检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Creating a User and Granting SMN Permissions Use IAM to implement fine-grained permissions control over your SMN resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
You can use IAM to control access to your SMN resources. IAM permissions define which actions on your cloud resources are allowed or denied.
If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.
IAM or enterprise projects: type of projects for which an action will take effect. Policies that contain actions for both IAM and enterprise projects can be used and applied for both IAM and Enterprise Management.
The token obtained from IAM is valid for only 24 hours. If you want to use one token for authentication, you can cache it to avoid frequently calling the IAM API.
The following is part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
name "password": $ADMIN_PASS, //IAM user password.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Message Publishing Permission API Action IAM Project Enterprise Project Publishing a message POST /v2/{project_id}/notifications/topics/{topic_urn}/publish smn:topic:publish √ × Parent topic: Permissions Policies and Supported Actions
Sending an Application Message (Deprecated) Permission API Action IAM Project Enterprise Project Sending an application message POST /v2/{project_id}/notifications/endpoints/{endpoint_urn}/publish smn:application:publish √ √ Parent topic: Permissions Policies and Supported Actions
All regions Creating Enterprise Projects Permissions Management Use IAM to implement fine-grained permissions control over your Direct Connect resources. With IAM, you can: Create IAM users for employees based on your enterprise's organizational structure.
Users are specified in the following format: urn:csp:iam::domainId:root.domainId indicates the account IDs of the users. You only need to enter the account ID and click OK. The system completes all other required information for you.
Topic Operations Permission API Action IAM Project Enterprise Project Creating a topic POST /v2/{project_id}/notifications/topics smn:topic:create √ √ Querying a topic GET /v2/{project_id}/notifications/topics smn:topic:list √ √ Updating a topic PUT /v2/{project_id}/notifications/
Template Operations Permission API Action IAM Project Enterprise Project Creating a message template POST /v2/{project_id}/notifications/message_template smn:template:create √ × Querying a message template GET /v2/{project_id}/notifications/message_template smn:template:list √ × Modifying
Tag Operations Permission API Action IAM Project Enterprise Project Adding a resource tag POST /v2/{project_id}/{resource_type}/{resource_id}/tags smn:tag:create √ √ Updating a tag - smn:tag:update √ √ Deleting a resource tag DELETE /v2/{project_id}/{resource_type}/{resource_id}/tags
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token.
Application Operations (Deprecated) Permission API Action IAM Project Enterprise Project Creating a platform application POST /v2/{project_id}/notifications/applications smn:application:create √ √ Querying platform applications GET /v2/{project_id}/notifications/applications?
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
It can be obtained by calling an IAM API. The value of X-Subject-Token in the response header is the user token. Response Parameters Status code: 200 Table 3 Response body parameters Parameter Type Description request_id String Specifies the request ID, which is unique.
