检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
The following shows part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
Table 2 Query Parameters Parameter Mandatory Type Description permission No String Specifies the permission account ID in iam:domain::domain_id format. domain_id indicates the account ID of the authorized user, for example, iam:domain::6e9dfd51d1124e8d8498dce894923a0d.
Table 4 EpsAddPermissionRequest Parameter Mandatory Type Description permission Yes String The permission format is iam:domain::domain_id or organizations:orgPath::org_path. iam:domain:: and organizations:orgPath:: are fixed formats. domain_id indicates the ID of the account in which
code: 200 The server has successfully processed the request. { "permissions" : [ "iam:domain::5fc973eea581490997e82ea11a1d0101", "iam:domain::5fc973eea581490997e82ea11a1d0102" ] } SDK Sample Code The SDK sample code is as follows.
IAM helps you secure access to your Huawei Cloud resources With IAM, you can use your HUAWEI ID to create IAM users and assign permissions to control their access to specific Huawei Cloud resources.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
users and controlling their access to VPC Endpoint resources IAM Permissions Configured as a gateway VPC endpoint service by default.
For details about the relationship between IAM identities and operators and the operator username format, see Relationship Between IAM Identities and Operators.
name "password": $ADMIN_PASS, // IAM user password.
Constraints A VPC endpoint policy is defined in the JSON document of IAM policies. VPC endpoint policies must comply with the grammar and structure of IAM permission policies.
The token obtained from IAM is valid for only 24 hours. If you want to use one token for authentication, you can cache it to avoid frequently calling the IAM API.
Table 6 EpsPermission Parameter Type Description id String Specifies primary key IDs of whitelist records of a VPC endpoint service. permission String The permission format is iam:domain::domain_id or organizations:orgPath::org_path. iam:domain:: and organizations:orgPath:: are fixed
Table 6 EpsPermission Parameter Type Description id String Specifies primary key IDs of whitelist records of a VPC endpoint service. permission String The permission format is iam:domain::domain_id or organizations:orgPath::org_path. iam:domain:: and organizations:orgPath:: are fixed
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
