Creating a User and Granting DMS for Kafka Permissions
This section describes how to use Identity and Access Management (IAM) to implement fine-grained permissions control for your Distributed Message Service (DMS) for Kafka resources. With IAM, you can:
- Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing DMS for Kafka resources.
- Grant only the permissions required for users to perform a specific task.
- Entrust another HUAWEI CLOUD account or cloud service to perform efficient O&M on your DMS for Kafka resources.
If your HUAWEI CLOUD account does not require individual IAM users, skip this chapter.
This section describes the procedure for granting permissions (see Figure 1).
Prerequisites
Learn about the permissions (see System-defined roles and policies supported by DMS for Kafka) supported by DMS for Kafka and choose policies according to your requirements. For the system policies of other services, see System Permissions.
Process Flow
- Create a user group and assign permissions to it.
Create a user group on the IAM console, and attach the DMS ReadOnlyAccess policy to the group.
- Create an IAM user.
Create a user on the IAM console and add the user to the group created in 1.
- Log in and verify permissions.
Log in to the console as the created user, and verify that it only has read permissions for DMS for Kafka.
Last Article: Permissions Management
Next Article: DMS for Kafka Custom Policies
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.