检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM administrators can use preset IAM authorization policies or guardrail policies to enforce attestation-based conditional access control on KMS APIs. In addition, QingTian Enclave is a developer-friendly platform in terms of usability and application compatibility.
The ECS recycle bin is enabled by IAM project. If multi-project management is used, you need to enable recycle bin for each project. Prerequisites To enable ECS recycle bin, you need to enable EVS recycle bin first. For details, see Enabling the Recycle Bin.
Batch Operations Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Stopping ECSs in a batch POST /v1/{project_id}/cloudservers/action ecs:cloudServers:stop - Supported Supported Supported Supported Restarting ECSs in a
If you have created an agency in IAM, you can select the agency from the drop-down list and obtain specified operation permissions. For instructions about how to create an agency, see Identity and Access Management User Guide.
SSH Key Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Creating and importing an SSH key pair (native OpenStack API) (discarded) POST /v2.1/{project_id}/os-keypairs ecs:serverKeypairs:create - Supported Not
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
Operation protection takes effect for your account and IAM users created using your account. For details, see Protection for Mission-Critical Operations.
An account key pair can be used by multiple IAM users in the account. A private key pair can only be used by the IAM user. You can create key pairs as needed. On the Key Pair Service page, click Import Key Pair.
Figure 2 Changing VPCs In the displayed box, from the IAM Agency drop-down list, select an agency that has granted ECS access and related permissions to COC. If no agency is available, create one by clicking Create Agency.
IAM Identity and Access Management (IAM) provides permissions management to securely manage access to your Huawei Cloud services and resources. Parent Topic: QingTian Enclave Overview
In addition, several PCRs included in attestation documents can be used to create condition keys of IAM access control policies for stronger access control. For details, see PCR.
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
Floating IP Address Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Allocating a floating IP address (native OpenStack API) POST /v2.1/{project_id}/os-floating-ips ecs:serverFloatingIps:use vpc:floatingIps
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
Password Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Resetting the password for logging in to an ECS with a few clicks for enterprise projects PUT /v1/{project_id}/cloudservers/{server_id}/os-reset-password
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
Authorization Each account has all of the permissions required to call all APIs, but IAM users must have the required permissions specifically assigned. If you are using role/policy-based authorization, see the required permissions in Permissions and Supported Actions.
