检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Why Can't an IAM User Log In to the VOD Console After Obtaining the VOD FullAccess Permission? The authorization is refined by role and policy. Therefore, an IAM user needs to obtain the system role permission before logging in to the VOD console.
Why Can't an IAM User View Media Files Uploaded by the Account on the Console? It is possible is that you use the system policy to isolate media. The IAM user and the account are not in the same group. You are advised to add the IAM user to the group of the account.
Associated Cloud Service Permission IAM iam:roles:listRoles iam:roles:createRole iam:agencies:listAgencies iam:agencies:createAgency iam:permissions:checkRoleForAgency iam:permissions:grantRoleToAgency After creating an agency, IAM users can configure certificates for domain names
This setting takes effect for the account and IAM users under the account.
The project ID used to call the IAM API for obtaining the token is different from that used for calling the VOD API. You can call the VOD API by referring to Getting Started. Parent topic: APIs and SDKs
name "password": $ADMIN_PASS, //IAM user password.
The region where an IAM API is called must be the same as the region where a VOD API is called.
Create a user group on the IAM console, and attach the VOD Guest policy to the group. Create an IAM user. Create a user on the IAM console and add the user to the group created in 1. Log in and verify permissions.
For security purposes, create IAM users and grant them permissions for routine management. IAM user An IAM user is created using an account to use cloud services. Each IAM user has its own identity credentials (password and access keys).
Creating a User and Assigning VOD Permissions This section describes how to use IAM to implement fine-grained permissions management on your VOD resources. With IAM, you can: Create IAM users for employees from different departments of your organization.
You can use IAM to perform refined permission management on VOD. Different permissions are set for users based on their responsibilities. VOD also supports media file isolation.
Call the IAM API for Obtaining a Temporary Access Key and Security Token Through a Token. If 404 is returned when you obtain a temporary access key and securityToken through a token, MFA verification may have been enabled for your account.
Why Can't an IAM User Log In to the VOD Console After Obtaining the VOD FullAccess Permission?
The following shows part of the response body for the API used to create an IAM user. { "user": { "id": "c131886aec...
IAM is a global service. You can create an IAM user using the endpoint of IAM in any region.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. Authorization No String Authentication information. This parameter is mandatory for AK/SK authentication.
Identity and Access Management (IAM) Create User Groups and Assign Permissions Create IAM Users and Log In Authorizing VOD to host media files in OBS buckets Object Storage Service (OBS) Creating a Bucket Uploading an Object
Access Control VOD supports access control based on IAM permissions and URL validation. Table 1 VOD access control Method Description Details IAM permission control for VOD IAM permissions define which actions on your cloud resources are allowed or denied.
With IAM, you can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources.
