检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
If your Huawei Cloud account does not require IAM for permissions management, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see IAM Service Overview.
Possible Causes The possible cause is that the current user is an IAM user who does not have the permission to subscribe to the service. An account and its IAM users share a parent-child relationship.
Identity and Access Management (IAM) is a basic service of Huawei Cloud that provides permissions management to help you securely control access to SecMaster. With IAM, you can add users to a user group and configure policies to control their access to SecMaster resources.
Skip this section if your Huawei Cloud account does not require individual IAM users for permissions management. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see the IAM Service Overview.
The change will be applied to all IAM users and federated users (SP initiated) of the account. The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
For more information about IAM, see What Is IAM?. CDM Permissions By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and attach permissions policies or roles to these groups.
With IAM, you can use your Huawei Cloud account to create IAM users for your employees, and assign permissions to the users to control their access to specific resource types.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN North-Beijing1 region, obtain the endpoint of IAM (iam.cn-north-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN North-Beijing1 region, obtain the endpoint of IAM (iam.cn-north-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Making an API Request This section describes the structure of a REST API request, and uses the IAM API for obtaining a user token through password authentication as an example to demonstrate how to call an API.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, the endpoint of IAM in the AP-Singapore region is iam.ap-southeast-3.myhuaweicloud.com. resource-path Resource path, that is, the API access path, which is obtained from the URI of a specific API.
Skip this part if you do not require individual IAM users for refined permissions management. IAM is a free service. For more information about IAM, see the IAM Service Overview. Cloud Connect Permissions By default, new IAM users do not have permissions assigned.
General Procedure Configuring the API Frontend Set the security authentication mode of the API frontend to Custom or enable Two-Factor Authentication (app or IAM authentication), and select a custom authorizer.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see the IAM Service Overview. DLV Permissions By default, new IAM users do not have permissions assigned.
