检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Rule Logic If an IAM user has any directly assigned policies or permissions, the IAM user is noncompliant. If an IAM user does not have directly assigned policies or permissions, the IAM user is compliant. Parent topic: Identity and Access Management
For details about the two services, see What Are the Differences Between IAM and Enterprise Management? Solution to requirement 2: In IAM, company A creates IAM users for employees and adds the IAM users to different groups.
How Do I Create an IAM Agency? Scenarios During cross-region image replication, an agency is required to verify cloud service permissions in the destination region. So, create a cloud service agency before the replication.
Creating IAM Users and Granting Them Permissions to Use CSS You can use Identity and Access Management (IAM) for fine-grained permissions control for CSS. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
With this rule, you can detect IAM policies that allow blocked actions on KMS keys to prevent unintended data encryption and decryption. Solution You can modify noncompliant IAM policies based on the evaluation results.
To authorize IAM users to manage these resources, assign permissions to the users. You can authorize an IAM user to manage resources for all delegating parties, or authorize the user to manage resources for a specific delegating party.
Parent topic: Using IAM to Grant Access to ServiceStage
Creating a User and Granting ServiceStage Permissions You can use Identity and Access Management (IAM) for fine-grained permissions control for your ServiceStage. With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure.
Parent Topic: Using IAM to Grant Access to TaurusDB
X-Auth-Token No String IAM user token, federated user token, or agency token. Specify either X-Auth-Token or Authorization (recommended). You can obtain the token from X-Subject-Token by calling the API for obtaining an IAM user token or agency token.
Updating the Mapping Between a User (Group) and an IAM Agency Function This API is used to update the mapping between a user or user group and an IAM agency. Constraints None Debugging You can debug this API in API Explorer. Automatic authentication is supported.
If your Huawei Cloud account does not need individual IAM users, then you may skip over this section. By default, new IAM users do not have any permissions assigned. You need to add a user to one or more groups, and assign policies or roles to these groups.
Using IAM to Grant Access to GeminiDB Cassandra API Creating a User and Granting Permissions Creating a Custom Policy Parent Topic: Working with GeminiDB Cassandra API
Using IAM to Grant Access to GeminiDB Influx API Creating a User Group and Assigning Permissions Custom Policies Parent Topic: Working with GeminiDB Influx API
Using IAM to Grant Access to GeminiDB Redis API Creating a User and Granting GeminiDB Redis API Permissions Custom Policies of GeminiDB Redis API Parent Topic: Working with GeminiDB Redis API
Using IAM to Grant Access to GeminiDB DynamoDB-Compatible API Creating a User and Granting Permissions to Use GeminiDB DynamoDB-Compatible API Custom Policies for GeminiDB DynamoDB-Compatible API Parent Topic: Working with GeminiDB DynamoDB-Compatible API
Querying the Mapping Between a User (Group) and an IAM Agency Function This API is used to obtain details about the mapping between a user or user group and an IAM agency. Constraints None Debugging You can debug this API in API Explorer. Automatic authentication is supported.
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing SWR resources.
IAM username or email address Alice IAM username or email address entered during the user creation. You can obtain the IAM username and IAM user's initial password from the administrator. IAM user password ******** Password of the IAM user, rather than the account.
The added IAM user is displayed in the user list. Use the added IAM user to log in to Huawei Cloud Astro Zero. Log in to Huawei Cloud as the added IAM user. For details, see Logging In as an IAM User.