检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Creating a User and Granting CBR Permissions This section describes how to use IAM to implement fine-grained permissions control for your CBR resources. With IAM, you can: Create IAM users based on your enterprise's organizational structure.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
Policies that contain actions only for IAM projects can be used and applied to IAM only. For details about the differences between IAM and enterprise management, see Differences Between IAM and Enterprise Management.
You can obtain the IAM username and IAM user's initial password from the administrator. In this example, the IAM username of the O&M personnel is Alice. IAM user password Password of the IAM user, rather than the account. Click Log In. The IAM user logs in to Huawei Cloud.
If your Huawei Cloud account does not require permissions management for individual IAM users, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see What Is IAM?.
Configuring Forcible Backup Policies Forcible backup policies allow IAM users to forcibly back up data to ensure user data accuracy and security and service security.
Access Control You can use IAM to control access to your CBR resources. Table 1 CBR access control Method Description Reference Permissions management IAM permissions IAM permissions define which actions are allowed or denied on your cloud resources.
When multiple users within an enterprise need to use CBR, the enterprise administrator can use IAM to create IAM users and control these users' access to CBR resources.
The following shows part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
CBR Actions Task Permission API Action IAM Project Enterprise Project Querying the task list GET /v3/{project_id}/operation-logs cbr:tasks:list √ √ Querying a single task GET /v3/{project_id}/operation-logs/{operation_log_id} cbr:tasks:get √ √ Protection Permission API Action Dependencies
name "password": "********", // IAM user password "domain": { "name": "domainname" // Name of the account to which the IAM user belongs } } } }, "scope
To ensure account security, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Agent Installation Failed with Message "Incorrect IAM authentication information" Returned Symptom: The Agent installation failed, and the message "Incorrect IAM authentication information" was returned.
Check whether the account has the deletion permission on the IAM console. Submitting a Service Ticket If the problem persists, submit a service ticket.
SFS Turbo 1 hour Permanent Supported Not supported Supported RDS 1 instance 1 hour 732 days Not supported Not supported Supported Workspace 1 workspace 1 hour Permanent Not supported Not supported Supported You can grant backup and restoration permissions to different accounts or IAM
Path Parameters Parameter Mandatory Type Description policy_id Yes String Policy ID project_id Yes String Project ID Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token The token can be obtained by calling the IAM
Mandatory Type Description organization_policy_id Yes String Organizational policy ID. project_id Yes String Project ID Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token The token can be obtained by calling the IAM
Path Parameters Parameter Mandatory Type Description project_id Yes String Project ID vault_id Yes String Vault ID Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token The token can be obtained by calling the IAM
Parameter Mandatory Type Description backup_id Yes String ID of the backup to be deleted project_id Yes String Project ID Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token The token can be obtained by calling the IAM
Path Parameters Parameter Mandatory Type Description agent_id Yes String Client ID project_id Yes String Project ID Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token The token can be obtained by calling the IAM
