检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Table 5 attached_managed_roles Parameter Type Description role_id String Unique ID of the IAM system-defined policy. Minimum length: 20 Maximum length: 2048 role_name String Name of the IAM system-defined policy.
Table 5 attached_managed_policies Parameter Type Description policy_id String Unique ID of the IAM system-defined identity policy. Minimum length: 20 Maximum length: 2048 policy_name String Name of the IAM system-defined identity policy.
If you disable this function, you and the IAM users only need to enter the account name/username and password during login. Procedure On the IAM console, enable login verification for IAM users as an administrator. In the navigation pane, choose Users.
Making an API Request This section describes the structure of a REST API, and uses the IAM API for obtaining a user token as an example to demonstrate how to call an API. The obtained token can then be used to authenticate the calling of other APIs.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
You can use IAM to control cloud resource access and prevents misoperations on cloud resources. This section describes how to configure the read-only permission for an IAM user.
To perform this operation, the user must be the bucket owner or the bucket owner's IAM user that has permissions required for deleting custom domain names. Request Syntax 1 2 3 4 5 6 DELETE /?
IAM user login: IAM users are created by an administrator to use specific cloud services. Federated user login: Federated users are registered with an enterprise IdP that is created by the administrator in IAM.
IAM users can use DDS resources only after their accounts and passwords are verified. For details, see Creating an IAM User and Logging In.
Creating an IAM User If you want to allow multiple users to manage your resources without sharing your password or private key, you can create users using IAM and grant permissions to the users.
For details about the differences between IAM and enterprise management, see What Are the Differences Between IAM and Enterprise Management?
Check whether you are using a Huawei Cloud account or an IAM user account and not a HUAWEI ID. If yes, click Reset Huawei Cloud account password and reset the password. Parent topic: Login
Please check the current user's IAM permissions." is displayed when a user attempted to access the Dedicate Engine page under Instance Management. Possible Cause The IAM ReadOnly permission is not granted to the login account.
IAM projects or enterprise project: Scope of users a permission is granted to. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
API for obtaining tokens from IAM API for creating CSS clusters Procedure Obtain the token. Send POST https://IAM endpoint/v3/auth/tokens. Obtain the token by following instructions in Authentication. The value of X-Subject-Token in the response header is the user token.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI GET /v3 Request Parameters None Response Parameters Table 1 Parameters in the response body Parameter Type Description version Object Information about Keystone API 3.0.
You can use bucket policies to control the access of IAM users or other account to your OBS buckets. You are advised to apply the principle of least privilege to ensure that a bucket policy only grants necessary permissions for certain tasks.
If you have enabled enterprise management, you cannot create an IAM project and can only manage existing projects. In the future, IAM projects will be replaced by enterprise projects, which are more flexible.
IAM is a basic service for permissions management in Huawei Cloud. It can be used free of charge. You pay only for the resources in your account. For details about IAM, see What Is IAM? For details about cloud service permissions, see Cloud-Service-Level Permissions.
If you have enabled enterprise management, you cannot create an IAM project and can only manage existing projects. In the future, IAM projects will be replaced by enterprise projects, which are more flexible.
