检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
If the migration type is set to DLF, the mapping and migration policies are as follows: RAM user: IAM user (If the corresponding IAM user does not exist, the permission policy will not be migrated.)
Preparations Configuring LakeFormation Cloud Service Authorization Creating an IAM User and Granting the LakeFormation Permissions to Users Creating a LakeFormation Custom Policy
IAM: cloud user SAML: SAML-based federation.
IAM Obtain the project ID by referring to Obtaining the Account ID. token.server.access.label.agency.name visit_obs_agency Name of an IAM agency.
The options are IAM (cloud user), SAML (SAML-based federation), LDAP (lD user), LOCAL (local user), AGENTTENANT (agency), and OTHER (others). The response body of phase 1 does not contain this parameter.
What Should I Do If a Table Cannot Be Created After I Switch to an IAM Identity Center User? How Do I Minimize the Permissions of a LakeFormation Agency?
The options are IAM (cloud user), SAML (SAML-based federation), LDAP (lD user), LOCAL (local user), AGENTTENANT (agency), and OTHER (others). The response body of phase 1 does not contain this parameter.
The options are IAM (cloud user), SAML (SAML-based federation), LDAP (permission policy), LOCAL (local user), AGENTTENANT (agency), and OTHER (others). Enumeration values: IAM SAML LDAP LOCAL AGENTTENANT OTHER group_id String User group ID.
--SecurityToken for accessing LakeFormation IAM authentication information. This parameter is optional.
The API for obtaining a project ID is GET https://{Endpoint}/v3/projects, where {Endpoint} indicates the IAM endpoint. You can obtain the IAM endpoint from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
The value can be IAM (cloud), SAML (federated), LDAP (ld user), LOCAL (local), AGENTTENANT (agency), or OTHER (other). Enumeration values: IAM SAML LDAP LOCAL AGENTTENANT OTHER class_name No String Function class name. The value can contain 1 to 4,000 characters.
The value can be IAM (cloud), SAML (federated), LDAP (ld user), LOCAL (local), AGENTTENANT (agency), or OTHER (other). Enumeration values: IAM SAML LDAP LOCAL AGENTTENANT OTHER class_name No String Function class name. The value can contain 1 to 4,000 characters.
In the role list, locate the row that contains the role you created and click Add IAM User in its Operation column.
IAM_USER: IAM user IAM_GROUP: IAM group ROLE: role Enumeration values: IAM_USER IAM_GROUP ROLE role_prefix String Prefix of the object name after role conversion. role_suffix String Suffix of the object name after role conversion.
Can grant permissions on all tables it create to entities in the same IAM account. Can view the database where the table created by it is in. Parent topic: Permission Management
Resources cannot be transferred across IAM projects. Parent topic: Product Consulting
IAM_USER: IAM user IAM_GROUP: IAM group ROLE: role Enumeration values: IAM_USER IAM_GROUP ROLE role_prefix String Prefix of the object name after role conversion. role_suffix String Suffix of the object name after role conversion.
IAM: cloud user SAML: SAML-based federation.
IAM: cloud user SAML: SAML-based federation.
IAM: cloud user SAML: SAML-based federation LDAP: ID user LOCAL: local user AGENTTENANT: agency OTHER: others Enumeration values: IAM SAML LDAP LOCAL AGENTTENANT OTHER principal_name Yes String Entity name. The value can contain 1 to 49 characters.
