检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM Permissions Management Creating a User and Granting Permissions
Parent topic: IAM Permissions Management
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview. DLF Permissions By default, new IAM users do not have permissions assigned.
Only the RESTful requests that have been authenticated by IAM Token are supported. Parameters Table 1, Table 2, and Table 3 describe the parameters of the Rest Client node. Table 1 Parameters of RestAPI nodes Parameter Mandatory Description Node Name Yes Name of the node.
Authorization Scope: A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions supporting both IAM and enterprise projects can be assigned to user groups and take effect in both IAM and Enterprise Management.
For security purposes, create IAM users and grant them permissions for routine management. IAM user An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
IAM The Identity and Access Management (IAM) provides the authentication function for DataArts Factory.
Prerequisites You have obtained the endpoints of IAM and Data Development. For details, see Regions and Endpoints. You have obtained a project ID. For details, see Obtaining a Project ID.
Endpoint indicates the IAM endpoint, which can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response. The value of id is the project ID.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies certain permissions in a computer system. A token specifies temporary permissions in a computer system.
Creating an Agency Log in to the IAM console. Choose Agencies. On the displayed page, click Create Agency. Enter an agency name, Example: DAYUDGC _agency. Set Agency Type to Cloud service. Select DAYUDGC for Cloud Service.
