检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Creating a User and Granting CPH Permissions This section describes how to use IAM to implement fine-grained permissions control for your CPH resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
You can use your account to create IAM users, and assign permissions to the IAM users to control their access to specific resources. IAM permissions define which actions on your cloud resources are allowed or denied.
Introduction You can use Identity and Access Management (IAM) for fine-grained permissions management of your CPH resources. If your Huawei Cloud account does not need individual IAM users, you can skip this section. New IAM users do not have any permissions assigned by default.
If your Huawei Cloud account does not require individual IAM users for permissions management, you can skip this section. IAM is a free service. You only pay for the resources in your account. For more information about IAM, see What Is IAM?
Delegating CPH to Operate OBS Buckets The administrator can create custom policies on IAM, assign custom policies to OBS buckets for refined access control, and delegate the policies to CPH to back up and restore cloud phone data and install applications.
The token obtained from Identity and Access Management (IAM) is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequently calling the IAM API.
Examples of permission configurations: Granting All Permissions Granting Operation Permissions Granting Read-Only Permissions Granting Permissions to Perform Specified Operations Granting All Permissions If you grant the all permissions of CPH to IAM users, grant the CPH FullAccess
name "password": "********", // IAM user password "domain": { "name": "domainname" //Name of the account to which the IAM user belongs } } } }, "scope"
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token. Table 3 Request body parameters Parameter Mandatory Type Description phone_name Yes String Specifies the cloud phone name.
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token.
Before authorizing CPH to create an agency, ensure that your login user has the Security Administrator permissions or the fine-grained iam:agencies:createAgency permissions. For more information, see Permissions Management.
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
It can be obtained by calling an Identity and Access Management (IAM) API. The value of X-Subject-Token in the response header is the user token.
