检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Obtaining Account, IAM User, Group, Project, Region, and Agency Information Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
Create a user group on the IAM console, and attach the CFW ReadOnlyAccess policy to the group. Creating an IAM User. Create a user on the IAM console and add the user to the group created in 1. Log in and verify permissions.
Identity Authentication and Access Control CFW works with Identity and Access Management (IAM). IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see What Is IAM?
Related Services Identity and Access Management (IAM) Identity and Access Management (IAM) provides the permission management function for CFW.
If your Huawei Cloud account does not need individual IAM users, then you may skip over this section. By default, new IAM users do not have any permissions assigned. You need to add a user to one or more groups, and assign permissions policies to these groups.
Appendix Status Code Error Codes Obtaining a Project ID Obtaining an Enterprise Project ID Obtaining a Firewall ID Obtaining a User Token Obtaining Account, IAM User, Group, Project, Region, and Agency Information Region Information
User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys). Region Regions are divided based on geographical location and network latency.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies temporary permissions in a computer system.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
