检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
In this example, you need to grant IAM the permission to query the agency list based on specified conditions. As IAM is a global service, select Global services for Scope. Select Visual editor for Policy View. Configure a policy in Policy Content. Select Allow.
Related Services IAM DataArts Studio uses Identity and Access Management (IAM) for authentication and authorization.
For details, see Creating an IAM User and Assigning DataArts Studio Permissions. Preparations Enable notebooks. If notebooks are disabled, enable them by referring to Managing Notebooks. Create an OBS bucket. Create a VPC, a subnet, and a security group.
Enumerated values: APP: app IAM: IAM APIG: APIG (discarded) APIGW: APIGW (deprecated) DLM: DataArts DataService (deprecated) ROMA_APIC: ROMA (deprecated) Status code: 400 Table 5 Response body parameters Parameter Type Description error_code String Error code. error_msg String Error
Mandatory for MRS, GaussDB(DWS), and DLI permission management iam:users:listUsers iam:groups:listGroups iam:users:listUsersForGroup iam:roles:createRole iam:roles:deleteRole iam:roles:updateRole iam:permissions:grantRoleToGroup iam:permissions:listRoleAssignments iam:permissions:
Mandatory for MRS, GaussDB(DWS), and DLI permission management iam:users:listUsers iam:groups:listGroups iam:users:listUsersForGroup iam:roles:createRole iam:roles:deleteRole iam:roles:updateRole iam:permissions:grantRoleToGroup iam:permissions:listRoleAssignments iam:permissions:
You have created an IAM user and granted the DataArts Studio permissions to the user. For details, see Creating an IAM User and Assigning DataArts Studio Permissions.
IAM authentication Medium After an API is authorized to an account using an IAM app or whitelist, the user token obtained from IAM is used for security authentication.
Figure 20 Adding a member Add the create IAM user to the workspace and click OK. Account Type: Select Add User. Member Account: Select the IAM user created in Creating an IAM User and Adding It to the User Group. Role: Select the role.
Authorizing API Calling Authorizing an API Which Uses App Authentication to Apps Authorizing an API Which Uses IAM Authentication to Apps Authorizing an API Which Uses IAM Authentication Through a Whitelist Parent topic: Developing APIs in DataArts DataService
The IAM system roles of DataArts Studio include DAYU Administrator, DataArts Studio User, and DAYU User. The workspace roles are assigned based on the IAM role DAYU User or DataArts Studio User.
Password Cluster Account Mappings IAM User IAM users for which an account mapping rule will be configured. For IAM users not configured here, the default access identity is used for authentication.
Grant the user sufficient permissions on IAM and then perform IAM user synchronization on the Dashboard tab page!". Solution This problem occurs because the user does not have the operation permission on the MRS cluster.
Failed Number of failed calls to APIs that use app or IAM authentication. Valid Number of valid calls to APIs that use app or IAM authentication. Valid API calls refer to the calls that pass the verification.
This policy takes effect for the account and IAM users of the account. Parent topic: Consultation and Billing
How Do I Create a Fine-Grained Permission Policy in IAM? How Do I Isolate Workspaces So That Users Cannot View Unauthorized Workspaces? What Should I Do If a User Cannot View Workspaces After I Have Assigned the Required Policy to the User?
IAM accounts are classified into the following types: Public IAM accounts: They apply to all jobs in the workspace. For details about how to configure a public IAM account, see Configuring a Public IAM Account. Execution users: They apply only to a single job.
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project and its ID from the project list. Parent topic: Configuring DataArts Studio Data Connection Parameters
Grant the user sufficient permissions on IAM and then perform IAM user synchronization on the Dashboard tab page. The error code is 0192.
On the API Credentials page, obtain the account name, account ID, IAM username, and IAM user ID, and obtain the project and its ID from the project list. - Username Username for accessing CloudTable admin AK AK and SK for accessing CloudTable.
