检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing DMS for Kafka resources.
To achieve fine-grained management of your cloud resources, create Identity and Access Management (IAM) user groups and users and grant specified permissions to the users. For more information, see Creating a User and Granting DMS for Kafka Permissions. Create a VPC and subnet.
To ensure account security, create Identity and Access Management (IAM) users and grant them permissions for routine management. IAM user An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Prerequisites IAM endpoint obtained from Regions and Endpoints. Kafka endpoint obtained from Regions and Endpoints.
Use actual values in the bold fields. accountid indicates the account ID of the IAM user. username indicates the username of the IAM user to be created. email indicates the email of the IAM user. ********** indicates the password of the IAM user.
IAM projects or enterprise projects: A custom policy can be applied to IAM projects or enterprise projects or both. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
If your HUAWEI ID does not require individual IAM users for permissions management, skip this section. IAM is a free service. You only pay for the resources in your account. For more information, see IAM Service Overview. Permissions policies of DMS for Kafka are based on DMS.
The API used to obtain a project ID is GET https://{Endpoint}/v3/projects, where {Endpoint} indicates the IAM endpoint. You can obtain the IAM endpoint from Regions and Endpoints. For details on API calling authentication, see Authentication.
Figure 1 Process of using Kafka Creating an IAM User and Granting DMS for Kafka Permissions Create IAM users and grant them only the DMS for Kafka permissions required to perform a given task based on their job responsibilities.
Figure 1 shows the response header for the API of creating an IAM user.
Identity and Access Management (IAM) IAM enables you to easily manage users and control their access to cloud services and resources. Grant different users different Kafka permissions required to perform a given task based on their job responsibilities.
To better isolate and manage permissions, you are advised to configure an independent IAM administrator and grant them the permission to manage IAM policies. The IAM administrator can create different user groups based on your service requirements.
DMS for Kafka uses IAM to provide three identity authentication modes: passwords, access keys, and temporary access keys. Login protection and login authentication policies are also provided.
Permissions Management Creating an IAM User and Granting DMS for Kafka Permissions
"password": $ADMIN_PASS, //IAM password. For security, you are advised to store it in ciphertext in the configuration file or environment variable.
