检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
If your Huawei Cloud account does not need individual IAM users, you can skip this section. By default, new IAM users do not have any permissions. You need to add a user to one or more groups, and attach permissions policies or roles to these groups.
Configuring Forcible Backup Policies Forcible backup policies allow IAM users to forcibly back up data to ensure user data accuracy and security and service security.
For a policy to be delivered to IAM, each time a maximum of 500 IAM users can be added as blocked objects by each account.
When you use the new domain name, the IAM API for authentication is called, and the Huawei Cloud account and password need to be carried in the request.
IAM is free. You pay only for the resources in your account. For details, see IAM Service Overview. Message & SMS Permissions By default, new IAM users do not have permissions.
If your Huawei Cloud account does not need individual IAM users, you can skip this section. By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and assign permissions policies to these groups.
With IAM, you can use your account to create IAM users, and assign permissions to the users to control their access to specific Huawei Cloud resources.
Example 1: Creating an Ethereum Mainnet Node Call the IAM API to obtain a user token. Call the API for obtaining the network type to choose a proper network type ID (network_id). Create a node.
Introduction In addition to IAM and app authentication, APIG also supports custom authentication with your own system, which can better adapt to your business capabilities. This chapter guides you through the process of creating a FunctionGraph API that uses a custom authorizer.
On the Dashboard page, click Synchronize on the right of IAM User Sync to synchronize IAM users. On the Dashboard page, click Manage Agency on the right side of Select Agency to select the agency created in Creating an ECS Agency, and click OK to bind it to the cluster.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Applications. Click the name of the application to which you want to remove access.
When configuring alarm rules, only Huawei Cloud accounts or IAM users with the Tenant Administrator permissions can select all resources. For details about how to assign the Tenant Administrator permissions to an IAM user, see Creating a User Group and Assigning Permissions.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
For more information about IAM, see IAM Service Overview. CCI Permissions By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and attach permissions policies or roles to these groups.
The token obtained from IAM is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequently calling the IAM API.
Login Authentication Policy Access Control MPC supports access control through IAM fine-grained authorization policies.
Related Services IAM Identity and Access Management (IAM) authenticates access to GES on Huawei Cloud. VPC GES uses Virtual Private Cloud (VPC) to provide clusters with network topologies to isolate clusters and control access.
For example, the endpoint of IAM in the AP-Singapore region is iam.ap-southeast-3.myhuaweicloud.com. resource-path The resource path, that is, the API access path, is obtained from the URI of a specific API.
On the displayed API Credentials page, obtain the IAM user ID. After the grant is created, the IAM user can use the specified keys. Account Account ID: To obtain the account ID, hover the cursor over the username in the upper right corner, and choose My Credentials.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
