检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing GaussDB resources. Grant only the permissions required for users to perform a specific task.
Parent Topic: Using IAM to Grant Access to GaussDB
Using IAM to Grant Access to GaussDB Using IAM Roles or Policies to Grant Access to GaussDB Using IAM Identity Policies to Grant Access to GaussDB
username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project} Parameters: For details about how to obtain related parameters, including the IAM server address, IAM username, IAM user password, account name, and project, see the master key generation phase
server address, IAM username, IAM user password, account name, and project, see the master key generation phase.)
username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project} Parameters: For details about how to obtain related parameters, including the IAM server address, IAM username, IAM user password, account name, and project, see the master key generation phase
username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project} Parameters: For details about how to obtain related parameters, including the IAM server address, IAM username, IAM user password, account name, and project, see the master key generation phase
username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project} Parameters: For details about how to obtain related parameters, including the IAM server address, IAM username, IAM user password, account name, and project, see the master key generation phase
Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
To learn more about how IAM is different from Organizations for access control, see What Are the Differences in Access Control Between IAM and Organizations? This section describes the elements used by IAM custom identity policies and Organizations SCPs.
When gsql is used: gaussdb=# \key_info keyType=huawei_kms,iamUrl=https://iam.example.com/v3/auth/tokens,iamUser={IAM username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project},iamCaCert=/Path/IAM CA certificate file,kmsCaCert=/Path/KMS CA certificate file
{example.com/v3/auth/tokens," + "iamUser={IAM username}," + "iamPassword={IAM user password}," + "iamDomain={Account name}," + "kmsProject={Project}," + "iamCaCert=/Path/IAM CA certificate file," + "kmsCaCert=/Path/KMS CA certificate file"); conn.setProperty("
IAM users can use GaussDB resources only after their accounts and passwords are verified. For details, see Creating an IAM User and Logging In.
With IAM, you can control access to specific Huawei Cloud resources from principals (IAM users, user groups, agencies, or trust agencies). IAM supports role/policy-based authorization and identity policy-based authorization. The following table describes their differences.
iam:roles:listRoles, and iam:agencies:pass actions.
Search for Identity and Access Management (IAM) on the Huawei Cloud official website. On the page that is displayed, click Create User, set the IAM password for the IAM user, and grant the data encryption workshop (DEW) permission to the new IAM user.
Search for Identity and Access Management (IAM) on the Huawei Cloud official website. On the page that is displayed, click Create User, set the IAM password for the IAM user, and grant the data encryption workshop (DEW) permission to the new IAM user.
On the displayed page, you can obtain the IAM username, account name, project, and project ID, as shown in the following figure. IAM server address: https://iam.Project.myhuaweicloud.com/v3/auth/tokens IAM user password: Enter the password of the IAM user.
On the displayed page, you can obtain the IAM username, account name, project, and project ID, as shown in the following figure. IAM server address: https://iam.Project.myhuaweicloud.com/v3/auth/tokens IAM user password: Enter the password of the IAM user.
