检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM or enterprise projects: Type of projects for which an action will take effect. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
IAM or enterprise projects: Type of projects for which an action will take effect. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
If your account does not require individual IAM users for permissions management, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see IAM Service Overview.
The validity period of a token obtained from IAM is 24 hours. If you want to use a token for authentication, cache it to avoid frequent IAM API calling.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
A quota is a limit on the quantity or capacity of a certain type of service resources that a user can use, for example, the maximum number of IAM users or user groups that you can create.
You can use bucket policies to control the access of IAM users or other account to your OBS buckets. You are advised to apply the least privilege principle to ensure that a bucket policy only grants necessary permissions for certain tasks.
You can use bucket policies to control the access of IAM users or other account to your OBS buckets. You are advised to apply the least privilege principle to ensure that a bucket policy only grants necessary permissions for certain tasks.
You can use bucket policies to control the access of IAM users or other account to your OBS buckets. You are advised to apply the least privilege principle to ensure that a bucket policy only grants necessary permissions for certain tasks.
IAM provides identity authentication, permissions management, and access control, enabling secure access to your cloud resources. With IAM, you can use your account to create IAM users, and grant them permissions to access only specific resources.
Reducing the Agency Permissions of ASM Users Background ASM permission management is implemented through IAM agencies. However, users authorized prior to July 2024 may have excessive agency permissions. For security purposes, you are advised to reduce the agency permissions.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. GES Permissions By default, new IAM users do not have permissions assigned.
If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see What Is IAM?
Figure 3 Importing IAM users In the Import IAM User dialog box, enter the ID and username of the IAM user to be added and click OK. The system will add the IAM user to GES so that the IAM user can be selected in the user group.
Symptom In the Kerberos cluster, the IAM sub-account does not have sufficient permissions to load HBase tables. Cause Analysis The IAM sub-account does not have sufficient permissions. Procedure MRS Manager: Log in to MRS Manager. Choose System > Manage User.
Only the sub-users (IAM users) of the account can register and use the SWR images if the image type is Private. Other users can register and use SWR images only when the image type is Public.
For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
If you log in to Huawei Cloud as an IAM user, first contact your CTS administrator (account owner or a user in the admin user group) to obtain the CTS FullAccess permissions. For details, see Assigning Permissions to an IAM User.
Basic Concepts Permission New IAM users do not have any permissions assigned by default. You need to first add them to one or more groups and then attach policies or roles to these groups.
In the left navigation pane on the IAM console, choose Permissions > Policies/Roles. Locate the custom policy you want to modify and click Modify in the Operation column, or click the custom policy name to go to the policy details page.
