检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Prerequisites The IAM users have been synchronized in advance. You can do this by clicking Synchronize next to IAM User Sync on the Dashboard page of the cluster details. You have logged in to MRS Manager. For how to log in, see Accessing MRS Manager.
Cloud Service Permissions With IAM, you can control resource access for users and user groups based on enterprise projects. For details about cloud services supported by EPS, see Supported Cloud Services.
If the error message "Incorrect IAM authentication information: x-auth-token not found" and error code "APIG.0301" are displayed, X-Auth-Token is not included in the request header.
If your Huawei Cloud account does not need individual IAM users, then you may skip over this section. By default, new IAM users do not have any permissions assigned. You need to add a user to one or more groups, and assign permissions policies to these groups.
URI POST /v1/instances/{instance_id}/access-control-attribute-configuration Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance.
User Management Creating Users Logging In as an IAM Identity Center User and Accessing Resources Managing Users Deleting a User Configuring the Duration of the User Portal Session
To improve security, you are advised to enable MFA in IAM Identity Center.
If your account does not need individual IAM users, then you may skip over this section. By default, new IAM users do not have any permissions assigned. You need to add a user to one or more groups, and assign permissions policies to these groups.
Only the RESTful requests that have been authenticated by IAM Token are supported. Parameters Table 1, Table 2, and Table 3 describe the parameters of the Rest Client node. Table 1 Parameters of RestAPI nodes Parameter Mandatory Description Node Name Yes Name of the node.
Only the RESTful requests that have been authenticated by IAM Token are supported. Parameters Table 1, Table 2, and Table 3 describe the parameters of the Rest Client node. Table 1 Parameters of RestAPI nodes Parameter Mandatory Description Node Name Yes Name of the node.
The token obtained from Identity and Access Management (IAM) is valid for only 24 hours. If you want to use the same token for authentication, cache it to avoid frequent calling of the IAM API.
Appendixes Status Codes Error Codes Obtaining Information About Account, IAM User, Group, Project, Region, and Agency Configuring SDK Client Authentication
Tag apig Trigger Type Configuration change Filter Type apig.instances Rule Parameters None Application Scenarios When creating an API, you need to ask for identity authentication, for example, with IAM or an authentication app provided by the API Gateway, to prevent malicious API
IAM users can call the IAM API for Obtaining a Temporary Access Key and Security Token Through a Token. IAM users can also send the policy parameter to request for temporary policy's permissions.
Resource Isolation Each Huawei Cloud account or IAM account has a default workspace, which can be used to view all resources created by the current account on Huawei HiLens. The table below lists resources that are isolated between different workspaces.
Authorization Scope: A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
Authorization Scope: A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
The validity period of a token obtained from IAM is 24 hours. If you want to use a token for authentication, cache it to avoid frequently calling the IAM API. Procedure Obtain the token by referring to Authentication. Query the list of metrics that can be monitored.
Minimum length: 24 Maximum length: 24 group_id Yes String Globally unique ID of an IAM Identity Center group in the identity source.
Data Protection Technologies For data protections, you are advised to protect Huawei Cloud account credentials and use IAM to set up individual user accounts. In this way, each user is given only the permissions necessary to fulfill their job duties.
