- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
-
VPC Endpoint Services
- VPC Endpoint Service Overview
- Creating a VPC Endpoint Service
- Viewing a VPC Endpoint Service
- Deleting a VPC Endpoint Service
- Managing Connections of a VPC Endpoint Service
- Managing Whitelist Records of a VPC Endpoint Service
- Viewing Port Mappings of a VPC Endpoint Service
- Managing Tags of a VPC Endpoint Service
- VPC Endpoints
- Permissions Management
- Quotas
-
VPC Endpoint Services
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Version Management
-
VPC Endpoint Services
- Creating a VPC Endpoint Service
- Querying VPC endpoint services
- Querying details of a VPC endpoint service
- Modifying a VPC endpoint service
- Deleting a VPC Endpoint Service
- Querying connections of a VPC endpoint service
- Accepting or Rejecting a VPC Endpoint
- Querying whitelist records of a VPC endpoint service
- Batch Adding or Deleting Whitelist Records of a VPC Endpoint Service
- Changing the Name of the VPC Endpoint Service
- This API is used to update the description of the VPC endpoint connection.
- Batch Adding or Deleting Whitelist Records of a VPC Endpoint Service
- Batch Adding or Deleting Whitelist Records of a VPC Endpoint Service
- Updating the Description of a Whitelist Record of a VPC Endpoint Service
-
VPC Endpoints
- Querying public VPC endpoint services
- Querying basic information of a VPC endpoint service
- Creating a VPC endpoint
- Querying VPC endpoints
- Querying details of a VPC endpoint
- Deleting Endpoint
- Updating the Whitelist of a VPC Endpoint
- Changing a route table of a VPC endpoint
- Modifying Route Tables Associated with a VPC Endpoint
- Modifying Route Tables Associated with a VPC Endpoint
- Resource Quotas
- Tags
- Application Examples
- Appendix
- Change History
- SDK Reference
- Best Practices
- FAQs
Permissions
If you need to assign different permissions to employees in your enterprise to access your VPC Endpoint resources, you can use Identity and Access Management (IAM) to manage fine-grained permissions. IAM provides identity authentication, permissions management, and access control, helping you to securely access your Huawei Cloud resources.
With IAM, you can use your HUAWEI ID to create IAM users and assign permissions to control their access to specific Huawei Cloud resources. For example, if you want website maintenance personnel in your enterprise to use VPC Endpoint resources but do not want them to delete other cloud resources or perform any other high-risk operations, you can create IAM users and grant only permissions to use VPC Endpoint resources.
If your HUAWEI ID does not require individual IAM users for permissions management, you can skip this section.
IAM is a free service. You only pay for the resources in your account.
For more information about IAM, see .
VPC Endpoint Permissions
New IAM users do not have any permissions assigned by default. You need to first add them to one or more groups and attach policies or roles to these groups. The users then inherit permissions from the groups and can perform specified operations on cloud services based on the permissions they have been assigned.
VPC Endpoint is a project-level service deployed for specific regions. You need to select a project for which the permissions will be granted. If you select All projects, the permissions will be granted for all the projects. When accessing VPC Endpoint, the users need to switch to the authorized region.
Table 2 lists the common operations supported by system-defined permissions for VPC Endpoint.
|
Operation |
VPCEndpoint Administrator |
|---|---|
|
Creating a VPC endpoint |
√ |
|
Deleting a VPC endpoint |
√ |
|
Querying a VPC endpoint |
√ |
|
Modifying a VPC endpoint |
√ |
|
Creating a VPC endpoint service |
√ |
|
Deleting a VPC endpoint service |
√ |
|
Querying a VPC endpoint service |
√ |
|
Modifying a VPC endpoint service |
√ |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
