检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
IAM is a free service. You only pay for the resources in your account. For more information about IAM, see IAM Service Overview. DLI Permissions New IAM users do not have any permissions assigned by default.
For example, to obtain an IAM token in the AP-Singapore region, obtain the Endpoint of IAM (iam.ap-southeast-3.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For example, the endpoint of IAM in the AP-Singapore region is iam.ap-southeast-3.myhwcloud.com. resource-path: access path of an API for performing a specified operation. Obtain the value from the URI of an API.
Making an API Request This section describes the structure of a REST API request, and calls the IAM API for obtaining a user token as an example. The obtained token can then be used to authenticate the calling of other APIs.
With IAM, you can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources.
You can set the duration as follows: If you use an external identity provider (IdP) as the identity source of IAM Identity Center, the duration of the user portal session is the shorter one that you set in the IdP or IAM Identity Center.
service, the temporary IAM access key in a cluster expires.
Constraints An IAM user can pass the authentication and access DataArts Studio through an API or SDK only if Programmatic access is selected for Access Type during the creation of the IAM user.
For Project, the default IAM project in the selected region is used. Locate a source server and click Associate Target in the Operation column. Select the desired target server and click Confirm.
Modifying User Group Permissions You can view or modify user group permissions on the Permissions page of the IAM console. Modifying the permissions of a user group affects the permissions of all users in the user group.
For example, to obtain an IAM token in the CN North-Beijing1 region, obtain the endpoint of IAM (iam.cn-north-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token through password authentication.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Before applying for an OBT, an IAM user needs to contact the IAM administrator to grant the BSS Administrator permissions for a regional project in the IAM. Log in to Huawei Cloud. Click Console in the upper right corner of the displayed page.
IAM provides identity authentication, permissions management, and access control, helping you secure access to your resources. With IAM, you can use your account to create IAM users, and assign permissions to the users to control their access to specific resources.
IAM authentication Agencies can be created in Identity and Access Management (IAM) to allow edge nodes to access resources such as Application Operations Management (AOM), Data Ingestion Service (DIS), and SoftWare Repository for Container (SWR).
For example, the endpoint of IAM in the CN-Hong Kong region is iam.ap-southeast-1.myhuaweicloud.com. resource-path Access path of an API for performing a specified operation. Obtain the value from the URI of an API.
IAM is free of charge. You pay only for the resources you use. For more information about IAM, see IAM Service Overview. MRS Permission Description By default, new IAM users do not have any permissions.
"iam:permissions:grantRoleToAgencyOnProject", "iam:policies:*", "iam:agencies:*", "iam:roles:*", "iam:users:listUsers", "iam:tokens:assume" ], "Effect": "Allow" },
the IAM user was created, this user is noncompliant.
