检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Granting Permissions to IAM Users Creating Users and Assigning DLV Permissions Parent topic: Preparatory Work
Parent topic: Granting Permissions to IAM Users
You can use the Huawei Cloud account or an IAM user in your account to access DLV. With IAM, you can create IAM users in your account and grant them custom permissions to manage and use resources under your account.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see the IAM Service Overview. DLV Permissions By default, new IAM users do not have permissions assigned.
For security purposes, create IAM users and grant them permissions for routine management. IAM User An IAM user is created by an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
User who has the Tenant Administrator permission The Tenant Administrator permission has all cloud service administrator permissions except the IAM management permission. For security purposes, you are not advised to grant this permission to IAM users.
The Tenant Administrator permission has all cloud service administrator permissions except the IAM management permission. For security purposes, you are not advised to grant this permission to IAM users. Exercise caution when performing this operation.
Preparatory Work Registering Accounts and Performing Real-Name Authentication (Optional) Creating Workspaces Granting Permissions to IAM Users
The Tenant Administrator permission has all cloud service administrator permissions except the IAM management permission. For security purposes, you are not advised to grant this permission to IAM users. Exercise caution when performing this operation.
Prerequisite You have obtained the endpoints of IAM and endpoints of DLV. You have obtained project IDs. For details about project IDs, see Obtaining a Project ID.
You can import screens exported by one account or IAM user to DLV purchased by another user.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is a response example.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies temporary permissions in a computer system.
