检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Preparing a Huawei Account Before using MgC, prepare a HUAWEI ID or an IAM user that can access MgC and obtain an AK/SK pair for the account or IAM user. For details, see Making Preparations.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Multi-Account Permissions > Accounts. By default, accounts are displayed in an organizational hierarchy structure.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Applications. Click the name of the application to which you want to assign users and groups.
Constraints CCI resources cannot be operated using ccictl in IAM 5.0 (Landing Zone).
With IAM, you can: With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials, providing access to GaussDB(DWS) resources.
Obtaining Authentication Information Obtaining AK/SK Access Key ID/Secret Access Key (AK/SK) is created on Identity and Access Management (IAM) to authenticate calls to application programming interfaces (APIs) on the public cloud.
Obtaining Authentication Information Obtaining AK/SK Access Key ID/Secret Access Key (AK/SK) is created on Identity and Access Management (IAM) to authenticate calls to application programming interfaces (APIs) on the public cloud.
It is possible that: "error_msg":"Incorrect IAM authentication information: decrypt token fail","error_code":"APIG.0301"indicates that the token fails to be decrypted.
It is possible that: "error_msg":"Incorrect IAM authentication information: decrypt token fail","error_code":"APIG.0301"indicates that the token fails to be decrypted.
Procedure Create a user on the IAM console and add the user to a user group with LakeFormation operation permissions. For details, see Creating an IAM User. The username can contain only letters, digits, and underscores (_). Parent topic: Metadata Management
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Multi-Account Permissions > Accounts. By default, accounts are displayed in an organizational hierarchy structure.
Restrictions To rename an object, you must be the PFS owner or have the required permission (obs:bucket:PutObject in IAM or PutObject in a policy). For details, see Introduction to OBS Access Control, IAM Custom Policies, and Configuring an Object Policy.
URI DELETE /v1/instances/{instance_id}/permission-sets/{permission_set_id}/custom-policy Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance. permission_set_id Yes String Globally unique ID of a
URI GET /v1/instances/{instance_id}/disaster-recovery-configuration Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance.
URI PUT /v1/instances/{instance_id}/disaster-recovery-configuration Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance.
Checking Authentication Information AK/SK file Access Key ID/Secret Access Key (AK/SK) files are created by the Identity and Access Management (IAM) service to authenticate calls to application programming interfaces (APIs) on the public cloud. To obtain AK/SK, choose .
Checking Authentication Information AK/SK file Access Key ID/Secret Access Key (AK/SK) files are created by the Identity and Access Management (IAM) service to authenticate calls to application programming interfaces (APIs) on the cloud.
Access control: You can use IAM permissions, bucket policies, bucket ACLs, and object ACLs to implement refined access control over buckets and objects.
Querying an RBAC Token Function This API is used to obtain an RBAC token based on the IAM token. URI POST /v2/{project_id}/enginemgr/engines/{engine_id}/tokens Table 1 Path parameters Parameter Mandatory Type Description project_id Yes String Project ID, which must be unique.
URI DELETE /v1/instances/{instance_id}/application-instances/{application_instance_id} Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance. application_instance_id Yes String Application instance
