检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
If your Huawei Cloud account does not require IAM for permissions management, you can skip this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.
user name "password": "********", // IAM user password "domain": { "name": "domainname" // Name of the account to which the IAM user belongs } } } },
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials, providing access to TMS resources. Grant only the permissions required for users to perform a task.
The following shows part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
Policies that contain actions only for IAM projects can be used and applied to IAM only. Administrators can check whether an action supports IAM projects or enterprise projects in the action list.
Creating a User and Granting Permissions This section describes how to use Identity and Access Management (IAM) to implement fine-grained permissions control for your TMS resources. With IAM, you can: Create IAM users for employees based on your organizational structure.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
To ensure account security, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
The token obtained from IAM is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequently calling the IAM API.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
For details about the relationship between IAM identities and operators and the operator username format, see Relationship Between IAM Identities and Operators.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
You can use IAM to control access to your TMS resources. IAM permissions define which actions on your cloud resources are allowed or denied.
