检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Only the following users can use IAM: Account administrator (with full permissions for all services, including IAM) IAM users added to the admin group (with full permissions for all services, including IAM) IAM users assigned the Security Administrator role or an xxx FullAccess policy
Applicable Scenario This rule allows you to ensure that only intended permissions are assigned to an IAM user, a user group, or an IAM agency. For more details, see Grant Least Privilege.
Introduction You can use IAM to implement fine-grained permissions management for your Huawei HiLens resources. If your HUAWEI CLOUD account does not need individual IAM users, then you may skip this chapter. By default, new IAM users do not have permissions assigned.
Policies that contain actions only for IAM projects can be used and applied to IAM only. For details about the differences between IAM and enterprise management, see Differences Between IAM and Enterprise Management.
Create a user group on the IAM console, and assign the FunctionGraph Invoker role to the group. Create an IAM user and add it to the user group. Create a user on the IAM console and add the user to the group created in 1.
IAM or enterprise projects on which actions take effect. Policies that contain actions supporting both IAM and enterprise projects can be used and take effect in both IAM and Enterprise Management.
You can use IAM to control access to your TMS resources. IAM permissions define which actions on your cloud resources are allowed or denied.
You can use IAM to control access to your EPS resources. IAM permissions define which actions on your cloud resources are allowed or denied.
Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
To access OBS using access keys as an IAM user, the programmatic access must be enabled by the account. For details, see Viewing or Modifying IAM User Information. To access OBS in the EU-Dublin region, contact the administrator to obtain an access key pair.
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
You can use your account to create IAM users, and assign permissions to the IAM users to control their access to specific resources. IAM permissions define which actions on your cloud resources are allowed or denied.
To query enterprise projects associated with an IAM user, see Querying the Enterprise Projects Associated with an IAM User.
When installing ICAgent, you can create an IAM agency, and ICAgent will automatically obtain an AK/SK pair and generate the ICAgent installation command. Creating an Agency Log in to the IAM console. In the navigation pane, choose Agencies.
If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.
With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing MetaStudio resources. Assign only the permissions required for users to perform a specific task.
Creating a User and Granting Permissions You can use IAM to implement refined permission control for DBSS resources. To be specific, you can: Create IAM users for employees based on the organizational structure of your enterprise.
If your HUAWEI ID does not require individual IAM users for permissions management, skip this section. IAM is free of charge. You pay only for the resources you use. For more information, see IAM Service Overview.
Identity and Access Management You can use Identity and Access Management (IAM) to control access to your Global Accelerator resources. IAM permissions define which actions on your cloud resources are allowed or denied to control access to your resources.
