检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing CDM resources. Grant only the permissions required for users to perform a specific task.
CDM can be shared only by IAM users of the same tenant. Parent topic: General
For example, the endpoint of IAM in region CN-Hong Kong is iam.ap-southeast-1.myhuaweicloud.com.
For more information about IAM, see What Is IAM?. CDM Permissions By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and attach permissions policies or roles to these groups.
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project ID from the project list. Obtaining a Project ID by Calling an API You can obtain the project ID by calling the API to query project information.
IAM or enterprise projects: Type of projects for which an action will take effect. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
CDM Security Conclusion Access Control Only tenants authorized by Identity and Access Management (IAM) can access the CDM console and APIs. In push-pull mode, CDM does not have any listening port enabled in the VPC. For that reason, tenants cannot access instances from the VPC.
For security purposes, create IAM users and grant them permissions for routine management. IAM user An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Your account receives and pays all bills generated by your IAM users' use of resources. To log in to the management console using an account, choose Account Login. IAM User IAM users are created by an account to use cloud services.
For more information about IAM, see IAM Service Overview. You can grant users permissions by using roles and policies. Roles: A type of coarse-grained authorization mechanism that defines permissions related to user responsibilities.
Quotas CDM uses the following infrastructure resources: ECS VPC EIP Simple Message Notification (SMN) IAM For details about how to view and modify the quota, see Quotas.
Authentication If IAM authentication is enabled for the CloudTable cluster to be connected, set this parameter to Yes.
Related Services IAM Your registered cloud account has full access to its resources and cloud services.
An IAM user can pass the authentication and access DataArts Studio through an API or SDK only if Programmatic access is selected for Access Type during the creation of the IAM user. Token-based Authentication The validity period of a token is 24 hours.
With CTS, you can monitor high-risk and sensitive operations related to IAM in real time. If you perform such an operation when using CDM, CTS sends a notification to subscribers. Parent topic: Security
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project and its ID from the project list. - Batch Size Number of rows written each time.
Other IAM users of the a Huawei account cannot view or operate the migration jobs and links in the cluster. Starting jobs by group will run all jobs in the group.
If CDM is an independent service, perform the following operations: Check whether IAM fine-grained authentication is enabled. If it is disabled, check whether the CDM Administrator role has been added to the user group. If it is enabled, go to 2.
It can be obtained by calling the IAM API (value of X-Subject-Token in the response header). Table 3 Request body parameters Parameter Mandatory Type Description stop Yes stop object Cluster stop operation. For details, see the descriptions of stop parameters.
This parameter is mandatory for the CloudTable link. linkConfig.iamAuth Yes Boolean If you choose IAM for identity authentication, enter the username, AK, and SK. linkConfig.runMode Yes Enumeration Running mode of the HBase link.
