检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM User Isolation Account Settings Asset Ownership Allocation Parent topic: Permissions Management
"error_msg":"Incorrect IAM authentication information: decrypt token fail","error_code":"APIG.0301"indicates a failed token decryption.
For security purposes, create IAM users and grant them permissions for routine management. IAM user An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
You can obtain the token by calling the IAM API used to obtain a user token. Value of X-Subject-Token in the response header. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
If your Huawei Cloud account cannot meet your requirements, you can create IAM users by following Creating a User and Assigning MetaStudio Permissions for refined permissions management.
You can obtain the token by calling the IAM API used to obtain a user token. Value of X-Subject-Token in the response header. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
{Endpoint} indicates the endpoint of IAM, which can be obtained from Before You Start. For details about API authentication, see Authentication. The following is an example response.
You can obtain the token by calling the IAM API used to obtain a user token. Value of X-Subject-Token in the response header. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
You can obtain the token by calling the IAM API used to obtain a user token. Value of X-Subject-Token in the response header. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure within your Huawei Cloud account. Each IAM user will have their own security credentials for accessing MetaStudio resources.
You can obtain the token by calling the IAM API used to obtain a user token. Value of X-Subject-Token in the response header. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
The following shows part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
For more information about IAM, see IAM Service Overview. MetaStudio does not support enterprise projects. MetaStudio Permissions By default, new IAM users do not have permissions granted.
Permissions Management Creating a User and Assigning MetaStudio Permissions IAM User Isolation
name "password": $ADMIN_PASS, //IAM user password.
You can obtain the token by calling the IAM API used to obtain a user token. Value of X-Subject-Token in the response header. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
If IAM User Isolation is disabled and you log in using both the master account and IAM account, you can view data of all IAM users. Note: An IAM user can log in as an IAM user or a federated user.
Parent topic: IAM User Isolation
Account Settings By default, IAM users under the same Huawei Cloud account share resources. Specifically: Sharing of resources purchased by each IAM user: Each IAM user's total available resource quantity is the sum of available resources purchased by all IAM users.
