Help Center> Cloud Phone Host> Service Overview> Permissions Management

View PDF

Permissions Management

If you need to assign different permissions to employees in your enterprise to access your Cloud Phone resources, IAM is a good choice for fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you secure access to your HUAWEI CLOUD resources.

With IAM, you can use your HUAWEI CLOUD account to create IAM users for your employees, and grant permissions to the users to control their access to specific resource types. For example, some software developers in your enterprise need to view Cloud Phone resources but should not be allowed to perform any other high-risk operations, such as restarting Cloud Phone instances. In this scenario, you can create IAM users for the software developers and grant them only the permissions required for viewing Cloud Phone resources.

If your HUAWEI CLOUD account does not need individual IAM users for permissions management, skip this section.

IAM free of charge. You pay only for cloud resources you purchase or use. For more information about IAM, see IAM Service Overview.

Cloud Phone Permissions

By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and attach permissions policies or roles to these groups. Users inherit permissions from the groups to which they are added and can perform specified operations on cloud services.

Cloud Phone is a project-level service deployed in specific physical regions. To assign Cloud Phone permissions to a user group, specify the scope as region-specific projects and select projects for the permissions to take effect. If All projects is selected, the permissions will take effect for the user group in all region-specific projects. When accessing Cloud Phone, the users need to switch to a region where they have been authorized to use this service.

Table 1 lists all system roles of Cloud Phone.

**Table 1** System-defined roles
Role Name	Description	Dependencies
CPH Administrator	Has all permissions for Cloud Phone resources.	None
CPH User	Read-only permissions for Cloud Phone. Users granted these permissions can only view Cloud Phone resource data.	Dependent on the Tenant Guest policy.

Table 2 lists the common operations supported by each Cloud Phone system role. Choose proper system roles according to this table.

**Table 2** Relationship between common operations and system roles
Description	CPH Administrator	CPH User
Buying a server	√	×
Restarting a cloud phone	√	×
Resetting a cloud phone	√	×
Accessing a cloud phone	√	×
Viewing a server	√	√
Viewing a cloud phone	√	√

Helpful Links

Last Article: Billing

Next Article: Basic Concepts

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English

Help Center

Permissions Management

Cloud Phone Permissions

Helpful Links