检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
"iam:permissions:grantRoleToAgencyOnProject", "iam:policies:*", "iam:agencies:*", "iam:roles:*", "iam:users:listUsers", "iam:tokens:assume" ], "Effect": "Allow" },
Resource Planning Account A non-administrator IAM account that has the SecMaster data collection management permission. ECS Specifications The following table lists the specifications of the tenant cloud server (ECS) where the collector (isap-agent + Logstash) is installed.
the IAM user was created, this user is noncompliant.
Figure 2 Account and IAM users Administrator IAM is intended for administrators, including: Account administrator (with full permissions for all services, including IAM) IAM users added to the admin group (with full permissions for all services, including IAM) IAM users assigned the
Creating an IAM User and Granting OBS Permissions You can use IAM for fine-grained access control over your OBS resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
For details about how to obtain the project ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
X-Auth-Token Yes String IAM user token (no special permission requirements). Response Parameters Table 3 Parameters in the response body Parameter Type Description identity_provider Object Identity provider information.
IAM iam:agencies:listAgencies Obtain job agencies.
Policies that contain actions only for IAM projects can be used and applied to IAM only. For differences between IAM projects and enterprise projects, see What Are the Differences Between IAM and Enterprise Management? The check mark (√) indicates that an action takes effect.
IAM projects or enterprise projects: Type of projects in which policies can be used to grant permissions. A policy can be applied to IAM projects, enterprise projects, or both.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI PUT /v3/OS-FEDERATION/mappings/{id} Table 1 URI parameters Parameter Mandatory Type Description id Yes String Mapping ID.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI PATCH /v3/OS-FEDERATION/mappings/{id} Table 1 URI parameters Parameter Mandatory Type Description id Yes String ID of the mapping to be updated.
Configuring Two-factor Authentication (App + Custom) Scenario Two-factor authentication allows you to customize an API authentication policy together with the app or IAM authentication.
IAM projects or enterprise projects: Type of projects in which policies can be used to grant permissions. A policy can be applied to IAM projects, enterprise projects, or both.
A policy can be applied to IAM projects, enterprise projects, or both. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
A policy can be applied to IAM projects, enterprise projects, or both. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
A policy can be applied to IAM projects, enterprise projects, or both. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
IAM projects or enterprise project: Scope of users a permission is granted to. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
Authorization Scope: A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
Custom User Information Obtaining Class The AuthenticationManager class is used to obtain the information of the user who accesses LakeFormation, which may be an IAM user or a local LDAP user.
