检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Obtaining Account, IAM User, Group, Project, Region, and Agency Information Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies temporary permissions in a computer system.
Appendix Status Code Error Codes Obtaining a Project ID Obtaining an Enterprise Project ID Obtaining a Firewall ID Obtaining Account, IAM User, Group, Project, Region, and Agency Information Region Information
For details about how to create and grant permissions to a user group using IAM, see Creating a User Group and Assigning Permissions. For details about how to grant permissions to a user using IAM, see Assigning Permissions to an IAM User.
If your Huawei Cloud account does not need individual IAM users, then you may skip over this section. By default, new IAM users do not have any permissions assigned. You need to add a user to one or more groups, and assign permissions policies to these groups.
User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys). Region Regions are divided based on geographical location and network latency.
If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see What Is IAM?
With IAM, you can: Create IAM users for employees in different departments based on your organizational structure. Each IAM user has their own security credentials used to access CFW resources. Grant only the permissions required for users to perform a task.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Related Services IAM Identity and Access Management (IAM) provides the permission management function for CFW. Only users who have Tenant Administrator permissions can perform operations such as authorizing, managing, and detect cloud assets using CFW.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication.
Identity Authentication and Access Control CFW works with Identity and Access Management (IAM). IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
