检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Cloud Services that Support Resource-Level Authorization Using IAM If you want to grant permissions to an IAM user for specific resources, create a custom policy that contains permissions for the resources, and attach the policy to the user.
On the Huawei Cloud login page, click IAM User. On the IAM User Login page, enter the company's account name, IAM username, and password.
IAM User IAM users use Huawei Cloud resources as specified by the permissions granted by their account. Creation: IAM users are created by an account in IAM. For details, see Creating an IAM User. Huawei Cloud login: Log in to Huawei Cloud by clicking IAM User.
Token of an IAM User IAM 07:32 IAM
Error Codes None Parent topic: IAM User Management
*", "iam:credentials:*", "iam:groups:*", "iam:identityProviders:*", "iam:mfa:*", "iam:permissions:*", "iam:projects:*", "iam:quotas:*", "iam:roles:*",
Figure 1 Relationship between an account and its IAM users Identifying IAM Users When you create an IAM user, IAM provides the following methods to identify that user: An IAM username, which is specified when you create the IAM user.
Creating an IAM User and Configuring an External Identity ID Changing the External Identity ID of an Existing IAM User Creating an IAM User and Configuring an External Identity ID Log in to the IAM console as an administrator.
Table 1 lists IAM endpoints. IAM is a global service with all data stored in the Global service project. All APIs of IAM can be called using the endpoint of a global service.
Table 1 lists IAM endpoints. IAM is a global service with all data stored in the Global service project. All APIs of IAM can be called using the endpoint of a global service.
IAM implements security design for each identity credential to protect user data and enable users to access IAM more securely. For details, see Table 1.
All regions Creating an IAM User Assigning Permissions to an IAM User Logging In as an IAM User OBS 2.0 Supported User Group Management User groups are used to assign permissions to IAM users. By default, new IAM users do not have any permissions assigned.
Verifying a Token Function This API can be used by the administrator to verify the token of an IAM user or used by an IAM user to verify their own token. The administrator can only verify the token of an IAM user created using the account.
Creating a Permanent Access Key Function This API can be used by the administrator to create a permanent access key for an IAM user or used by an IAM user to create a permanent access key.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI GET /v3/users/{user_id}/projects Table 1 URI parameters Parameter Mandatory Type Description user_id Yes String IAM user ID.
Symptom Permissions that you grant to an IAM user on the IAM console have not been applied. Troubleshooting Cause: Incorrect permissions were granted to the user group to which the user belongs.
Deleting a Permanent Access Key Function This API can be used by the administrator to delete the specified permanent access key of an IAM user or used by an IAM user to delete one of their own permanent access keys.
Functions IAM provides a variety of functions for you to secure access to your resources. Refined Permissions Management You can grant IAM users permissions to manage different resources in your account.
Modifying a Permanent Access Key Function This API can be used by the administrator to modify the specified permanent access key of an IAM user or used by an IAM user to modify one of their own permanent access keys.
Querying a Permanent Access Key Function This API can be used by the administrator to query the specified permanent access key of an IAM user or used by an IAM user to query one of their own permanent access keys.