检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Cause Analysis The IAM permission has been modified. The permission in the browser cache is inconsistent with that on the backend server. Solution Log in to the console and deploy the application again. Parent topic: FAQs About ServiceStage
Making an API Request This section describes the structure of a REST API request, and calls the IAM API for obtaining a user token as an example. The obtained token can then be used to authenticate the calling of other APIs.
Edit the application, select Authorized User, and create an authorized IAM user. In the displayed Create Service Endpoint: IAM dialog box, enter the AK ID/SK of the account authorized to deploy CCE.
If the current tenant does not have the FunctionGraph operation permission, select IAM authorization for deployment. Other tenant: The software package is deployed and published in the FunctionGraph of another tenant in IAM authorization mode.
IAM authorization If the current user does not have the FunctionGraph operation permissions, you can use IAM to authorize the user. Function Functions created in FunctionGraph. For details, see FunctionGraph Usage Process.
Cause Analysis Scenario 1: When IAM authorization is performed during application deployment, the current user (role) is not granted the view permission for a high-privilege user's service endpoint instance.
For security purposes, create IAM users and grant them permissions for routine management. User A user is created using a domain to use cloud services. Each user has its own identity credentials (password and access keys).
Other: The software package is deployed and published in the CCE cluster of another tenant in IAM authorization mode. If you select Other, you must select an authorized tenant to deploy the CCE cluster.
When using a token for authentication, cache it to prevent frequently calling the IAM API for obtaining a user token. A token specifies temporary permissions in a computer system.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
Other: The software package is deployed and published in the CCE cluster of another tenant in IAM authorization mode. If you select Other, you must select an authorized tenant to deploy the CCE cluster.
Other: The software package is deployed and published in the CCE cluster of another tenant in IAM authorization mode. If you select Other, you must select an authorized tenant to deploy the CCE cluster.
Ensure that the target host cluster exists and try again. 403 Deploy.00021485 IAM authentication failed. IAM authentication failed. Check whether you have the required IAM permissions. Parent topic: Appendixes
Other tenant: The software package is deployed in the CCE cluster of another tenant for release in IAM authorization mode. If you select Other tenant, you must select an authorized tenant to deploy the CCE cluster. Select Current tenant.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
