检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Related Services IAM DataArts Studio uses Identity and Access Management (IAM) for authentication and authorization.
In this example, you need to grant IAM the permission to query the agency list based on specified conditions. As IAM is a global service, select Global services for Scope. Select Visual editor for Policy View. Configure a policy in Policy Content. Select Allow.
APP: app IAM: IAM APIG: APIG (deprecated) APIGW: APIGW (deprecated) DLM: DataArts DataService (deprecated) ROMA_APIC: ROMA (deprecated) name No String Application name. description No String Application description. apig_type No String Gateway type Enumerated values: APIG: APIG gateway
Mandatory for MRS, GaussDB(DWS), and DLI permission management iam:users:listUsers iam:groups:listGroups iam:users:listUsersForGroup iam:roles:createRole iam:roles:deleteRole iam:roles:updateRole iam:permissions:grantRoleToGroup iam:permissions:listRoleAssignments iam:permissions:
IAM authentication Medium After an API is authorized to an account using an IAM app or whitelist, the user token obtained from IAM is used for security authentication.
Assign the DAYU User system role to the IAM account of the data operations engineer, delete permissions of dependent services from the IAM account, and grant the minimum permissions to the IAM account.
Authorizing API Calling Authorizing an API Which Uses App Authentication to Apps Authorizing an API Which Uses IAM Authentication to Apps Authorizing an API Which Uses IAM Authentication Through a Whitelist Parent topic: Developing APIs in DataArts DataService
IAM authentication: IAM authenticates API requests. This mode is available only for Huawei cloud users. The security level is medium.
Grant the user sufficient permissions on IAM and then perform IAM user synchronization on the Dashboard tab page!". Solution This problem occurs because the user does not have the operation permission on the MRS cluster.
This policy takes effect for the account and IAM users of the account. Parent topic: Consultation and Billing
How Do I Create a Fine-Grained Permission Policy in IAM? How Do I Isolate Workspaces So That Users Cannot View Unauthorized Workspaces? What Should I Do If a User Cannot View Workspaces After I Have Assigned the Required Policy to the User?
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project and its ID from the project list. Parent topic: Configuring DataArts Studio Data Connection Parameters
IAM accounts are classified into the following types: Public IAM accounts: They apply to all jobs in the workspace. For details about how to configure a public IAM account, see Configuring a Public IAM Account. Execution users: They apply only to a single job.
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project and its ID from the project list. - Username Username for accessing CloudTable admin AK AK and SK for accessing CloudTable.
For more information about IAM, see the IAM Service Overview. DataArts Studio supports only system role-based authorization and does not support policy-based authorization.
Part of the response body for the API used to create an IAM user is as follows: { "user": { "id": "c131886aec...
Authorizing Users to Use DataArts Studio Creating an IAM User and Assigning DataArts Studio Permissions Adding a Member and Assigning a Role
Authorizing Users to Use DataArts Studio Creating an IAM User and Assigning DataArts Studio Permissions Adding Workspace Members and Assigning Roles
In the Basic Information area of the Dashboard page, click Synchronize on the right side of IAM User Sync to synchronize IAM users.
In the Basic Information area of the Dashboard page, click Synchronize on the right side of IAM User Sync to synchronize IAM users.
