检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
How It Works You can configure an agency for elastic cloud server (ECS) on Identity and Access Management (IAM) to obtain the temporary access key (AK), thereby protecting the AK and secret key (SK).
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
Can be obtained by calling the IAM API for obtaining the user token (the value of X-Subject-Token in the response header).
Centralized Secret Management IAM identity and permission management ensure only authorized users can retrieve and modify secrets. CTS monitors access to secrets. These services prevent unauthorized access to and breach of sensitive information.
Key Pair Management Permission API Action Dependent Permission IAM Project Enterprise Project Creating and importing an SSH key pair (native OpenStack API) POST /v2.1/{project_id}/os-keypairs ecs:serverKeypairs:create - √ x Querying an SSH key pair (native OpenStack API) GET /v2.1
It can be obtained by calling the IAM API. The value of X-Subject-Token in the response header is the user token.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
Can be obtained by calling the IAM API for obtaining the user token (the value of X-Subject-Token in the response header).
In this case, an IAM user can only delete keys after the operation is verified by the operator or a specified personnel, reducing risks and losses caused by misoperations.
Can be obtained by calling the IAM API for obtaining the user token (the value of X-Subject-Token in the response header).
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
Authorization Information Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
IAM IAM provides permission management. Only users who have KMS Administrator permissions can use DEW. Only users who have the KMS Administrator and Server Administrator permissions can use the key pair function.
NOTE: Use this ID as the value of Path if you are creating a custom policy in IAM and have selected Specify resource path for KeyId. Status Status of a CMK, which can be one of the following: Enabled The CMK is enabled. Disabled The CMK is disabled.
