检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Cloud Resources to an Edge Site Managing Cloud Resources Provisioned to an Edge Site In addition to the preceding cloud services, CloudPond uses the same monitoring and management system as the cloud and supports cloud services such as Cloud Eye, Identity and Access Management (IAM
Access Control for CloudPond Access Control You can create IAM users to grant minimum permissions required for completing specific tasks, and periodically review the granted permissions. For details, see IAM Best Practices.
You can use IAM to manage resource permissions, Cloud Eye or other methods to monitor resources, and security services to protect resources on your premises. Parent topic: CloudPond Overview
On the Permissions tab page, click Authorize User Group to go to the User Groups page on the IAM console. Associate the enterprise project with a user group and assign permissions to the group. For details, see Creating a User Group and Assigning Permissions.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
You can also use Identity and Access Management (IAM) to authenticate accounts and Cloud Eye to monitor cloud resources used by edge site. An edge site can connect to both your on-premises network and the cloud. You can connect the edge site to your on-premises system.
For security purposes, create IAM users and grant them permissions for routine management. IAM user An IAM user is created by an account to use cloud services. Each IAM user has its own identity credentials (password or access keys).
Access Control You can create IAM users to grant minimum permissions required for completing specific tasks, and periodically review the granted permissions. For details, see IAM Best Practices.
If you have created an agency in IAM, select the agency from the drop-down list. For more information about agencies, see Account Delegation. Click Next: Confirm.
Create IAM users for fine-grained permission control and periodically review the permissions. Parent topic: Security
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies temporary permissions in a computer system.
For details about the relationship between IAM identities and operators and the operator username format, see Relationship Between IAM Identities and Operators.
