检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing TaurusDB resources.
With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing TaurusDB resources.
Using IAM to Grant Access to TaurusDB Using IAM Roles or Policies to Grant Access to TaurusDB Using IAM Identity Policies to Grant Access to TaurusDB
Prerequisites To use DBA Assistant of HTAP Standard Edition on the console, IAM users must have the TaurusDB FullAccess, CES FullAccess, and DAS FullAccess (or DAS Administrator) permissions. To grant these permissions, see Using IAM to Grant Access to TaurusDB.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
IAM User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys). API authentication requires information such as the account, username, and password.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
Configuring only the minimum permissions for IAM users with different roles To better isolate and manage permissions, you are advised to configure an independent IAM administrator and grant them the permission to manage IAM policies.
To enable autoscaling, you must have the following IAM permissions: If role/policy-based authorization is used, you must have the iam:permissions:grantRoleToGroupOnProject permission. If you do not have this permission, create a custom policy.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
To learn more about how IAM policies are different from Organizations SCPs, see What Are the Differences in Access Control Between IAM and Organizations? This section describes the elements used by IAM custom policies and Organizations SCPs.
IAM users can use TaurusDB resources only after their accounts and passwords are verified. For details, see Creating an IAM User and Logging In.
For more information about IAM, see IAM Service Overview. Role/Policy-based Authorization TaurusDB supports role/policy-based authorization. New IAM users do not have any permissions assigned by default.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
With IAM, you can control access to specific Huawei Cloud resources from principals (IAM users, user groups, agencies, or trust agencies). IAM supports role/policy-based authorization and identity policy-based authorization.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
