检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM Identity and Access Management (IAM) provides you with permission management for DSC. Only users who have Tenant Administrator permissions can perform operations such as authorizing, managing, and detect cloud assets using DSC.
When using a token for authentication, cache it to prevent frequently calling the IAM API used to obtain a user token. A token specifies temporary permissions in a computer system.
DSC Permissions and Supported Actions This section describes how to use IAM for fine-grained DSC permissions management. If your Huawei Cloud account does not need individual IAM users, skip over this section. By default, new IAM users do not have any permissions.
Create a user group on the IAM console, and assign the DSC FullAccess permissions to the group. Creating an IAM User. Create a user on the IAM console and add it to the group created in 1. Logging In as an IAM User and verify permissions.
IPv4 address IPv6 address Linux-Passwd file Linux-Shadow file Key information SSL Certificate Access_Key_Id Secret_Access_Key AWS_ACCESS_KEY AWS_SECRET_KEY Facebook_SECRET IAM op_service account and password GitHub_KEY DSA private key EC private key Encryption private key RSA private
Access control DSC supports access control through IAM permissions.
Province (Chinese mainland) L2 Postal code (Chinese mainland) L2 City (Chinese mainland) L2 Municipality (China) L3 Address (Chinese mainland) Key credential information L3 SSL Certificate L3 Access_Key_Id L4 Secret_Access_Key L3 AWS_ACCESS_KEY L4 AWS_SECRET_KEY L4 Facebook_SECRET L4 IAM
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
With IAM, you can create IAM users under your account for your employees, and assign permissions to these IAM users to control their access to DSC resources.
Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
IPv4 address IPv6 address Linux-Passwd file Linux-Shadow file Key credential information SSL certificate Access_Key_Id Secret_Access_Key AWS_ACCESS_KEY AWS_SECRET_KEY Facebook_SECRET IAM op_service account and password GitHub_KEY DSA private key EC private key Encryption private key
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com)) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. Table 3 FormData parameters Parameter Mandatory Type Description file Yes File Image file from which invisible watermarks are to be extracted.
Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
Request Parameters Table 2 Request header parameters Parameter Mandatory Type Description X-Auth-Token Yes String User token, which can be obtained by calling the IAM API (value of X-Subject-Token in the response header).
