检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Check item 2: Check whether the permissions of the IAM user are insufficient. If the instance is purchased by using an IAM user, obtain permissions by following instructions in Permissions Management. Check item 3: Check the details error information. Log in to the BCS console.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies temporary permissions in a computer system.
Creating a User and Granting BCS Permissions This section describes how to use IAM to implement fine-grained permissions control for your BCS resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Prerequisites Only IAM users with robust permissions can subscribe to BCS instances. For details, see Permissions Management. You can create a user group, grant permissions to the user group, and then add the user to the user group.
You can obtain the token by calling the IAM API used to obtain a user token. Table 3 Request body parameters Parameter Mandatory Type Description org_name Yes String Organization name. You can enter only one organization name. peers Yes Integer Number of peers to be removed.
You can obtain the token by calling the IAM API used to obtain a user token. Table 3 Request body parameters Parameter Mandatory Type Description type Yes String Entity type. Options: org (peer organization) plugin (add-on) Default value: org. entity_name No String Entity name.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. IAM user A user is created in IAM to use cloud services. Each user has its own identity credentials (password and access keys).
For example, to obtain an IAM token in the CN North-Beijing1 region, obtain the endpoint of IAM (iam.cn-north-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token through password authentication.
Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management. Policies that only contain actions for IAM projects can be used and applied to IAM only.
You can obtain the token by calling the IAM API used to obtain a user token. Table 3 Request body parameters Parameter Mandatory Type Description org_names Yes Array of strings Organization name list.
You can obtain the token by calling the IAM API used to obtain a user token. Response Parameters Status code: 200 Table 3 Response body parameters Parameter Type Description operation_id String Request result.
You can obtain the token by calling the IAM API used to obtain a user token. Table 3 Request body parameters Parameter Mandatory Type Description time_range No String Value range of metrics. metric_names No Array of strings Metrics.
With IAM, you can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources.
You can obtain the token by calling the IAM API used to obtain a user token. Table 3 Request body parameters Parameter Mandatory Type Description type Yes String Entity type.
After you set any action, the permissions for the action will be granted to the IAM user.
Table 1 Actions and system permissions of enhanced Hyperledger Fabric blockchains Item API Action IAM (Project) Enterprise (Enterprise Project) Querying Quotas GET /v2/{project_id}/quotas bcs:fabricInstance:listQuota √ √ Querying Flavors GET /v2/{project_id}/blockchains/flavors bcs
You can obtain the token by calling the IAM API used to obtain a user token. Table 3 Request body parameters Parameter Mandatory Type Description metric_names No Array of strings Metrics.
You can obtain the token by calling the IAM API used to obtain a user token. Table 3 Request body parameters Parameter Mandatory Type Description metric_names No Array of strings Metrics.
Table 4 InvitationDetail Parameter Mandatory Type Description invited_user Yes String IAM user name of the invitee. status No String Invitation status. The options are as follows: quit, waiting, reject, and released. Invitation in other states cannot be deleted.
Obtain the Security Administrator permission on the IAM console before granting BCS permissions. For details, see Creating a User Group and Assigning Permissions. Parent topic: Permissions Management
