检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Related Services IAM Identity and Access Management (IAM) lets you control user authentication and access to OCR. Cloud Eye Cloud Eye monitors the metrics of OCR listed in Table 1. You use these metrics to monitor OCR usage.
With IAM, you can create IAM users, and assign permissions to the users to control their access to specific resources.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
APIG.0301 Error There are two possibilities to check: If error message "Incorrect IAM authentication information: decrypt token fail" and error code APIG.0301 are displayed, the token fails to decrypt.
If an IAM user does not add the administrator as a member when creating a project, the project will be invisible to the administrator after they log in to the homepage.
Enter the account ID and IAM user ID in the format of Account ID/IAM user ID. To specify multiple IAM users, enter each one on a separate line. An asterisk (*) indicates all accounts or IAM users. NOTE: The account ID and IAM user ID can be obtained on the My Credentials page.
Modifying Basic Configurations of a Cluster Snapshot Function This API is used to modify the basic configurations for a cluster snapshot, including OBS buckets and IAM agency. You can also use this API to enable the snapshot function.
On the displayed page, specify the expiration time, select Synchronize IAM account for Adding Method, then select the IAM account created in 4 for Users to Select, and click OK.
API for obtaining tokens from IAM VBS API for creating backups Procedure Obtain the token by following instructions in Calling APIs. Send POST https://VBS endpoint/v2/project ID/cloudbackups. Add the X-Auth-Token request header.
agencies:listAgencies iam:permissions:listRolesForAgency iam:permissions:listRolesForAgencyOnProject iam:roles:listRoles iam:agencies:createAgency iam:agencies:updateAgency iam:permissions:grantRoleToAgencyOnProject DELETE /v2/agency lakeformation::dropAgency iam:agencies:deleteAgency
If your HUAWEI ID does not require individual IAM users for permissions management, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see IAM Service Overview.
URI GET /v1/instances/{instance_id}/account-assignments Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance Table 2 Query parameters Parameter Mandatory Type Description limit No Integer Maximum
The token obtained from IAM is valid for only 24 hours. If you want to use one token for authentication, you can cache it to avoid frequently calling the IAM API.
Be an IAM user that has been assigned a global authorization policy. Parent topic: FAQs
If you log in to the management console as an IAM user, you may not have the permissions required to view or manage the resources. In this case, the account owner will need to grant the required permissions.
If your Huawei Cloud account does not need individual IAM users for permissions management, you can skip this section. For more information about IAM, see IAM Service Overview. OMS Permissions By default, new IAM users do not have any permissions.
Create an IAM user (for example, UserB) on the IAM console and add the user to GroupC by referring to Adding Users to a User Group. Ensure that the IAM user can use LTS through programmatic access or on the console.
Create an IAM user (for example, UserB) on the IAM console and add the user to GroupC by referring to Adding Users to a User Group. Ensure that the IAM user can use LTS through programmatic access or on the console.
Related Services IAM DataArts Studio uses Identity and Access Management (IAM) for authentication and authorization.
In this example, you need to grant IAM the permission to query the agency list based on specified conditions. As IAM is a global service, select Global services for Scope. Select Visual editor for Policy View. Configure a policy in Policy Content. Select Allow.
