检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Granting LTS Permissions to IAM Users You can use Identity and Access Management (IAM) for fine-grained permissions control for your LTS. With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure.
Ingesting Logs to LTS Across IAM Accounts If you choose Cross-Account Ingestion - Log Stream Mapping as the log ingestion type, you can create an agency to map the log stream of the delegator account to that of the delegated account.
Replace the fields in bold with the actual values. accountid: ID of the account to which the IAM user belongs. username: username of the IAM user to be created. email: email address of the IAM user. **********: password of the IAM user.
When installing ICAgent, you can create an IAM agency, and ICAgent will automatically obtain an AK/SK pair and generate the ICAgent installation command. Creating an Agency Log in to the IAM console. In the navigation pane, choose Agencies.
IAM or enterprise projects: Type of projects for which permissions can be granted. Policies that contain actions for both IAM and enterprise projects take effect for both IAM and Enterprise Management. Policies that only contain actions for IAM projects take effect only for IAM.
IAM helps you secure access to your LTS resources. With IAM, you can create IAM users and grant them permission to access only specific resources.
Create an IAM user (for example, UserB) on the IAM console and add the user to GroupC by referring to Adding Users to a User Group. Ensure that the IAM user can use LTS through programmatic access or on the console.
Create an IAM user (for example, UserB) on the IAM console and add the user to GroupC by referring to Adding Users to a User Group. Ensure that the IAM user can use LTS through programmatic access or on the console.
The token obtained from Identity and Access Management (IAM) is valid for only 24 hours. If you want to use the same token for authentication, cache it to avoid frequent calling of the IAM API.
Access Control To assign different LTS access permissions to employees in your enterprise, IAM is a good choice for refined permissions management.
AOM Identity and Access Management (IAM) allows you to grant LTS permissions to IAM users under your account. IAM
For the API for creating an IAM user as an administrator, the following message body is returned. The following is part of the response body: { "user": { "id": "c131886aec...
Log Ingestion Overview Using ICAgent to Collect Logs Ingesting Cloud Service Logs to LTS Using APIs to Ingest Logs to LTS Ingesting Logs to LTS Across IAM Accounts Using Kafka to Report Logs to LTS Using Flume to Report Logs to LTS
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Usage Overview Usage Function Support Login Without Huawei Account Development Workload Account Permission Huawei Cloud console All LTS functions Not supported None Huawei Cloud IAM Embedding the LTS Log Query Page into a User-built System All functions on the LTS console The iframe
Prerequisites If the IAM users under your account want to use LTS, you need to grant them the permissions required. For details, see Granting LTS Permissions to IAM Users. Creating a Log Group Log in to the LTS console. On the Log Management page, click Create Log Group.
By setting enterprise projects for log streams, you can set different log stream access permissions for different Identity and Access Management (IAM) users.
Log search and analysis Embedding the LTS Log Query Page into a User-built System This practice describes how to use the federation proxy mechanism of Identity and Access Management (IAM) for custom identity broker and embed a login link to your systems so you can view LTS logs in
For details about how to grant permissions, see Creating an IAM User and Granting Organizations Permissions.
Inherited Installation (Linux) Batch Inherited Installation (Linux) Initial Installation (Linux) If you set Installation Mode to Create an agency, you need to create an IAM agency in advance. Log in to the IAM console. In the navigation pane, choose Agencies.
