检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
name "password": "********", // IAM user password "domain": { "name": "domainname" // Name of the account to which the IAM user belongs } } } }, "scope
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
- target iam sk Secret access key in the disaster recovery region - Parent Topic: Managing Clients
Creating a User and Granting SDRS Permissions You can use IAM for fine-grained permissions control on SDRS resources. With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure.
If the CBR FullAccess permissions have been assigned to IAM users, enterprise projects will not be displayed for you to choose from when you create a vault. Go to the Enterprise Project Management console and assign the CBR FullAccess permissions to the target user group.
For example, to obtain an IAM token in the CN-Hong Kong region, obtain the endpoint of IAM (iam.ap-southeast-1.myhuaweicloud.com) for this region and the resource-path (/v3/auth/tokens) in the URI of the API used to obtain a user token.
The validity period of a token obtained from IAM is 24 hours. If you want to use a token for authentication, cache it to avoid frequently calling the IAM API.
With IAM, you can use your HUAWEI ID to create IAM users, and assign permissions to the users to control their access to specific resources. If your HUAWEI ID does not require individual IAM users for permissions management, skip this section. IAM is a free service.
- source/target iam ak Access key ID of the region where the disaster recovery site server resides Obtain AK/SK by referring to How Do I Obtain an Access Key (AK/SK)?
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
