检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
This capability depends on the new IAM, requiring you to adopt the IAM 5.0 permission model. Exercise caution when selecting this capability.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. Ensure that the token is valid while you use it. Using a token that will soon expire may cause API calling failures.
Figure 1 Node labeling error Possible Causes You are using the IAM 5.0 permission model, which offers enhanced permission control. You need to manually authorize the IAM 5.0 agency on Cloud Container Engine (CCE).
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
How Do I Use the New IAM Edition to Isolate Permissions by Enterprise Project? Does CodeArts PerfTest Support Windows Server 2016 Standard (64-bit)?
For example, you have obtained the IAM endpoint (iam.xxx.com) of a region and found resource-path (/v3/auth/tokens) in the URI of the API that is used to obtain a user token.
Create a user group on the IAM console and assign the CodeArts PerfTest Administrator permissions to the group. Create an IAM user. Create a user on the IAM console and add the user to the group created in 1. Log in and verify permissions.
Fine-grained permissions: IAM fine-grained authorization is required for operations such as querying tenant projects, setting project creators, and managing tenant project members. Parent topic: Security
To obtain an account ID, perform the following operations: Log in to the Identity and Access Management (IAM) console. Move the cursor to the username in the upper right corner and choose My Credentials from the drop-down list. On the API Credentials page, view Account ID.
IAM helps you secure access to your cloud resources. With IAM, you can create IAM users and grant them permission to access only specific resources.
If your Huawei Cloud account does not need individual IAM users, then you may skip this chapter. By default, new IAM users do not have any permissions assigned.
The API used to obtain a project ID is GET https://{Endpoint}/v3/projects/, where {Endpoint} indicates the IAM endpoint. You can obtain the IAM endpoint from Regions and Endpointsthe administrator. For details about API authentication, see Authentication.
The descriptions below are about granting required permissions to IAM users under an account. Granting Required Permissions to IAM Users Log in to the IAM console as the account administrator and assign the following permissions to IAM users.
