Help Center> Cloud Phone Host> User Guide> Permission Management> Creating a User and Granting Cloud Phone Permissions
View PDF

Creating a User and Granting Cloud Phone Permissions

This section describes how to use IAM to implement fine-grained permissions control for your Cloud Phone resources. With IAM, you can:

  • Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing cloud resources.
  • Grant only the permissions required for users to perform a specific task.
  • Entrust a HUAWEI CLOUD account or cloud service to perform efficient O&M on your Cloud Phone resources.

If your HUAWEI CLOUD account does not need individual IAM users, skip this chapter.

This section uses the CPH User policy as an example to describe how to grant permissions to a user. Figure 1 shows the process.

Prerequisites

Learn about the permissions (see Permissions Management) supported by Cloud Phone and choose policies or roles according to your requirements. For the system policies of other services, see System Permissions.

Authorization Process

Figure 1 Process for granting Cloud Phone permissions
  1. Create a user group and assign permissions to it.

    On the IAM console, create a user group, and assign the read-only permission CPH User and its dependent permission Tenant Guest to the group.

  2. Create an IAM User.

    Create a user on the IAM console and add the user to the group created in step 1.

  3. Log in Using an IAM User and verify permissions.

    Log in to the management console as the created user, switch to the authorized region, and verify that the user has the required permissions. (Assume that the user has only the CPH User and Tenant Guest permissions.)

    • Click Service List. Under Computing, select Cloud Phone. In the navigation pane on the left, choose Servers and Instances to view the server data and cloud phone data respectively. If the cloud phone information can be viewed, the read-only permission has taken effect.
    • Click Service List. Under Computing, select Cloud Phone. On the displayed Cloud Phone console, check whether the Buy Server button is displayed in the upper right corner. If no, the read-only permission has taken effect.
Parent topic: Permission Management