检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For engines with security authentication enabled, if the login IAM user is the user imported in Importing an IAM Account, go to 4. For other users, go to 3. In the displayed Security Authentication dialog box, enter the account name and password, and click OK.
For engines with security authentication enabled, if the login VDC user is the user imported in Importing an IAM Account, go to 4. For other users, go to 3. In the displayed Security Authentication dialog box, enter the account name and password, and click OK.
For engines with security authentication enabled, if the login IAM user is the user imported in Importing an IAM Account, go to 4. For other users, go to 3. In the displayed Security Authentication dialog box, enter the account name and password, and click OK.
Log in to the IAM console and choose Agencies to check the agency quota and either adjust it or delete agencies that are no longer in use. Parent topic: Precautions When Using Huawei Cloud CSE
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An Identity and Access Management (IAM) user is created using an account to use cloud services.
Request Table 3 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String IAM token. x-engine-id Yes String Instance ID of an exclusive microservice engine. X-Enterprise-Project-ID Yes String Enterprise project ID.
Log in to Huawei Cloud as an IAM user. Tenant name: Name of the account used to create the IAM user IAM username and IAM user password: Username and password specified during IAM user creation using the Tenant name Create a microservice engine on the CSE console.
Querying an RBAC Token Function This API is used to obtain an RBAC token based on the IAM token. URI POST /v2/{project_id}/enginemgr/engines/{engine_id}/tokens Table 1 Path parameters Parameter Mandatory Type Description project_id Yes String Project ID, which must be unique.
You can create up to 1000 accounts, including new accounts and the imported IAM account. Importing an IAM Account Imports an IAM account and associates roles with it. Users who use this IAM account have the access and operation permissions on the microservice engine.
For engines with security authentication enabled, if the login VDC user is the user imported in Importing an IAM Account, go to 4. For other users, go to 3. In the displayed Security Authentication dialog box, enter the account name and password, and click OK.
IAM provides a limited number of roles for permissions management. Different services often depend on other services, so these dependencies must be considered when assigning roles. However, roles are not ideal for fine-grained authorization and least privilege access.
For the API for creating an IAM user as an administrator, the following message body is returned. The following is part of the response body: { "user": { "id": "c131886aec...
For details about the relationship between IAM identities and operators and the operator username format, see Relationship Between IAM Identities and Operators.
IAM user import Identity and Access Management (IAM) To import IAM users, the IAM ReadOnlyAccess permission is required. Table 3 lists the common operations for each system-defined policy or role of CSE. Select policies or roles as needed.
Replace the italic fields in bold with the actual values. accountid: ID of the account to which the IAM user belongs. username: IAM username to be created. email: email address of the IAM user. **********: password of the IAM user.
To operate a ServiceComb engine on CSE, you must have both the IAM and RBAC permissions, and the IAM permission takes precedence over the RBAC permission.
The API for obtaining a project ID is GET https://{Endpoint}/v3/projects, where {Endpoint} indicates the IAM endpoint. You can obtain the IAM endpoint from Regions and Endpoints. For details about API authentication, see Authentication.
For engines with security authentication enabled, if the login VDC user is the user imported in Importing an IAM Account, go to 4. For other users, go to 3. In the displayed Security Authentication dialog box, enter the account name and password, and click OK.
For engines with security authentication enabled, if the login VDC user is the user imported in Importing an IAM Account, go to 4. For other users, go to 3. In the displayed Security Authentication dialog box, enter the account name and password, and click OK.
Access Policy Description Documentation IAM permissions IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources.
