检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Solutions Log in to the IAM console. Select the user group to which the current user belongs and click Authorize in the Operation column. Figure 1 Authorize User Group Search for Relational Database Service, select RDS FullAccess, and click Next.
To better isolate and manage permissions, you are advised to configure independent IAM administrators and grant them privileges to manage IAM policies. The IAM administrator can create different user groups based on your service requirements.
DAS allows you to control whether IAM users can add, delete, and modify data connections and log in to an instance. For details, see Custom Permissions Policies. After a user logs in to the database, IAM cannot interfere with the user to run SQL commands.
Click DB Instance Connections that IAM Users Share with Others and view information about the shared DB instance.
User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys). Region A region is a geographic area in which cloud resources are deployed.
Logging In to a DB Instance Shared by Others Sharing a DB Instance with Others Logging In to a DB Instance Shared by Others Managing DB Instance Connections Shared by IAM Users Parent topic: Logging In to a DB Instance
Log in to the console as an IAM user. Click in the upper left corner and select a region and project. Click in the upper left corner, and under Databases, click Data Admin Service. In the navigation pane on the left, choose Development Tool.
Figure 1 Database login information Reference Differences Between IAM Permissions and Database Permissions How Do I Use DAS to Log In to a Database Using a Read-Only Account? Parent topic: Logging In to a Database Built On Huawei Cloud ECSs
Figure 5 Manually entering a user Synchronize IAM account: Select another IAM user of the current account. You can also use the UID to quickly search for shared user information.
For example, to obtain an IAM token in the CN North-Beijing1 region, obtain the endpoint of IAM (iam.cn-north-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Creating a User and Granting Permissions You can use IAM to implement refined permission control for DAS resources. To be specific, you can: Create IAM users for employees from different departments of your enterprise.
On the displayed page, specify the expiration time, select Synchronize IAM account for Adding Method, then select the IAM account created in 4 for Users to Select, and click OK.
IAM projects or enterprise project: Scope of users a permission is granted to. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
Only OBS buckets of the current IAM account can be imported. Procedure Log in to the Huawei Cloud console. Click in the upper left corner and select a region and project. Click in the upper left corner, and under Databases, click Data Admin Service.
Only OBS buckets of the current IAM account can be imported. Procedure Log in to the Huawei Cloud console. Click in the upper left corner and select a region and project. Click in the upper left corner, and under Databases, click Data Admin Service.
Only OBS buckets of the current IAM account can be imported. Procedure Log in to the Huawei Cloud console. Click in the upper left corner and select a region and project. Click in the upper left corner, and under Databases, click Data Admin Service.
Only OBS buckets of the current IAM account can be imported. Procedure Log in to the Huawei Cloud console. Click in the upper left corner and select a region and project. Click in the upper left corner, and under Databases, click Data Admin Service.
Only OBS buckets of the current IAM account can be imported. Procedure Log in to the Huawei Cloud console. Click in the upper left corner and select a region and project. Click in the upper left corner, and under Databases, click Data Admin Service.
Only OBS buckets of the current IAM account can be imported. Procedure Log in to the Huawei Cloud console. Click in the upper left corner and select a region and project. Click in the upper left corner, and under Databases, click Data Admin Service.
If your account does not require individual IAM users for permissions management, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see IAM Service Overview.
