检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Resource isolation IAM allows you to create multiple projects in a region for resource isolation. An IAM project can contain resources of only one region.
IAM is an identity management service that provides identity authentication, permissions management, and access control. You can use both IAM and Enterprise Management to manage users and access permissions.
How Do I Grant Some CDN Permissions to IAM Users? You can use IAM to implement fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you secure access to your Huawei Cloud resources.
Rule Logic If an IAM user has any directly assigned policies or permissions, the IAM user is noncompliant. If an IAM user does not have directly assigned policies or permissions, the IAM user is compliant. Parent topic: Identity and Access Management
For details about the two services, see What Are the Differences Between IAM and Enterprise Management? Solution to requirement 2: In IAM, company A creates IAM users for employees and adds the IAM users to different groups.
How Do I Create an IAM Agency? Scenarios During cross-region image replication, an agency is required to verify cloud service permissions in the destination region. So, create a cloud service agency before the replication.
Creating IAM Users and Granting Them Permissions to Use CSS You can use Identity and Access Management (IAM) for fine-grained permissions control for CSS. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
With this rule, you can detect IAM policies that allow blocked actions on KMS keys to prevent unintended data encryption and decryption. Solution You can modify noncompliant IAM policies based on the evaluation results.
Obtaining Information About Account, IAM User, Group, Project, Region, and Agency Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
Parent topic: Using CTS to Audit IAM Identity Center Operations
Parent topic: Using IAM to Grant Access to ServiceStage
The added IAM user is displayed in the user list. Use the added IAM user to log in to Huawei Cloud Astro Zero. Log in to Huawei Cloud as the added IAM user. For details, see Logging In as an IAM User.
Creating a User and Granting ServiceStage Permissions You can use Identity and Access Management (IAM) for fine-grained permissions control for your ServiceStage. With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure.
Parent Topic: Using IAM to Grant Access to TaurusDB
X-Auth-Token No String IAM user token, federated user token, or agency token. Specify either X-Auth-Token or Authorization (recommended). You can obtain the token from X-Subject-Token by calling the API for obtaining an IAM user token or agency token.
Updating the Mapping Between a User (Group) and an IAM Agency Function This API is used to update the mapping between a user or user group and an IAM agency. Constraints None Debugging You can debug this API in API Explorer. Automatic authentication is supported.
If your Huawei Cloud account does not need individual IAM users, then you may skip over this section. By default, new IAM users do not have any permissions assigned. You need to add a user to one or more groups, and assign policies or roles to these groups.
Using IAM to Grant Access to GeminiDB Cassandra API Creating a User and Granting Permissions Creating a Custom Policy Parent Topic: Working with GeminiDB Cassandra API
Using IAM to Grant Access to GeminiDB Influx API Creating a User Group and Assigning Permissions Custom Policies Parent Topic: Working with GeminiDB Influx API
Querying the Mapping Between a User (Group) and an IAM Agency Function This API is used to obtain details about the mapping between a user or user group and an IAM agency. Constraints None Debugging You can debug this API in API Explorer. Automatic authentication is supported.
