An access control list (ACL) is a group of IP addresses or network segments. Users can only access the public cloud system from the IP addresses or network segments contained in the ACL.
An access key consists of an Access Key ID (AK) and a Secret Access Key (SK). Access keys (AK/SK) are used to verify the identity of a sender who initiates a request through APIs. Access keys and passwords have similar functions. Access keys can be generated and managed on the My Credential page.
An account is created automatically when a user registers with HUAWEI CLOUD. An account has full access permissions for all the resources under the account.
See access key
A user created by the administrator in IAM. An IAM user uses cloud services and corresponds to an employee, system, or application. IAM users have identity credentials (passwords and access keys) and can log in to the management console or access APIs.
Identity and Access Management (IAM) is a security management service provided by the public cloud system. This service includes identity management, permission management, and access control functions.
An identity provider (IdP) is a system that provides identity authentication to users. For example, IAM is the IdP for the public cloud system. In IAM, the IdP for federated identity authentication is the enterprise's own identity authentication system.
Metadata files are SAML 2.0-compliant interface files. They contain the interface addresses and certificate information required by the SAML2.0 protocol. Two such files are available, one for the identity provider (IdP) and the other for the service provider (SP). The IdP and SP set up a trust relationship by exchanging their metadata files and configuring data in the file of each other. The public cloud system (SP) communicates with the IdP server using the address and certificate in the metadata file.
My Credential contains a user's attribute information and security information, including their user ID, verified mobile number, verified email address, password, and access key.
Permissions are used to control which operations users can perform on which objects.
A policy consists of one or more statements, each of which describes one set of permissions and grants permissions to a set of resources. You can flexibly define permissions in a policy as required. A policy can contain multiple operation permissions for multiple cloud services or a single operation permission for a single cloud service. IAM uses policies to implement fine-grained permission management.
A collection of accessible resources in services. An account can create multiple projects in a region and authorize users based on these projects.
Regions are divided from the dimensions of geographical location and network delay. Public services, such as Object Storage Service (OBS), Virtual Private Cloud (VPC), and Image Management Service (IMS), are shared within the same region. Users can select a region closest to them to reduce access latencies.
A service provider (SP) is a system that provides services to users. In IAM, the SP for federated identity authentication is the public cloud system.
See service provider
Thank you for your score！Your feedback would help us improve the website.