检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Obtaining the Names and IDs of Accounts, IAM Users, Projects, User Groups, Regions, and Agencies Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
For details about all the permissions supported by IAM, see Permissions. Authorization Process Figure 1 Process for granting CFW permissions On the IAM console, create an IAM user or create a user group. Create a user or user group on the IAM console.
Using IAM Roles or Policies to Grant Access to CFW If you want to manage the permissions of roles and policies in CFW, you can use Identity and Access Management (IAM). IAM allows you to: Create IAM users for employees based on the organizational structure of your enterprise.
Using IAM to Grant Access to CFW Using IAM Roles or Policies to Grant Access to CFW Using IAM Identity Policies to Grant Access to CFW
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. Ensure that the token is valid when you use it. Using a token that will soon expire may cause API calling failures.
", "name": "IAMUser", "description": "IAM User Description", "areacode": "", "phone": "", "email": "***@***.com", "status": null, "enabled": true, "pwd_status": false, "access_mode": "default",
Appendix Status Code Error Codes Obtaining a Project ID Obtaining an Enterprise Project ID Obtaining a Firewall ID Obtaining the Names and IDs of Accounts, IAM Users, Projects, User Groups, Regions, and Agencies Region Information
For details about how to create and grant permissions to a user group using IAM, see Creating a User Group and Assigning Permissions. For details about how to grant permissions to a user using IAM, see Assigning Permissions to an IAM User.
Introduction You can use Identity and Access Management (IAM) for fine-grained permissions management of your CFW resources. If your Huawei ID does not need individual IAM users, you can skip this section. With IAM, you can control access to specific Huawei Cloud resources.
User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys). Region Regions are divided based on geographical location and network latency.
Prerequisites To use an IAM user, ensure the IAM user has been granted the BSS Administrator and CFW FullAccess permissions. For details, see Creating a User Group and Granting Permissions. Constraints CFW can be used only in the region selected during purchase.
For more information about IAM, see IAM Service Overview. Role/Policy-based Permissions Management CFW supports role/policy-based authorization. By default, new IAM users do not have permissions assigned.
For details about the differences between IAM and enterprise management, see Differences Between IAM and Enterprise Management.
To learn more about how IAM is different from Organizations for access control, see How IAM Is Different from Organizations for Access Control?. This section describes the elements used by IAM custom identity policies and Organizations SCPs.
With IAM, you can: Create IAM users for employees in different departments based on your organizational structure. Each IAM user has their own security credentials used to access CFW resources. Grant only the permissions required for users to perform a task.
Replace the italic fields in bold with the actual values. accountid: ID of the account to which the IAM user belongs. username: IAM username to be created. email: email address of the IAM user. **********: password of the IAM user.
Related Services IAM Identity and Access Management (IAM) provides the permission management function for CFW. Only users who have Tenant Administrator permissions can perform operations such as authorizing, managing, and detecting cloud assets using CFW.
For details about the relationship between IAM identities and operators and the operator username format, see Relationship Between IAM Identities and Operators.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication.
Identity Authentication and Access Control CFW works with Identity and Access Management (IAM). IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources.
