检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Parent topic: Using IAM to Grant Access to KooPhone
Using IAM to Grant Access to KooPhone Using IAM Roles and Policies to Grant Access to KooPhone Using IAM Identity Policies to Grant Access to KooPhone
Using IAM Identity Policies to Grant Access to KooPhone You can use Identity and Access Management (IAM) to perform identity policy-based permissions management for your KooPhone resources.
Figure 1 UNI Cloud Terminal usage process Creating a User and Granting UNI Cloud Terminal Permissions Create IAM users and grant them permissions to access and operate Huawei Cloud resources for fine-grained permissions control.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
For security purposes, create Identity and Access Management (IAM) users and grant them the appropriate permissions for routine management. User A user is created using an account to use cloud services. Each user has its own identity credentials (password and access keys).
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. Ensure that the token is valid when you use it. Using a token that will soon expire may cause API calling failures.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
To learn more about how IAM is different from Organizations for access control, see How IAM Is Different from Organizations for Access Control?. This section describes the elements used by IAM custom identity policies and Organizations SCPs.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
For more information about IAM, see IAM Service Overview. Role/Policy-based Permissions Management KooPhone supports role- and policy-based authorization. By default, new IAM users do not have permissions assigned.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
With IAM, you can control access to specific Huawei Cloud resources from principals (IAM users, user groups, agencies, or trust agencies). IAM supports role/policy-based authorization and identity policy-based authorization.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
