检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing SWR resources.
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing SWR resources.
Configuring Permissions in IAM Creating a User and Granting Permissions Using IAM Roles or Policies to Allow Access to SWR Using IAM Identity Policies to Allow Access to SWR SWR Custom Policies SWR Resources Parent Topic: Permissions Management
Why Cannot IAM Users Configure Image Synchronization? Currently, only accounts and IAM users with administrator permissions can configure image synchronization. Parent topic: Image Synchronization
With IAM, you can control access to specific Huawei Cloud resources from principals (IAM users, user groups, agencies, or trust agencies). IAM supports role/policy-based authorization and identity policy-based authorization.
To grant an IAM user permission to access dependent cloud services of SWR, you must have the IAM role Security Administrator. Fine-grained HSS Authorization Log in to the IAM console. Select a region from the top menu bar.
Example: swr:*:*:namespace:test*: organization whose name starts with test swr:*:*:namespace:test: organization whose name is test Parent Topic: Configuring Permissions in IAM
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Tag-based Fine-Grained Authorization Scenarios After creating a custom policy for the SWR Enterprise Edition on the IAM console, you can add tags for namespaces and repositories.
"StringEquals": { "g:SourceVpc": [ "0bfdf87b-7789-4851-801e-8e726b82beae" ] } } }, { "Effect": "Allow", "Action": [ "swr::createLoginSecret" ] } ] } Parent Topic: Configuring Permissions in IAM
SWR Permissions Overview There are three types of SWR permissions: SWR permissions: You can create an IAM user and grant SWR permissions. Image permissions: After creating an IAM administrator, you can grant image access permissions to other IAM users.
With IAM, you can control access to specific Huawei Cloud resources from principals (IAM users, user groups, agencies, or trust agencies). IAM supports role/policy-based authorization and identity policy-based authorization.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
The token can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token.
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing SWR resources.
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing SWR resources.
IAM users must be added to a user group to obtain the permissions assigned to the user group. If a user is added to multiple user groups, the user inherits the permissions assigned to all these groups. IAM role IAM roles are IAM users with special permissions.
The token can be obtained through the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token.
IAM helps you secure access to your Huawei Cloud resources. With IAM, you can create IAM users and grant them permission to access only specific resources.
The token can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
