检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For more information, see Creating an IAM User. Parent topic: Preparations
IAM user IAM user DataArts Fabric SQL currently only supports access from IAM users. Database objects in DataArts Fabric SQL cannot be created, modified, or deleted.
Authorization is managed at the regional level through these default projects, allowing IAM users to access all resources within that particular region under your account.
For details, see Creating an IAM User and Assigning Permissions to Use DataArtsFabric and Configuring DataArtsFabric Service Agency Permissions. You have at least one workspace available. For details, see Creating a Workspace. You have at least one Ray service.
In the dialog box that appears, grant READ/WRITE permissions for the file path to the current IAM user.
Table 1 Agency policy Agency Policy Name Permission Item Mandatory (Yes/No) Function FABRIC_COMMON_POLICY iam:agencies:listAgencies iam:roles:getRole iam:permissions:listRolesForAgency obs:bucket:ListAllMyBuckets obs:bucket:ListBucket obs:object:GetObjectVersion obs:object:GetObject
IAM permissions for different roles.
Fine-grained access control Table metadata is managed by LakeFormation, utilizing IAM permissions. LakeFormation currently oversees overall permission control. Parent topic: Features
For details, see Granting LTS Permissions to IAM Users. Creating a Ray Service Log in to Workspace Management Console. Select the created workspace and click Access Workspace.
For details, see Creating an IAM User and Assigning Permissions to Use DataArtsFabric and Configuring DataArtsFabric Service Agency Permissions. You have at least one workspace available. For details, see Creating a Workspace. You have purchased the required Ray resources.
See "Appendix" in the API Reference. domain=FABRIC_DOMAIN, # Tenant name user=FABRIC_USER, # IAM username password=FABRIC_PASS, # IAM password project_id=FABRIC_PROJECT_ID, # How Do I Obtain a Project ID?
Administrators can manage IAM users' access keys on the Security Settings page of the IAM console. Users can also manage access keys on the My Credentials page post-login to the console, allowing self-management of these credentials.
Preparations Creating an IAM User and Assigning Permissions to Use DataArtsFabric Configuring DataArtsFabric Service Agency Permissions Creating an Access Client Creating a Workspace
Table 1 DataArtsFabric SQL connection parameters Property Name Description Mandatory or Optional How to Obtain AccessKeyID Authentication ID Mandatory Creating a Permanent Access Key or Obtaining Temporary Access Keys and Security Tokens of an IAM User SecretAccessKey Authentication
You can only use buckets of the OBS parallel file system to store UDF code compressed packages, and you must grant read permissions to IAM users on LakeFormation. Parent topic: UDF Development (Python)
See "Appendix" in the API Reference. domain=FABRIC_DOMAIN, # Tenant name user=FABRIC_USER, # IAM username password=FABRIC_PASS, # IAM password project_id=FABRIC_PROJECT_ID, # How Do I Obtain a Project ID?
Property Name Description Mandatory or Optional How to Obtain AccessKeyID Authentication ID Mandatory Creating a Permanent Access Key or Obtaining Temporary Access Keys and Security Tokens of an IAM User SecretAccessKey Authentication key Mandatory securityToken STSToken Optional
For details, see IAM Region Description.
Creating a notification policy IAM SMN Creating a notification policy requires an IAM user to have the DataArtsFabricFullPolicy, IAM Agency Management ReadOnly, and SMN ReadOnlyAccess policies.
