检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Using IAM Roles or Policies to Grant Access to COC To manage the permissions for your COC, you can use the IAM and refer to Permissions Management. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Using IAM to Grant Access to COC Using IAM Roles or Policies to Grant Access to COC Resource Types Supported by COC Service-specific Condition Keys Supported by COC
Parent Topic: Using IAM to Grant Access to COC
IAM or enterprise projects: the authorization scope of a custom policy. A custom policy can be applied to IAM projects or enterprise projects or both.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
How Do I Log In to COC as a Non-Common IAM User? You can log in to COC as a common IAM user, IAM federated user (including IAM user in SSO mode and virtual user in SSO mode), and IAM Identity Center user.
Solution Log in to IAM as an administrator. In the user list, click Authorize in the row that contains the target user. Figure 1 Authorizing an IAM user Set Authorization Model to RBAC.
Parent Topic: Using IAM to Grant Access to COC
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
With IAM, you can control access to specific resources by granting permissions to principals (IAM users, user groups, agencies or trust agencies). IAM supports role/policy-based authorization and identity policy-based authorization.
The granted IAM permissions can be applied only if they are allowed by the SCPs. To learn more about how IAM is different from Organizations for access control, see What Are the Differences in Access Control Between IAM and Organizations?
Replace the italic fields in bold with the actual values. accountid: ID of the account to which the IAM user belongs. username: name of an IAM user email: email of an IAM user **********: login password of an IAM user POST https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned.
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
For details about IAM, see What Is IAM? Policies/Roles Permission Management COC supports authorization with roles and policies. By default, new IAM users do not have any permissions assigned.
Solution Log in to IAM as an administrator. Choose Permissions > Policies/Roles and click Create Custom Policy. Figure 1 Creating a custom policy Set the policy content, select CloudOpsCenter, and select the operations you want to authorize by enterprise project. Click OK.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
