- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Overview
- Permissions Management
- Basics of Docker
-
Image Management
- Pushing an Image Through a Container Engine Client
- Obtaining a Long-Term Valid Docker Login Command
- Obtaining a Long-Term Valid containerd Pull/Push Command
- Uploading an Image Through the SWR Console
- Pulling an Image
- Setting Image Attributes
- Sharing Private Images
- Adding a Trigger
- Adding an Image Retention Policy
- Image Center
- Organization Management
- User Permissions
- Auditing
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Organization Management
- Image Repository Management
- Image Tag Management
- Shared Account Management
- API Versions
- Organization Permission Management
- Image Permission Management
- Automatic Image Synchronization Task Management
- Trigger Management
- Image Retention Policy Management
- Temporary Login Command
- Quota Management
- Example Applications
- Appendixes
- Change History
- FAQs
- Videos
- SDK Reference
Show all
SWR Permissions
By default, new IAM users do not have any permissions granted. You need to add them to one or more groups and attach permissions policies or roles to these groups. In this way, the users can inherit permissions from the groups and perform operations on specific cloud resources.
SWR is a project-level service deployed and accessed in specific physical regions. To assign AOM permissions to a user group, specify the scope as region-specific projects and select projects for the permissions to take effect. If All projects is selected, the permissions will take effect for the user group in all region-specific projects. When accessing SWR, the users need to switch to a Region where they have been authorized to use this service.
|
Name |
Description |
Type |
|---|---|---|
|
SWR Admin |
SWR administrator permissions, including all SWR permissions. |
System-defined role |
|
Tenant Administrator |
Administrator permissions for all services except IAM, including all SWR permissions. |
System-defined role |
|
Tenant Guest |
Read-only permissions for all services except IAM, including permissions such as image pull. |
System-defined role |
|
ServiceStage Developer |
ServiceStage developer permissions, including permissions such as image pull. |
System-defined role |
NOTE:
- Granting user permissions enables you to grant different permissions, namely, read, write, and manage, to different users for them to access either a specific image or images of a specific organization.
- In addition, SWR has the SWR FullAccess, SWR OperateAccess, and SWR ReadOnlyAccess permissions. However, the three are available only for SWR Enterprise Edition, which OBT has been suspended .
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
