检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM Obtain the project ID by referring to Obtaining the Account ID. token.server.access.label.agency.name visit_obs_agency Name of an IAM agency.
Permission Management LakeFormation Permission Overview IAM Permissions LakeFormation Permissions
Preparations Configuring LakeFormation Cloud Service Authorization Creating an IAM User and Granting the LakeFormation Permissions to Users Creating a LakeFormation Custom Policy
What Should I Do If a Table Cannot Be Created After I Switch to an IAM Identity Center User? How Do I Minimize the Permissions of a LakeFormation Agency?
In the navigation pane of the IAM console, choose Agencies. On the displayed page, search for lakeformation_admin_trust and click Authorize in the Operation column.
In the navigation pane of the IAM console, choose Agencies. On the displayed page, search for lakeformation_job_trust and click Authorize in the Operation column.
--SecurityToken for accessing LakeFormation IAM authentication information. This parameter is optional.
The API for obtaining a project ID is GET https://{Endpoint}/v3/projects, where {Endpoint} indicates the IAM endpoint. You can obtain the IAM endpoint from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
IAM: cloud user SAML: SAML-based federation LDAP: ID user LOCAL: local user AGENTTENANT: agency OTHER: others principal_name String Entity name. The value can contain 1 to 49 characters. Only letters, digits, underscores (_), hyphens (-), and periods (.) are allowed.
In the role list, locate the row that contains the role you created and click Add IAM User in its Operation column.
Can grant permissions on all tables it creates to entities in the same IAM account. Can view the database where the table created by it is located. Parent topic: Permission Management
Resources cannot be transferred across IAM projects. Parent topic: Product Consulting
The value configured here is for reference only. spark.hadoop.lakeformation.instance.id=LakeFormation Instance ID #AK information for LakeFormation IAM authentication. This parameter is optional.
The options are IAM (cloud user), SAML (SAML-based federation), LDAP (lD user), LOCAL (local user), AGENTTENANT (agency), and OTHER (others). The LakeFormation service is divided into phase 1 and phase 2.
IAM_USER: IAM user IAM_GROUP: IAM group ROLE: role role_prefix String Prefix of the object name after role conversion. role_suffix String Suffix of the object name after role conversion.
IAM_USER: IAM user IAM_GROUP: IAM group ROLE: role role_prefix String Prefix of the object name after role conversion. role_suffix String Suffix of the object name after role conversion.
The options are IAM (cloud user), SAML (SAML-based federation), LDAP (lD user), LOCAL (local user), AGENTTENANT (agency), and OTHER (others). The LakeFormation service is divided into phase 1 and phase 2.
The values include IAM, SAML, LDAP, LOCAL, AGENTTENANT, or OTHER. The default value is IAM. Request Parameters Table 3 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes Array of strings Tenant token.
IAM_USER: IAM user IAM_GROUP: IAM group ROLE: role role_prefix String Prefix of the object name after role conversion. role_suffix String Suffix of the object name after role conversion.
The value can be IAM (cloud), SAML (federated), LDAP (ld user), LOCAL (local), AGENTTENANT (agency), or OTHER (other). class_name No String Function class name. The value can contain 1 to 4,000 characters.
