Help Center/ Data Warehouse Service / Management Guide/ Preparations/ Creating a User and Granting DWS Permissions
Updated on 2025-09-11 GMT+08:00
View PDF

Creating a User and Granting DWS Permissions

Before using DWS, register a Huawei Cloud account. If you need to manage account permissions more precisely, use Identity and Access Management (IAM).

Registering a Public Cloud Account

If you do not have a Huawei Cloud account, register one.

  1. Open the official public cloud website (https://www.huaweicloud.com/eu/) and click Register in the upper right corner. The registration page is displayed.
  2. Enter registration information as prompted.
  3. After the registration is successful, you can be automatically logged in to Huawei Cloud.

Using DWS with IAM

This section describes how to use Identity and Access Management (IAM) to implement fine-grained permissions control for your DWS resources. With IAM, you can: With IAM, you can:

  • Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing DWS resources.
  • Grant only the permissions required for users to perform specific tasks.
  • Entrust a Huawei Cloud account or a cloud service to perform professional and efficient O&M on your DWS resources.

If your Huawei Cloud account does not need individual IAM users, you may skip over this section.

This section describes the procedure for granting permissions (see IAM usage process).

Prerequisites for Using IAM

Before assigning permission policies to a user group, you need to understand the DWS permission policies. For details about the system policies supported by DWS, see Supported System Policies. For the system policies of other services, see System Permissions.

IAM usage process

Figure 1 Process of granting DWS permissions to a user
  1. Create a user group and assign permissions.

    Use the Huawei Cloud account to log in to the IAM console, create a user group, and attach the DWSReadOnlyAccess policy to the group.

  2. Create a user and add it to a user group.

    Create a user on the IAM console and add the user to the group created in Step 1.

  3. log in and verify the permissions.

    Log in to the management console by using the user created and verify the user permissions.

    • Choose Service List > Data Warehouse Service to enter the GaussDB(DWS) management console, and click Create DWS Cluster to create a data warehouse cluster. If you cannot create one, the DWSReadOnlyAccess policy has taken effect.
    • Choose any other service in Service List. If only the DWSReadOnlyAccess policy is added and a message is displayed indicating that you have insufficient permission to access the service, DWSReadOnlyAccess has taken effect.
Parent Topic: Preparations