检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM Permissions Management Creating a User and Assigning Permissions Creating a Custom Policy Parent topic: Working with GeminiDB Redis API
Parent topic: IAM Permissions Management
Creating a User Group and Assigning Permissions This section describes how to use IAM to control fine-grained permissions for your GeminiDB resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Creating a User Group and Assigning Permissions This section describes how to use IAM to control fine-grained permissions for your GeminiDB resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Creating a User and Assigning Permissions This section describes how to use IAM to control fine-grained permissions for your GeminiDB resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Policies that only contain actions for IAM projects can be used and only take effect for IAM. For the differences between IAM and enterprise projects, see Differences Between IAM and Enterprise Management.
"nosql:instance:delete", "vpc:publicIps:list", "vpc:publicIps:update" ], "Effect": "Allow" } ] } Parent topic: IAM
users: Creating a custom policy: iam:agencies:listAgencies iam:agencies:createAgency iam:permissions:listRolesForAgencyOnProject iam:permissions:grantRoleToGroupOnProject iam:roles:listRoles iam:roles:createRole Adding system role Security Administrator: Select a user group to which
Making an API Request This section describes the structure of a REST API, and uses the IAM API for obtaining a user token as an example to describe how to call an API. The obtained token is used to authenticate the calling of other APIs.
The token obtained from IAM is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequently obtaining the token.
Figure 8 Viewing permissions Step 2: Create an IAM User IAM users can be created for employees or applications of an enterprise. Each IAM user has their own security credentials, and inherits permissions from the groups it is a member of.
Log in to the IAM console using a Huawei Cloud account or as an IAM user, locate the IAM user that the target instance belongs to, and add it to the user group created in 3. The IAM user will inherit permissions of the user group.
Log in to the IAM console using a Huawei Cloud account or an IAM account, locate the IAM user that the target instance belongs to, and add it to the user group created in 2. The IAM user will inherit permissions of the user group.
You can create IAM users and use them to manage GeminiDB resources. When you log in using an IAM user, password authentication is required. For details, see Step 2: Create IAM Users and Log In.
IAM User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys). API authentication requires information such as the account name, username, and password.
IAM Identity and Access Management (IAM) provides permission management for GeminiDB. TMS Tag Management Service (TMS) enables you to use tags to manage resources on the management console.
API Action IAM Project Enterprise Project Querying regions where a dual-active relationship can be created between two instances GET /v3/{project_id}/instances/{instance_id}/disaster-recovery/regions nosql:instance:list √ √ Table 8 Task management Permission API Action IAM Project
Working with GeminiDB Redis API IAM Permissions Management Buying an Instance Connecting to an Instance Instance Statuses Instance Lifecycle Management Instance Changes Audit Instance Sessions Account and security Diagnosis Analysis Monitoring and Alarm Configuration Data Backup Data
Configuring the Required Permissions If you have an IAM account, assign DAS FullAccess permissions to all users of the account. For details, see Create User Groups and Assign Permissions.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
