检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing LTS resources.
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing LTS resources.
Using IAM to Grant Access to LTS Using IAM Roles or Policies to Grant Access to LTS Using IAM Identity Policies to Grant Access to LTS
If the delegator account deletes the agency from IAM after cross-account ingestion is configured, LTS will not detect the deletion and the ingestion configuration will continue to take effect.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Create an IAM user (for example, UserB) on the IAM console and add the user to GroupC by referring to Adding Users to a User Group. Ensure that the IAM user can use LTS through programmatic access or on the console.
Create an IAM user (for example, UserB) on the IAM console and add the user to GroupC by referring to Adding Users to a User Group. Ensure that the IAM user can use LTS through programmatic access or on the console.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
For more information about IAM, see IAM Service Overview. Role/Policy-based Authorization LTS supports role/policy-based authorization. New IAM users do not have any permissions assigned by default.
The token obtained from Identity and Access Management (IAM) is valid for only 24 hours. If you want to use the same token for authentication, cache it to avoid frequent calling of the IAM API.
To learn more about how IAM is different from Organizations for access control, see How IAM Is Different from Organizations for Access Control?. This section describes the elements used by IAM custom identity policies and Organizations SCPs.
Introduction You can use Identity and Access Management (IAM) for fine-grained permissions management of your LTS resources. If your HUAWEI ID does not need individual IAM users, you can skip this section. With IAM, you can control access to specific Huawei Cloud resources.
When installing ICAgent, you can create an IAM agency, and ICAgent will automatically obtain an AK/SK pair and generate the ICAgent installation command. Creating an Agency Log in to the IAM console. In the navigation pane, choose Agencies.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Replace the fields in bold with the actual values. accountid: ID of the account to which the IAM user belongs. username: username of the IAM user to be created. email: email address of the IAM user. **********: password of the IAM user.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Permissions Management This chapter describes how to use Identity and Access Management (IAM) to implement fine-grained permissions control for your LTS resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
With IAM, you can use your account to create IAM users for your employees, and assign permissions to the users to control their access to LTS resources.
