检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Issues About Data Synchronization and Data Consistency How Do I Grant Permissions to an IAM User? How Long Are Logs Stored in SecMaster?
User_name user_name string user_name Yes Username of the IAM user This parameter is mandatory when the tenant type is selected. Password user_password string -- Yes Password of the IAM user This parameter is mandatory when the tenant type is selected.
Procedure (Optional) Step 1: Buy an ECS (Optional) Step 2: Buy a Data Disk (Optional) Step 3: Attach a Data Disk Step 4: Create a Non-administrator IAM User Step 5: Configure Network Connection Step 6: Install the Component Controller (isap-agent) Step 7: Install the Log Collection
Prerequisites You have obtained the IAM administrator account information. Buying an ECS View the ECS information. Log in to the console as the IAM administrator.
Preparations Creating an IAM user with the minimum permission IAM is used for data collection authorization. You need to create an IAM user with the minimum permission to access SecMaster APIs and disable verification rules such as MFA for the user.
Alert Identity security Identity Defense Alarms Are Associated With Historical Handling Information Associates new IAM alerts with IAM alerts handled earlier and adds historical handling details to the comment area for the new alerts.
Data Security Center (DSC) Tenant-side cloud service dsc-alarm DSC alarm logs AP-Singapore, CN-Hong Kong, TR-Istanbul, AP-Bangkok, AF-Johannesburg, LA-Mexico City2, LA-Sao Paulo1, LA-Santiago, AP-Jakarta, ME-Riyadh, and AF-Cairo Identity security Identity and Access Management (IAM
Only IAM users can be used to install component controller and check details on the console. The IAM user can have only the minimum permissions assigned. For details, see Preparations.
Enter the domain name, username, and password of the machine-machine account created in Step 4: Create a Non-administrator IAM User as prompted. If install isap-agent successfully is displayed, the component controller is installed.
{Endpoint} is the IAM endpoint and can be obtained from Regions and Endpoints. For details about API authentication, see Authentication.
You can obtain the token by calling the IAM API used to obtain a user token. Token of an IAM user. To obtain it, call the corresponding IAM API.
Processed By Set the reviewer of the workflow to the IAM user of the current IAM account. If a workflow needs to be approved after the setting, only the owner can handle it on the Task Center page. Non-owners can only view the workflow.
It can be obtained by calling the IAM API used to obtain a user token.
Step 4: Create a Non-administrator IAM Account Use this account to access SecMaster for the log collector on the tenant side. Step 5: Configure Network Connection Connect the tenant VPC to the SecMaster network.
The IAM users page is displayed. In the navigation pane on the left, choose Permissions > Policies. On the Policies page, enter the policy name in the search box. View the meaning and scope of the policy. Description Description of the agency Click Confirm.
When a policy needs to be delivered to IAM, each time a maximum of 50 IAM users can be added as blocked objects for each account. Label Label of a custom emergency policy.
You can obtain the token by calling the IAM API used to obtain a user token. Token of an IAM user. To obtain it, call the corresponding IAM API.
You can obtain the token by calling the IAM API used to obtain a user token. Token of an IAM user. To obtain it, call the corresponding IAM API.
Log in to the console as the IAM administrator. Click in the upper left corner of the management console, select a region or project, click in the upper left corner of the page, and choose Storage > Elastic Volume Service.
For security purposes, create IAM users under the account and grant them permissions for routine management. User A user is created using a domain to use cloud services. Each user has its own identity credentials (password and access keys).
