检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Authorization Scope: A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
The validity period of a token obtained from IAM is 24 hours. If you want to use a token for authentication, cache it to avoid frequently calling the IAM API. Procedure Obtain the token by referring to Authentication. Query the list of metrics that can be monitored.
For details, see Creating an IAM User and Assigning DataArts Studio Permissions. Preparations Enable notebooks. If notebooks are disabled, enable them by referring to Managing Notebooks. Create an OBS bucket. Create a VPC, a subnet, and a security group.
Data Protection Technologies For data protections, you are advised to protect Huawei Cloud account credentials and use IAM to set up individual user accounts. In this way, each user is given only the permissions necessary to fulfill their job duties.
Appendixes Status Codes Error Codes Obtaining Information About Account, IAM User, Group, Project, Region, and Agency Configuring SDK Client Authentication
If you are using an IAM user account, please confirm whether you are in the admin group. If you are not in the admin group, you will need to (Optional) Creating the rf_admin_trust Agency to your IAM account and complete the following preparation steps.
Related Services IAM GaussDB(DWS) uses Identity and Access Management (IAM) for authentication and authorization. Users who have the DWS Administrator permissions can fully utilize GaussDB(DWS).
Enter the account ID and IAM user ID in the format of Account ID/IAM user ID. To specify multiple IAM users, enter each one on a separate line. An asterisk (*) indicates all accounts or IAM users. NOTE: The account ID and IAM user ID can be obtained on the My Credentials page.
API to obtain the IAM token.
Importing Users from an Agency When your enterprise needs to manage and access resources in multiple accounts, you can create users using IAM Identity Center, and add these users as CodeArts project members.
Minimum length: 24 Maximum length: 24 group_id Yes String Globally unique ID of an IAM Identity Center group in the identity source.
Visit My Credential at https://console-intl.huaweicloud.com/iam/#/myCredential. Parent topic: Appendix
In addition, the IAM service is provided, achieving access control over DDS resources. Parent topic: Network Security
API for obtaining tokens from IAM CSBS API for creating backups Procedure Obtain the token by following instructions in Making an API Request. Obtain the token by following instructions in Obtaining a Project ID.
API for obtaining tokens from IAM CSBS API for creating backups Procedure Obtain the token by following instructions in Making an API Request. Obtain the token by following instructions in Obtaining a Project ID.
Configuration Example Prerequisites You have obtained the endpoint address of the region where IAM and ROMA Connect are deployed. You have obtained the ROMA Connect instance ID as well as the project ID of the region where the instance is located.
Restrictions To delete bucket tags, you must be the bucket owner or have the required permission (obs:bucket:DeleteBucketTagging in IAM or DeleteBucketTagging in a bucket policy).
Then, the IAM users created for the enterprise personnel can be added to different user groups based on their job responsibilities. For the definitions of an account and IAM user, see Basic Concepts.
Developing a Custom Authorizer with FunctionGraph Scenario In addition to IAM and app authentication, APIG also supports custom authentication with your own authentication system, which can better adapt to your business capabilities.
After creating IAM user groups for employees, you can create enterprise projects on the Enterprise Management console and grant permissions to the user groups in the enterprise projects to implement personnel authorization and permission control.
