检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Creating a User and Granting Permissions This section describes the fine-grained permissions management provided by IAM for your AOM. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Creating a User and Granting Permissions This section describes the fine-grained permissions management provided by IAM for your Automation. With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise.
Create a user group on the IAM console, and assign the AOM ReadOnlyAccess policy to the group. Create an IAM user. Create a user on the IAM console and add the user to the group created in 1. Log in and verify permissions.
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
For example, to obtain an IAM token in the xxx region, obtain the endpoint of IAM for this region and the resource-path in the URI of the API used to obtain a user token.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. AOM Permissions By default, new IAM users do not have any permissions assigned.
IAM can be used free of charge. You pay only for the resources in your account. For more information, see IAM Service Overview. AOM Permissions By default, new IAM users do not have any permissions assigned.
Solution Contact the administrator (account to which the IAM user belongs) to add the SMN access permission. To add the permission, do as follows: Log in to IAM as the administrator, and add the SMN access permission to the IAM user.
Access Control If you need to assign different permissions to employees in your enterprise to access your AOM resources, IAM is a good choice for fine-grained permissions management. IAM provides identity authentication, fine-grained permissions management, and access control.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. IAM User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Access Control If you need to assign different permissions to employees in your enterprise to access your AOM resources, IAM is a good choice for fine-grained permissions management.
Prerequisites You have been granted AOMFullAccessPolicy, iam:agencies:createAgency, and iam:agencies:deleteAgency permissions. For details about how to grant permissions, see Creating a User Group and Assigning Permissions. Procedure Log in to the AOM 2.0 console.
(Optional) Create IAM users and set permissions. Create IAM users for employees based on the organizational structure of your enterprise, and grant different access permissions to them. (Mandatory) Purchase a cloud host.
Log APIs √: supported; x: not supported Table 1 Log APIs Permission API Action IAM Project Enterprise Project Querying logs POST /v1/{project_id}/als/action aom:log:list √ × Parent topic: Actions Supported by Policy-based Authorization
Solution Log in to the IAM console as an administrator. On the Users page, locate the target username and click Authorize in the Operation column. Select the RBAC authorization model and click Next.
Procedure Log in to the IAM console. In the navigation pane, choose Agencies. On the page that is displayed, click Create Agency in the upper right corner. The Create Agency page is displayed. Set parameters based on Table 1.
Procedure Log in to the IAM console. In the navigation pane, choose Agencies. On the page that is displayed, click Create Agency in the upper right corner. The Create Agency page is displayed. Set parameters by referring to Table 1.
IAM Identity and Access Management (IAM) provides identity authentication, permission management, and access control. IAM can implement authentication and fine-grained authorization for AOM.
IAM Identity and Access Management (IAM) provides identity authentication, permission management, and access control. IAM can implement authentication and fine-grained authorization for AOM.
The API is GET https://{Endpoint}/v3/projects/, where {Endpoint} indicates the Identity and Access Management (IAM) endpoint. For details, see Regions and Endpoints. For details about API authentication, see Authentication.
