检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Table 1 IAM Identity Center operations that can be recorded by CTS Operation Resource Type Event Name Enabling IAM Identity Center Instance StartIdentityCenter Disabling IAM Identity Center Instance DeleteIdentityCenter Registering a region Instance RegisterRegion Updating single
Configuring Permissions in IAM Creating a User and Granting Permissions Using IAM Roles or Policies to Allow Access to SWR Using IAM Identity Policies to Allow Access to SWR SWR Custom Policies SWR Resources Parent Topic: Permissions Management
With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing Enterprise Switch resources. Grant only the permissions required for users to perform a specific task.
How Do I Isolate IAM Users on a Notebook Instance? In a development environment, multiple IAM users may require isolation, and they don't want their notebook instances to be viewed, modified, or deleted by others.
Removing an IAM User from a User Group Function This API can be used by the administrator to remove an IAM user from a specified user group. The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Granting IAM User Groups Specific Permissions for All OBS Resources Scenario This topic describes how to grant multiple IAM users or user groups specified permissions for all OBS resources. Recommended Configuration Use an IAM custom policy to configure the permissions.
Granting IAM User Groups All Permissions on All OBS Resources Scenario This topic describes how to grant multiple IAM users or user groups all permissions on all OBS resources. Users with this permission can perform any operations on OBS.
This error message indicates that the IAM user does not have programmatic access permissions. Solution Contact the account administrator and log in to the IAM console. Locate the IAM user to be modified and click the username.
This error message indicates that the IAM user does not have programmatic access permissions. Solution Contact the account administrator and log in to the IAM console. Locate the IAM user to be modified and click the username.
Using IAM to Grant Permissions to DMS for RabbitMQ Creating an IAM User and Granting DMS for RabbitMQ Permissions Using IAM Identity Policies to Grant Access to DMS for RabbitMQ
Using IAM to Grant Access to DMS for Kafka Using IAM Roles or Policies to Grant Access to DMS for Kafka Using IAM Identity Policies to Grant Access to DMS for Kafka
Recommended Configuration Use an IAM custom policy to configure the permissions. Precautions After configuration, IAM user groups can perform allowed operations using APIs or SDKs.
For more information, see Creating an IAM User. Parent topic: Preparations
With IAM, you can: Create IAM users or user groups for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing Enterprise Switch resources.
If an enabled IAM user has been added to at least one user group, and no user groups are specified, this IAM user is compliant. If an enabled IAM user has not been added to any user groups, and no user groups are specified, this IAM user is noncompliant.
For more details, see Assigning Agency Permissions to an IAM User. Rule Logic If an IAM agency does not contain all the specified policies and roles, this agency is non-compliant. If an IAM agency contains all the specified policies and roles, this agency is compliant.
For details, see Authorizing dlg_agency. dws:dbAuthority:syncIamUse iam:users:listUsers iam:groups:listGroups iam:users:listUsersForGroup GaussDB(DWS) does not support user groups.
Read - - iam:users:getUser iam:users:update Grants permission to update a user. Write - - iam:users:updateUser iam:users:list Grants permission to list users. List - - iam:users:listUsers iam:users:delete Grants permission to delete a user.
Log In to a CBH Instance Console as an IAM User Function This API is used to log in to a CBH instance console as an IAM user.
Parent topic: IAM User Management
