检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing GaussDB resources. Grant only the permissions required for users to perform a specific task.
iam:roles:listRoles, and iam:agencies:pass actions.
IAM projects or enterprise projects: Type of projects in which policies can be used to grant permissions. A policy can be applied to IAM projects, enterprise projects, or both.
IAM users can use GaussDB resources only after their accounts and passwords are verified. For details, see Step 2: Create IAM Users and Log In.
Supported: IAM projects Supported: Enterprise projects GET /v3/{project_id}/storage-type?
Search for and access the IAM service. On the displayed page, click Create User to create an IAM user, set the IAM password, and grant the permission to use DEW to the IAM user. Log in as the new user.
Search for and access the IAM service. On the displayed page, click Create User to create an IAM user, set the IAM password, and grant the permission to use DEW to the IAM user. Log in as the new user.
Search for Identity and Access Management (IAM) on the Huawei Cloud official website. On the page that is displayed, click Create User, set the IAM password for the IAM user, and grant the data encryption workshop (DEW) permission to the new IAM user.
Search for Identity and Access Management (IAM) on the Huawei Cloud official website. On the page that is displayed, click Create User, set the IAM password for the IAM user, and grant the data encryption workshop (DEW) permission to the new IAM user.
When gsql is used: gaussdb=# \key_info keyType=huawei_kms,iamUrl=https://iam.xxx.com/v3/auth/tokens,iamUser={IAM username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project},iamCaCert=/Path/IAM CA certificate file,kmsCaCert=/Path/KMS CA certificate file
{example.com/v3/auth/tokens," + "iamUser={IAM username}," + "iamPassword={IAM user password}," + "iamDomain={Account name}," + "kmsProject={Project}," + "iamCaCert=/Path/IAM CA certificate file," + "kmsCaCert=/Path/KMS CA certificate file"); conn.setProperty("
username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project} Parameters: For details about how to obtain related parameters, including the IAM server address, IAM username, IAM user password, account name, and project, see the master key generation phase
username},iamPassword={IAM user password},iamDomain={Account name},kmsProject={Project} Parameters: For details about how to obtain related parameters, including the IAM server address, IAM username, IAM user password, account name, and project, see the master key generation phase
server address, IAM username, IAM user password, account name, and project, see the master key generation phase.)
In the Huawei Cloud scenario, enter the IAM service domain name (iam.cn-north-4.myhuaweicloud.com/v3/auth/tokens) and KMS domain name (kms.cn-north-4.myhuaweicloud.com/v1.0).
In the Huawei Cloud scenario, enter the IAM service domain name (iam.cn-north-4.myhuaweicloud.com/v3/auth/tokens) and KMS domain name (kms.cn-north-4.myhuaweicloud.com/v1.0).
You can obtain the token by calling the IAM API used to obtain a user token. After the request is processed, the value of X-Subject-Token in the message header is the token value. X-Language No String Language.
You can obtain the token by calling the IAM API used to obtain a user token. After the request is processed, the value of X-Subject-Token in the message header is the token value. X-Language No String Language.
You can obtain the token by calling the IAM API used to obtain a user token. After the request is processed, the value of X-Subject-Token in the message header is the token value. X-Language No String Language.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
