检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For more information, see Creating an IAM User. Parent topic: Preparations
IAM user IAM user DataArts Fabric SQL currently only supports access from IAM users. Database objects in DataArts Fabric SQL cannot be created, modified, or deleted.
Authorization is managed at the regional level through these default projects, allowing IAM users to access all resources within that particular region under your account.
For details, see Creating an IAM User and Assigning Permissions to Use DataArtsFabric and Configuring DataArtsFabric Service Agency Permissions. You have at least one workspace available. For details, see Creating a Workspace. You have at least one Ray service.
In the dialog box that appears, grant READ/WRITE permissions for the file path to the current IAM user.
Table 1 Agency policy Agency Policy Name Permission Item Mandatory (Yes/No) Function FABRIC_COMMON_POLICY iam:agencies:listAgencies iam:roles:getRole iam:permissions:listRolesForAgency obs:bucket:ListAllMyBuckets obs:bucket:ListBucket obs:object:GetObjectVersion obs:object:GetObject
IAM permissions for different roles.
{Endpoint} indicates the IAM endpoint, which can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
For details, see Granting LTS Permissions to IAM Users. Creating a Ray Service Log in to Workspace Management Console. Select the created workspace and click Access Workspace.
For details, see Creating an IAM User and Assigning Permissions to Use DataArtsFabric and Configuring DataArtsFabric Service Agency Permissions. You have at least one workspace available. For details, see Creating a Workspace. You have purchased the required Ray resources.
Table 3 Field description Field Description accountid Account ID of the IAM user. username IAM username to be created email Email address of the IAM user ********** Login password of the IAM user POST https://iam.ap-southeast-1.myhuaweicloud.com/v3.0/OS-USER/users Content-Type: application
endpoint_id=FABRIC_ENDPOINT_ID, # Querying an Endpoint ID domain=FABRIC_DOMAIN, # Tenant name user=FABRIC_USER, # IAM username password=FABRIC_PASS, # IAM password access_key=ACCESS_KEY, # Obtaining an AK/SK secret_key=SECRET_KEY, security_token=SECURITY_TOKEN
Administrators can manage IAM users' access keys on the Security Settings page of the IAM console. Users can also manage access keys on the My Credentials page post-login to the console, allowing self-management of these credentials.
Preparations Creating an IAM User and Assigning Permissions to Use DataArtsFabric Configuring DataArtsFabric Service Agency Permissions Creating an Access Client Creating a Workspace
Instead, create Identity and Access Management (IAM) users for routine management. User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Policies that contain actions only for IAM projects can be used and applied to IAM only. Administrators can check whether an action supports IAM projects or enterprise projects in the action list.
Figure 1 shows the response header for the API used to create an IAM user. Figure 1 Response header for the API used to create an IAM user Response Body The body of a response is often returned in a structured format as specified in Content-Type in the response header.
IAM or enterprise projects: Type of projects for which an action will take effect. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
You can only use buckets of the OBS parallel file system to store UDF code compressed packages, and you must grant read permissions to IAM users on LakeFormation. Parent topic: UDF Development (Python)
Creating a notification policy IAM SMN Creating a notification policy requires an IAM user to have the DataArtsFabricFullPolicy, IAM Agency Management ReadOnly, and SMN ReadOnlyAccess policies.
