检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
VPN Connection Monitor Permission API Action Dependencies IAM Project Enterprise Project Creating a VPN connection monitor POST /v5/{project_id}/connection-monitors vpn:connectionMonitors:create - √ √ Querying the VPN connection monitor list GET /v5/{project_id}/connection-monitors
VPN Connection Monitor Permission API Action Dependencies IAM Project Enterprise Project Creating a VPN connection monitor POST /v5/{project_id}/connection-monitors vpn:connectionMonitors:create - √ √ Querying the VPN connection monitor list GET /v5/{project_id}/connection-monitors
Customer Gateway Permission API Action Dependencies IAM Project Enterprise Project Creating a customer gateway POST /v5/{project_id}/customer-gateways vpn:customerGateways:create - √ × Querying a specified customer gateway GET /v5/{project_id}/customer-gateways/{customer_gateway_id
Customer Gateway Permission API Action Dependencies IAM Project Enterprise Project Creating a customer gateway POST /v5/{project_id}/customer-gateways vpn:customerGateways:create - √ × Querying a specified customer gateway GET /v5/{project_id}/customer-gateways/{customer_gateway_id
The token obtained through IAM is valid for only 24 hours. When using a token for authentication, cache it to avoid frequent calling.
Access Policy Permission API Action Dependencies IAM Project Enterprise Project Creating a VPN access policy POST /v5/{project_id}/p2c-vpn-gateways/vpn-servers/{vpn_server_id}/access-policies vpn:p2cVpnGateway:createAccessPolicy - √ x Querying the VPN access policy list GET /v5/{project_id
Access Policy Permission API Action Dependencies IAM Project Enterprise Project Creating a VPN access policy POST /v5/{project_id}/p2c-vpn-gateways/vpn-servers/{vpn_server_id}/access-policies vpn:p2cVpnGateway:createAccessPolicy - √ x Querying the VPN access policy list GET /v5/{project_id
Change the authentication mode from IAM authentication to another one. Click on the right of IAM authentication. In the dialog box that is displayed, select a new authentication mode. Click OK. Change the authentication mode from Federated authentication to another one.
Value range: CERT: certificate authentication LOCAL_PASSWORD: password authentication (local) IAM: IAM authentication FEDERATED: federated authentication dns_servers Array of strings No Specifies the DNS server list. A maximum of two DNS servers are supported.
VPN Tag Permission API Action Dependencies IAM Project Enterprise Project Creating a resource tag POST /v5/{project_id}/{resource_type}/{resource_id}/tags/create vpn:resourceInstanceTags:create - √ √ Deleting tags of a resource POST /v5/{project_id}/{resource_type}/{resource_id}/tags
VPN Tag Permission API Action Dependencies IAM Project Enterprise Project Creating a resource tag POST /v5/{project_id}/{resource_type}/{resource_id}/tags/create vpn:resourceInstanceTags:create - √ √ Deleting tags of a resource POST /v5/{project_id}/{resource_type}/{resource_id}/tags
Select IAM authentication. When IAM authentication is used, you need to create a user group and assign the VPN SSOAccessPolicy permission to the users in the user group. Select Federated authentication.
Cloud Eye Identity and Access Management (IAM) Allows you to assign different permissions to different users. It enables fine grained control over your VPN resources.
later OpenSUSE macOS - Tunnelblick 3.8.8d OpenVPN Connect 3.4.4.4629 Configuring a macOS Client Android - OpenVPN Connect APK 3.3.2 or later Configuring an Android Client iOS - OpenVPN Connect 3.4.0 Configuring an iOS Client Only clients running 3.4.0 and later versions support IAM
The API for obtaining the project ID is GET https://{IAM endpoint}/v3/projects. For details about API authentication, see Authentication. The following is an example response.
VPN Gateway Permission API Action Dependencies IAM Project Enterprise Project Subscribing to a yearly/monthly P2C VPN gateway - vpn:p2cVpnGateway:subscribe vpn:system:listAvailabilityZones vpc:vpcs:list vpc:subnets:get vpc:bandwidths:list vpc:publicIps:create vpc:publicIps:delete
VPN Gateway Permission API Action Dependencies IAM Project Enterprise Project Subscribing to a yearly/monthly P2C VPN gateway - vpn:p2cVpnGateway:subscribe vpn:system:listAvailabilityZones vpc:vpcs:list vpc:subnets:get vpc:bandwidths:list vpc:publicIps:create vpc:publicIps:delete
Value range: CERT: certificate authentication LOCAL_PASSWORD: password authentication (local) IAM: IAM authentication FEDERATED: federated authentication tunnel_protocol String Specifies a tunnel protocol.
The token obtained through IAM is valid for only 24 hours. When using a token for authentication, cache it to avoid frequent calling.
Multiple authentication modes are supported, including certificate authentication, password authentication, Identity and Access Management (IAM) authentication, and federated authentication.
