检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
If your Huawei Cloud account does not require IAM for permissions management, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see IAM Service Overview.
Skip this section if your Huawei Cloud account does not require individual IAM users for permissions management. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see the IAM Service Overview.
Possible Causes The possible cause is that the current user is an IAM user who does not have the permission to subscribe to the service. An account and its IAM users share a parent-child relationship.
Identity and Access Management (IAM) is a basic service of Huawei Cloud that provides permissions management to help you securely control access to SecMaster. With IAM, you can add users to a user group and configure policies to control their access to SecMaster resources.
For more information about IAM, see What Is IAM?. CDM Permissions By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and attach permissions policies or roles to these groups.
IAM provides functions such as identity authentication, permissions management, and access control. If your Huawei Cloud account does not require IAM for permissions management, you can skip this section. IAM can be used free of charge.
General Procedure Configuring the API Frontend Set the security authentication mode of the API frontend to Custom or enable Two-Factor Authentication (app or IAM authentication), and select a custom authorizer.
With IAM, you can use your Huawei Cloud account to create IAM users for your employees, and assign permissions to the users to control their access to specific resource types.
Skip this part if you do not require individual IAM users for refined permissions management. IAM is a free service. For more information about IAM, see the IAM Service Overview. Cloud Connect Permissions By default, new IAM users do not have permissions assigned.
For example, to obtain the IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see the IAM Service Overview. DLV Permissions By default, new IAM users do not have permissions assigned.
In this scenario, you can create IAM users for the software developers and grant them only the permissions required for using OCR resources. IAM is free of charge. You pay only for the resources you use. For more information about IAM, see IAM Service Overview.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
For details about how to create an IAM user, see Creating an IAM User and Granting the LakeFormation Permissions to Users. Parent topic: LakeFormation Data Permission Management
The value can be true or false. manage_email boolean Specifies whether IAM users are allowed to change their email addresses. The value can be true or false. manage_mobile boolean Specifies whether IAM users are allowed to change their mobile numbers.
For example, to obtain an IAM token in the CN Hong Kong region, obtain the endpoint of IAM (iam.southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN North-Beijing1 region, obtain the endpoint of IAM (iam.cn-north-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
