpoint of IAM (iam.cn-north-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
IAM can be used free of charge. You pay only for the resources in your account. For more information, see IAM Service Overview. EIP Permissions New IAM users do not have any permissions assigned by default.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. DeH Permissions New IAM users do not have any permissions assigned by default.
