检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Obtaining Account, IAM User, Project, User Group, Region, and Agency Information Obtaining Account, IAM User, and Project Information Using the console Your username, user ID, account name, account ID, project name, and project ID need to be specified in the URL and request body for
Which Permissions Are Required for an IAM User to Use FunctionGraph? When logging in to FunctionGraph and adding, deleting, modifying, and querying a function and its triggers as an IAM user, grant permissions to the user group to which the IAM user belongs as required.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is the user token. Content-Type Yes String Message body type (format). Response Parameters None Example Requests Enable asynchronous status notification.
IAM: IAM authentication. Only IAM users are allowed to access the system. The security level is medium. For details, see IAM Authentication. None: No authentication.
IAM: IAM authentication. This mode grants access permissions to IAM users only and is of medium security. For details, see IAM Authentication. None: No authentication. This mode grants access permissions to all users. Select None.
IAM: IAM authentication. This mode grants access permissions to IAM users only and is of medium security. For details, see IAM Authentication. None: No authentication. This mode grants access permissions to all users. Select None.
Access Control IAM is a basic service that provides permissions management. You can create IAM users and configure policies to control their access to cloud resources. For more information about IAM, see IAM Service Overview.
For example, to obtain an IAM token in the AP-Bangkok region, obtain the endpoint of IAM (iam.ap-southeast-2.myhwclouds.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
IAM projects and enterprise projects: Type of projects for which an action will take effect. Policies that contain actions for both IAM and enterprise projects can be used and take effect for both IAM and Enterprise Management.
Table 1 FunctionGraph resources and their paths Resource Type Resource Name Path function Function [Format] FunctionGraph::::function:group/function name [Notes] IAM automatically generates the prefix FunctionGraph:*:*:function: for bucket resource paths.
The following is an example of the description file (YAML): fgs-deploy-test: region: cn-north-4 trigger: triggerTypeCode: APIG status: ACTIVE eventData: name: APIG_test groupName: APIGroup_xxx auth: IAM
Free Tier FunctionGraph offers a free tier for your account, which you can share with your IAM users. Requests: 1 million free requests every month. Execution duration: 400,000 GB-seconds free execution duration every month.
To obtain a token, use the standard API of Identity and Access Management (IAM).
Appendix Status Codes Error Codes Obtaining Account, IAM User, Project, User Group, Region, and Agency Information FunctionGraph Metrics
Create a user group on the IAM console, and assign the FunctionGraph Invoker role to the group. Create an IAM user and add it to the user group. Create a user on the IAM console and add the user to the group created in 1.
Introduction In addition to IAM and app authentication, APIG also supports custom authentication with your own system, which can better adapt to your business capabilities. This chapter guides you through the process of creating a FunctionGraph API that uses a custom authorizer.
IAM user An Identity and Access Management (IAM) user is created using an account to use cloud services. Each IAM user has their own identity credentials (password and access keys). An IAM user can view the account ID and user ID on the My Credentials page of the console.
Figure 1 Content of the credentials.csv file If you do not have access to the console, request the administrator to create an access key for you on the IAM console in case your access key is lost or needs to be reset. For details, see Managing Access Keys for an IAM User.
Creating an Agency Log in to the Identity and Access Management (IAM) console. On the IAM console, choose Agencies from the navigation pane, and click Create Agency in the upper right corner. Figure 2 Creating an agency Configure the agency.
IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.
