检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
These hashes are measurements of the instance and can be used as condition keys in IAM authorization policies to implement conditional access control over KMS APIs. For details, see PCR. Parent Topic: Examples of Using QingTian Enclave
ECS Group Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Deleting an ECS group DELETE /v1/{project_id}/cloudservers/os-server-groups/{server_group_id} ecs:cloudServers:deleteServerGroup - Supported Supported
Metadata Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Querying ECS Metadata (Discarded) GET /v2.1/{project_id}/servers/{server_id}/metadata ecs:servers:listMetadata - Supported Not supported Not supported
Before performing the replication, create an IAM agency. Create an IAM agency. In the upper right corner of the page, click the username and select Identity and Access Management. In the navigation pane, choose Agencies. Click Create Agency.
Tag Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Adding tags to an ECS in a batch/Deleting tags from an ECS in a batch POST /v1/{project_id}/cloudservers/{server_id}/tags/action ecs:cloudServers:batchSetServerTags
When your ECS resources need to be shared with other accounts, or your ECS is delegated to professional personnel or team for management, the tenant administrator creates an agency in IAM and grants the ECS management permissions to the personnel or team.
ECS Status Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Changing an ECS OS POST /v2/{project_id}/cloudservers/{server_id}/changeos ecs:cloudServers:changeOS - Supported Supported Supported Supported Changing
NIC Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Binding a private IP address to an ECS NIC PUT /v1/{project_id}/cloudservers/nics/{nic_id} ecs:cloudServerNics:update - Supported Not supported Not supported
Disk Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Detaching a disk from an ECS DELETE /v1/{project_id}/cloudservers/{server_id}/detachvolume/{volume_id} ecs:cloudServers:detachVolume - Supported Supported
Security Group Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Creating a Security Group (Discarded) POST /v2.1/{project_id}/os-security-groups ecs:securityGroups:use vpc:securityGroups:get vpc:securityGroups
Lifecycle Management Permission API Action Dependencies IAM Project Enterprise Project Authorization by Instance Authorization by Tag Creating ECSs (pay-per-use or yearly/monthly) POST /v1.1/{project_id}/cloudservers Assigning a New EIP ecs:cloudServers:createServers Using an Existing
KMS can ingest attestation documents from QingTian Enclave instances and validates the measurements in the attestation documents against these specified in the IAM policies to determine whether QingTian Enclave instances can access KMS APIs.
Using a V2 API without a microversion GET: https://{Endpoint}/v2/74610f3a5ad941998e91f076297ecf27/servers/detail {Endpoint} indicates the IAM endpoint. For details, see Endpoints.
If the key pair is created by an IAM user, the IAM account of the user and the other users of the same account cannot view the key pair. This API has been discarded. Use the API described in Creating and Importing an SSH Key Pair.
If you have created an agency in IAM, select the agency from the drop-down list. For more information about agencies, see Account Delegation. Set CPU Options. To configure hyper-threading for an ECS, select Specify CPU options.
