检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Authentication and Access Control Authentication Regardless of whether you access CodeArts Repo through the management console or APIs, CodeArts Repo uses Identity and Access Management (IAM) for authentication.
For details about IAM authentication, see Using IAM Authentication to Call APIs. Scenario SDKs are used when you call APIs through app authentication. Download SDKs and related documentation and then call APIs by following the instructions in the documentation.
IAM projects or enterprise projects: A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
Figure 1 Node labeling error Possible Causes You are using the IAM 5.0 permission model, which offers enhanced permission control. You need to manually authorize the IAM 5.0 agency on Cloud Container Engine (CCE).
This template is available for use by: Other IAM users of the current account. Other projects of the current account. Downloading a Page Log in to Huawei Cloud Astro Canvas by referring to Logging In to Huawei Cloud Astro Canvas.
Procedure Ensure that you have created an IAM user and granted read-only permissions for ECS, VPC, and IMS to the IAM user. If no IAM user is available, create one. For details, see Creating an IAM User. Create two AS groups. For details, see Creating an AS Group.
In this way, IAM implements fine-grained permission management.
If your Huawei Cloud account does not require individual IAM users for permissions management, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see What Is IAM?
For more information about IAM, see IAM Service Overview. System-Defined Roles New IAM users do not have any permissions assigned by default. You need to first add them to one or more groups and attach policies or roles to these groups.
Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management. Policies that only contain actions supporting IAM projects can be assigned to user groups and only take effect for IAM.
IAM or enterprise projects: type of projects for which an action will take effect. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
For details, see Granting LTS Permissions to IAM Users. Creating a Ray Service Log in to Workspace Management Console. Select the created workspace and click Access Workspace.
This section describes the elements used by IAM custom policies and Organizations SCPs. The elements include actions, resources, and conditions. For details about how to use these elements to edit an IAM custom policy, see Creating a Custom Policy.
Prerequisites The IAM users have been synchronized in advance. You can do this by clicking Synchronize next to IAM User Sync on the Dashboard page of the cluster details. You have logged in to MRS Manager. For how to log in, see Accessing MRS Manager.
Constraints Security keys added to IAM users can only be used for login protection. An IAM user can have a maximum of eight security keys added. Adding a Security Key Log in to the IAM console as the administrator.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
With IAM, you can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources. For details about permission configurations, see Permissions Management.
IAM provides identity authentication, permissions management, and access control, helping you securely access cloud resources. If your account does not require IAM for permissions management, you can skip this section. IAM is a free service.
With IAM, you can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources.
Authentication and Access UCS provides refined permission management based on the role access control (RBAC) capability of IAM and Kubernetes. Permission control can be implemented by UCS service resource and Kubernetes resource in a cluster.
