检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Using IAM Roles or Policies to Grant Access to COC To manage the permissions for your COC, you can use the IAM and refer to Permissions Management. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Using IAM to Grant Access to COC Using IAM Roles or Policies to Grant Access to COC Resource Types Supported by COC Service-specific Condition Keys Supported by COC
Parent Topic: Using IAM to Grant Access to COC
IAM or enterprise projects: the authorization scope of a custom policy. A custom policy can be applied to IAM projects or enterprise projects or both.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
How Do I Log In to COC as a Non-Common IAM User? You can log in to COC as a common IAM user, IAM federated user (including IAM user in SSO mode and virtual user in SSO mode), and IAM Identity Center user.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Solution Log in to IAM as an administrator. In the user list, click Authorize in the row that contains the target user. Figure 1 Authorizing an IAM user Set Authorization Model to RBAC.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Parent Topic: Using IAM to Grant Access to COC
With IAM, you can control access to specific resources by granting permissions to principals (IAM users, user groups, agencies or trust agencies). IAM supports role/policy-based authorization and identity policy-based authorization.
Replace the italic fields in bold with the actual values. accountid: ID of the account to which the IAM user belongs. username: name of an IAM user email: email of an IAM user **********: login password of an IAM user POST https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER
Table 7 ReviewerInfo Parameter Type Description reviewer_name String Definition: Reviewer name (IAM username). Constraints: IAM username. Value range: N/A. Default value: N/A. reviewer_id String Definition: Reviewer ID (IAM user ID). Constraints: IAM user ID. Value range: N/A.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
IAM provides identity authentication, permissions management, and access control, helping you to securely access your Huawei Cloud resources. If your HUAWEI ID does not require IAM for permissions management, you can skip this section. IAM can be used on Huawei Cloud for free.
Solution Log in to IAM as an administrator. Choose Permissions > Policies/Roles and click Create Custom Policy. Figure 1 Creating a custom policy Set the policy content, select CloudOpsCenter, and select the operations you want to authorize by enterprise project. Click OK.
