检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
In the Management Information area of the Basic Information tab page, view the IAM agency bound to the ECS. Log in to the Identity and Access Management (IAM) console. Choose Agencies and click the agency obtained in 3.c.
Assigning Permissions to ServiceStage-Dependent Services Assigning CCE Namespace Permissions You can assign only common operation permissions on CCE cluster resources to the ServiceStage user group using IAM, excluding the namespace permissions of the clusters with Kubernetes RBAC
In the Management Information area of the Basic Information tab page, view the IAM agency bound to the ECS. Log in to the Identity and Access Management (IAM) console. Choose Agencies and click the agency obtained in 3.c.
Creating a User and Granting ServiceStage Permissions You can use Identity and Access Management (IAM) for fine-grained permissions control for your ServiceStage. With IAM, you can: Create IAM users for personnel based on your enterprise's organizational structure.
{"errorCode":"401002","errorMessage":"Request unauthorized","detail":"Get service token from iam proxy failed,{\"error\":\"get project token from iam failed. error:http post failed, statuscode: 400\"}"} Checking method: Check whether the project information in the microservice.yaml
Different IAM users under the same account can perform operations on the same cluster.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User A user is created in Identity and Access Management (IAM) to use cloud services.
Replace the fields in bold with the actual values. accountid: ID of the account to which the IAM user belongs. username: IAM username to be created. email: email address of the IAM user. ********: login password of the IAM user.
The API used to obtain a project ID is GET https://{Endpoint}/v3/projects/, where {Endpoint} indicates the IAM endpoint. You can obtain the IAM endpoint from Regions and Endpoints. For details on API calling authentication, see Authentication.
Log in to Huawei Cloud as an IAM user.
To achieve this result, you can create IAM users for the software developers and grant them only the permissions required for using ServiceStage resources. For more information about IAM, see IAM Service Overview.
Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management. Policies that contain actions only for IAM projects can be used and applied to IAM only.
The same IAM user can join different organizations. Different permissions, namely read, write, and manage, can be assigned to different IAM users in the same account.
IAM helps you secure access to your cloud resources. With IAM, you can create IAM users and grant them permission to access only specific resources.
For the API for creating an IAM user as an administrator, the following message body is returned. The following describes part of the response body. { "user": { "id": "c131886aec...
After CTS is enabled, you can view Viewing IAM Audit Logs. CTS stores operation logs of the last seven days. For details about ServiceStage operations that can be tracked by CTS, see ServiceStage Operations That Can Be Recorded by CTS.
Adding Image Permissions To allow IAM users of your account to read, write, and manage a specific image, add the required permissions to the IAM users on the details page of this image.
You can create up to 1000 accounts, including new accounts and imported IAM account. Importing an IAM Account Imports an IAM account and associates roles with it. Users using this IAM account have the access and operation permissions on the microservice engine.
To operate a microservice engine on CSE, you must have both the IAM and RBAC permissions, and the IAM permission takes precedence over the RBAC permission.
With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials for access to ServiceStage resources. Grant only the permissions required for users to perform a task.
