检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Table 2 Query Parameters Parameter Mandatory Type Description permission No String Specifies the permission account ID in iam:domain::domain_id format. domain_id indicates the account ID of the authorized user, for example, iam:domain::6e9dfd51d1124e8d8498dce894923a0d.
name "password": $ADMIN_PASS, //IAM user password.
Table 4 EpsAddPermissionRequest Parameter Mandatory Type Description permission Yes String The permission format is iam:domain::domain_id or organizations:orgPath::org_path. iam:domain:: and organizations:orgPath:: are fixed formats. domain_id indicates the ID of the account in which
code: 200 The server has successfully processed the request. { "permissions" : [ "iam:domain::5fc973eea581490997e82ea11a1d0101", "iam:domain::5fc973eea581490997e82ea11a1d0102" ] } SDK Sample Code The SDK sample code is as follows.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
IAM helps you secure access to your Huawei Cloud resources With IAM, you can use your HUAWEI ID to create IAM users and assign permissions to control their access to specific Huawei Cloud resources.
users and controlling their access to VPC Endpoint resources IAM Permissions Configured as a gateway VPC endpoint service by default.
Resource Quotas Table 1 Actions for managing resource quotas Permission API Action Dependent Action IAM Project Enterprise Project Querying quotas GET /v1/{project_id}/quotas vpcep:quotas:get - √ × Parent Topic: Permissions Policies and Supported Actions
For details about the relationship between IAM identities and operators and the operator username format, see Relationship Between IAM Identities and Operators.
Tags Table 1 Actions for managing tags Permission API Action Dependent Action IAM Project Enterprise Project Querying VPCEP resources by tag POST /v1/{project_id}/{resource_type}/resource_instances/action vpcep:resource:list - √ × Adding or deleting a resource tag POST /v1/{project_id
Constraints A VPC endpoint policy is defined in the JSON document of IAM policies. VPC endpoint policies must comply with the grammar and structure of IAM permission policies.
The token obtained from IAM is valid for only 24 hours. If you want to use one token for authentication, you can cache it to avoid frequently calling the IAM API.
Table 6 EpsPermission Parameter Type Description id String Specifies primary key IDs of whitelist records of a VPC endpoint service. permission String The permission format is iam:domain::domain_id or organizations:orgPath::org_path. iam:domain:: and organizations:orgPath:: are fixed
Table 6 EpsPermission Parameter Type Description id String Specifies primary key IDs of whitelist records of a VPC endpoint service. permission String The permission format is iam:domain::domain_id or organizations:orgPath::org_path. iam:domain:: and organizations:orgPath:: are fixed
VPC Endpoints Table 1 Actions for managing VPC endpoints Permission API Action Dependent Action IAM Project Enterprise Project Creating a VPC endpoint POST /{project_id}/vpc-endpoints vpcep:endpoints:create - √ × Querying VPC endpoints GET /{project_id}/vpc-endpoints vpcep:endpoints
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
