检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Request Parameters Table 3 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String IAM token, which is obtained by calling the IAM API for obtaining a user token (value of X-Subject-Token in the response header).
Mandatory for MRS, GaussDB(DWS), and DLI permission management iam:users:listUsers iam:groups:listGroups iam:users:listUsersForGroup iam:roles:createRole iam:roles:deleteRole iam:roles:updateRole iam:permissions:grantRoleToGroup iam:permissions:listRoleAssignments iam:permissions:
Mandatory for MRS, DWS, and DLI permission management iam:users:listUsers iam:groups:listGroups iam:users:listUsersForGroup iam:roles:createRole iam:roles:deleteRole iam:roles:updateRole iam:permissions:grantRoleToGroup iam:permissions:listRoleAssignments iam:permissions:revokeRoleFromGroup
For more information about IAM, see the IAM Service Overview. Figure 1 shows the permission system.
For details, see Creating an IAM User and Granting DataArts Studio Permissions – Roles and Policies or Creating an IAM User and Granting DataArts Studio Permissions – Identity Policies. A DataArts Studio workspace role has been assigned to the current IAM user.
You can use any of the following methods to grant the minimum IAM permissions of a common user to an IAM user: A.
IAM authentication Medium After an API is authorized to an account using an IAM app or whitelist, the user token obtained from IAM is used for security authentication.
The IAM system roles of DataArts Studio include DAYU Administrator, DataArts Studio User, and DAYU User. The workspace roles are assigned based on the IAM role DAYU User or DataArts Studio User.
Authorizing API Calling Authorizing an API Which Uses App Authentication to Apps Authorizing an API Which Uses IAM Authentication to Apps Authorizing an API Which Uses IAM Authentication Through a Whitelist Parent topic: Developing APIs in DataArts DataService
Password Cluster Account Mappings IAM User IAM users for which an account mapping rule will be configured. For IAM users not configured here, the default access identity is used for authentication.
Authorizing Users to Use DataArts Studio Creating an IAM User and Granting DataArts Studio Permissions – Roles and Policies Creating an IAM User and Granting DataArts Studio Permissions – Identity Policies (Optional) Defining a Workspace Role Adding Workspace Members and Assigning
Failed Number of failed calls to APIs that use app or IAM authentication. Valid Number of valid calls to APIs that use app or IAM authentication. Valid API calls refer to the calls that pass the verification.
Grant the user sufficient permissions on IAM and then perform IAM user synchronization on the Dashboard tab page!". Solution This problem occurs because the user does not have the operation permission on the MRS cluster.
This policy takes effect for the account and IAM users of the account. Parent topic: Consultation and Billing
How Do I Create a Fine-Grained Permission Policy in IAM? How Do I Isolate Workspaces So That Users Cannot View Unauthorized Workspaces? What Should I Do If a User Cannot View Workspaces After I Have Assigned the Required Policy to the User?
IAM accounts are classified into the following types: Public IAM accounts: They apply to all jobs in the workspace. For details about how to configure a public IAM account, see Configuring a Public IAM Account. Execution users: They apply only to a single job.
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project and its ID from the project list. Parent topic: Configuring DataArts Studio Data Connection Parameters
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project and its ID from the project list. - Username Username for accessing CloudTable admin AK AK and SK for accessing CloudTable.
Grant the user sufficient permissions on IAM and then perform IAM user synchronization on the Dashboard tab page. The error code is 0192.
Part of the response body for the API used to create an IAM user is as follows: { "user": { "id": "c131886aec...
