检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
grantRoleToAgency", "iam:permissions:grantRoleToAgencyOnProject", "iam:permissions:listRolesForAgency", "iam:permissions:listRolesForAgencyOnDomain", "iam:permissions:listRolesForAgencyOnProject", "iam:permissions:revokeRoleFromAgency",
By adding users to user groups and binding IAM policies to user groups, the IAM administrator can grant different data access permissions to employees in different departments based on the principle of least privilege.
The following shows part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
"password": "********", //IAM user password "domain": { "name": "domainname" //Name of the account to which the IAM user belongs } } } }, "scope": {
Figure 1 DNS server address Check IAM agency quota. Log in to the management console. In the service list, select Identity and Access Management. On the IAM console, choose Agencies. Check the agency quota. Check whether there is the agency: CESAgentAutoConfigAgency.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Permissions Management You can use Identity and Access Management (IAM) for fine-grained permissions management of your Cloud Eye. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Supported Actions of the Event Monitoring API Permission API Action IAM Project Enterprise Project Report custom events. POST /V1.0/{project_id}/events ces:events:post √ × Parent topic: Permissions Policies and Supported Actions
Supported Actions of the Quota Management API Permission API Action IAM Project Enterprise Project Query a resource quota and the used amount. Currently, the resource refers to alarm rules only.
For details about the relationship between IAM identities and operators and the operator username format, see Relationship Between IAM Identities and Operators.
Permissions Management What Should I Do If the IAM Account Permissions Are Abnormal? What Can I Do If the System Displays a Message Indicating Insufficient Permissions When I Access Cloud Eye?
Supported Actions of the API Version Management APIs Permission API Action IAM Project Enterprise Project Query all API versions supported by Cloud Eye. GET / ces:versions:get √ × Query a specified Cloud Eye API version.
If cesagency cannot be found on the IAM Agencies page after authorization, you can manually create it on the IAM console. For details about how to create an agency, see Creating an Agency and Assigning Permissions. The name of the agency to be created must be cesagency.
Supported Actions of the Metric Management API Permission API Action IAM Project Enterprise Project Query the metric list. You can specify the namespace, metric name, dimension, sorting order, start records, and the maximum number of records when using this API to query metrics.
How Can an IAM User Receive Alarm Notifications? Why Are Resource Names Not Displayed in Alarm Notifications? Why Are Unreached Cloud Services Displayed on the Cloud Eye Console? Parent topic: Product Usage
Supported Actions of the Alarm Rule Management APIs Permission API Action IAM Project Enterprise Project Query the alarm rule list. You can specify the paging parameters to limit the number of query results displayed on a page.
Table 3 Basic permissions Service Action API Description IAM iam:projects:listProjects /v3/projects Lists projects based on specified conditions. IAM Any global permission. /v3/auth/domains Obtains account information accessible to an IAM user.
Figure 2 Failing to obtain the AK/SK On the IAM console, in the left navigation pane, choose Agencies, and search for cesagency. Expand the cesagency details, check whether the current region is included in Project [Region].
Supported Actions of the Monitoring Data Management APIs Permission API Action IAM Project Enterprise Project Query the monitoring data at a specified granularity for a specified metric in a specified period of time. You can specify the dimension of data to be queried.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions. If you are using role/policy-based authorization, see the required permissions in Permissions Policies and Supported Actions.
