检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
TMS API Actions Table 1 API actions Permission API Action IAM Project Enterprise Project Querying predefined tags GET /v1.0/predefine_tags tms:predefineTags:list Supported Not supported Creating predefined tags POST /v1.0/predefine_tags/action tms:predefineTags:create Supported Not
If your Huawei Cloud account does not require IAM for permissions management, you can skip this section. IAM can be used free of charge. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.
user name "password": "********", // IAM user password "domain": { "name": "domainname" // Name of the account to which the IAM user belongs } } } },
When calling the Identity and Access Management (IAM) API to obtain a user token, set the scope field to domain. The value of X-Subject-Token in the response header is the user token.
With IAM, you can: Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials, providing access to TMS resources. Grant only the permissions required for users to perform a task.
For details about all system-defined permissions of services supported by IAM, see System-defined Permissions. For more information about fine-grained permissions of each service, see corresponding documentations of each service.
The following is part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
Policies that contain actions only for IAM projects can be used and applied to IAM only. Administrators can check whether an action supports IAM projects or enterprise projects in the action list.
Creating a User and Granting Permissions This section describes how to use IAM to implement fine-grained permissions control for your TMS resources. With IAM, you can: Create IAM users for employees based on your organizational structure.
When calling the Identity and Access Management (IAM) API to obtain a user token, set the scope field to domain. The value of X-Subject-Token in the response header is the user token.
To ensure account security, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account in IAM to use cloud services. Each IAM user has its own identity credentials (password and access keys).
The token obtained from IAM is valid for only 24 hours. If you want to use a token for authentication, you can cache it to avoid frequently calling the IAM API.
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
When calling the Identity and Access Management (IAM) API to obtain a user token, set the scope field to domain. The value of X-Subject-Token in the response header is the user token.
When calling the Identity and Access Management (IAM) API to obtain a user token, set the scope field to domain. The value of X-Subject-Token in the response header is the user token.
When calling the Identity and Access Management (IAM) API to obtain a user token, set the scope field to domain. The value of X-Subject-Token in the response header is the user token.
When calling the Identity and Access Management (IAM) API to obtain a user token, set the scope field to domain. The value of X-Subject-Token in the response header is the user token.
When calling the Identity and Access Management (IAM) API to obtain a user token, set the scope field to domain. The value of X-Subject-Token in the response header is the user token.
You can use IAM to control access to your TMS resources. IAM permissions define which actions on your cloud resources are allowed or denied.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication. The following is an example response.
