检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For security purposes, create IAM users and grant them permissions for routine management. IAM User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
RDS Actions Table 1 Common query actions Permission API Action IAM Project Enterprise Project Authorization by Instance Querying the DB engine version GET /v3/{projectId}/datastores/{database_name} No action required √ √ × Querying database specifications GET /v3/{project_id}/flavors
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies temporary permissions in a computer system.
Obtaining an Agency URN Log in to the Identity and Access Management (IAM) console. Figure 1 IAM page Click Agencies. On the displayed page, click Create Agency. On the Create Agency page, set the following parameters and click Next.
