检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
SSL Certificate Manager (SCM) Authorization information of APIs (v3) Permission API Action Dependent Permission IAM Project (Project) Enterprise Project (Enterprise Project) Querying the certificate list GET /v3/scm/certificates scm:cert:list - √ x Obtaining details of a certificate
IAM projects or enterprise projects: Scope of users a permission is granted to. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
Identity and Access Management (IAM) IAM provides the permission management function for CCM. Only users who have PCA FullAccess and SCM FullAccess permissions can use CCM. To obtain the permissions, contact the users who have the Security Administrator permissions.
User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys). The account name, username, and password will be required for API authentication.
If your Huawei Cloud account does not need individual IAM users for permissions management, you may skip over this topic. IAM is free. You pay only for the resources in your account. For more information about IAM, see What Is IAM.
Creating a User and Granting PCA Permissions to the User This topic describes how to use IAM to implement fine-grained permissions control for your PCA resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Test Certificate Paid Certificate Security Level General High Compatibility with the certificate running environment General High SSL certificate warranties from CAs Not supported Supported Restrictions on certificate quantity 20 free certificates for each account, including its IAM
Identity Authentication and Access Control CCM works with Identity and Access Management (IAM). IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources.
Prerequisites The IAM user who purchases the certificate has been granted the SCM Administrator/SCM FullAccess and BSS Administrator permissions. Step 1: Buy a Certificate Log in to the CCM console. In the navigation pane on the left, choose SSL Certificate Manager.
If you want to cancel the authorization, go to the IAM console to delete the agency from the agency list. Once you complete the authorization, it will not be required again in the subsequent operations. Enable CRL publishing Whether to enable CRL publishing.
Prerequisites The IAM user who creates the private CA has the PCA FullAccess permission. For details, see Permissions Management. Procedure Log in to the CCM console. In the navigation pane on the left, choose Private Certificate Management > Private CAs.
Your account and the IAM users created under your account share the quota of the 20 test certificates. For example, if an account has applied for 20 test certificates, no test certificate quota is available for this account or the IAM users it creates.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Your account and the IAM users created under your account share the quota of the 20 test certificates. For example, if an account has applied for 20 test certificates, no test certificate quota is available for this account or the IAM users it creates.
If you want to cancel the authorization, go to the IAM console to delete the agency from the agency list. Once you complete the authorization, it will not be required again in the subsequent operations. Enable CRL publishing Whether to enable CRL publishing.
Prerequisites The IAM user who purchased the certificate has been granted the SCM Administrator/SCM FullAccess, BSS Administrator, and DNS Administrator permissions. BSS Administrator: has all permissions on account center, billing center, and resource center.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication.
Creating a User and Granting SCM Permissions This topic describes how to use IAM to implement fine-grained permissions control for your SCM resources. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Your account and the IAM users created under your account share the quota of the 20 test certificates. For example, if an account has applied for 20 test certificates, no test certificate quota is available for this account or the IAM users it creates.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token. Minimum: 32 Maximum: 2097152 Response Parameters Status code: 204 Normal response.
