Help Center/ Enterprise Management/ User Guide/ Project Management/ Getting Started/ Enterprise User Permissions and Project Management
Updated on 2026-01-07 GMT+08:00
View PDF

Enterprise User Permissions and Project Management

Scenario

Enterprise Project Management Service (EPS) supports resource management using IAM users.

You can grant IAM users different permissions to ensure controlled and secure resource access.

This section describes how to grant an IAM user permissions for managing different cloud resources based on enterprise projects.

Table 1 Typical workflow

Operation

Description

Creating User Groups

On the IAM console, create user groups Test_ECS_A and Test_ECS_B.

Creating an IAM User

Create users Test_User_A and Test_User_B.

Adding an IAM User to a User Group

Add user Test_User_A to user group Test_ECS_A and add user Test_User_B to user group Test_ECS_B.

Creating an Enterprise Project

On the EPS console, create enterprise projects project_A and project_B.

Authorizing a User Group to Manage an Enterprise Project

Add user group Test_ECS_A to enterprise project project_A and user group Test_ECS_B to enterprise project project_B.

Adding Resources to an Enterprise Project

Add resources to enterprise projects project_A and project_B, respectively.

Verifying Permissions

Verify the permissions as IAM users Test_User_A and Test_User_B.

Process

Figure 1 Process

Prerequisites

  • You are an administrator or have been assigned the EPS FullAccess policy on IAM.
  • There are multiple Huawei Cloud resources in the account.

Creating User Groups

Perform the following procedure to create user groups Test_ECS_A and Test_ECS_B.

  1. Log in to Huawei Cloud console.
  2. On the management console, hover over the username in the upper right corner, and choose Identity and Access Management from the drop-down list.
  3. In the navigation pane, choose User Groups. Click Create User Group in the upper right corner.
  4. On the displayed page, enter a user group name, for example, Test_ECS_A.
  5. Click OK.

    The user group you create is displayed in the user group list.

For more information, see .

Creating an IAM user

Perform the following procedure to create users Test_User_A and Test_User_B:

  1. Log in to Huawei Cloud console.
  2. On the management console, point to the username in the upper right corner, and choose Identity and Access Management from the drop-down list.
  3. Choose Users from the navigation pane, and click Create User in the upper right.
  4. On the Create User page, configure user basic information.
  5. Click Next to go to the (Optional) Add User to Group page.

    You can add the user to the user group Test_ECS_A or not add the user to any user group.

  6. Click Create in the lower right corner.

For more information, see Creating an IAM User.

Adding an IAM User to a User Group

Perform the following steps to add IAM users Test_User_A and Test_User_B to user groups Test_ECS_A and Test_ECS_B:

  1. Log in to Huawei Cloud console.
  2. On the management console, point to the username in the upper right corner, and choose Identity and Access Management from the drop-down list.
  3. In the navigation pane, click User Groups.
  4. In the user group list, locate the row that contains Test_ECS_A and click Manage User in the Operation column.
  5. In the displayed dialog box, select the usernames you want to add to the user group from Available Users.
  6. Click OK.

Creating an Enterprise Project

Perform the following steps as the administrator to create enterprise projects project_A and project_B:

  1. Log in to Huawei Cloud console.
  2. Choose Enterprise > Project Management in the upper right corner of the page.

    If the screen resolution is low, you may need to hover over More in the top navigation bar and choose Enterprise > Project Management.

  3. On the Enterprise Project Management Service page, click Create Enterprise Project in the upper right corner.

    The Create Enterprise Project page is displayed.

  4. Select a project type based on service requirements.
  5. Set Name and Description, and click OK.

    Table 2 Project information

    Parameter

    Description

    Example

    Name

    Name of the enterprise project you want to create.

    A project name can contain up to 255 characters. Only letters, digits, underscores (_), and hyphens (-) are allowed. It cannot contain the word default in any case.

    project_A

    Description

    Description of the enterprise project.

    The description can contain up to 512 characters.

    Used to manage resources in this enterprise project.

Authorizing a User Group to Manage an Enterprise Project

Perform the following steps as the administrator to authorize a user group to manage an enterprise project:

  1. Log in to Huawei Cloud console.
  2. Choose Enterprise > Project Management in the upper right corner of the page.

    If the screen resolution is low, choose More > Enterprise > Project Management.

  3. On the Enterprise Project Management Service page, click the name of the target enterprise project.
  4. On the displayed enterprise project details page, click the Permissions tab, and click Authorize User Group.

    The IAM User Groups page is displayed. Select a user group and authorize the user group to manage the enterprise project.

    For details, see Creating a User Group and Assigning Permissions.

Adding Resources to an Enterprise Project

Perform the following steps as the administrator to add cloud resources to enterprise projects project_A and project_B:

  1. Log in to Huawei Cloud console.
  2. Choose Enterprise > Project Management in the upper right corner of the page.

    If the screen resolution is low, choose More > Enterprise > Project Management.

  3. On the Enterprise Project Management Service page, click View Resource in the Operation column of the row containing the target enterprise project.

    The enterprise project details page is displayed. You can view the resources in the enterprise project in the Resources tab.

  4. Click Add.

    The Add Resource dialog box is displayed.

  5. Select a mode.

    • Independent resources: Each resource is added as an independent resource, and multiple resources can be added at a time.

      If you are adding resources other than ECSs, you must select this mode.

      If you select this mode to add ECSs, their associated resources, such as EIPs and EVS disks, will not be added.

    • ECSs and ECS associated resources: You can select only the ECSs to add them and their resources to the enterprise project.

      Currently, only EVS disks and EIPs can be added together with ECSs.

  6. In the filter box above the resource list, filter resources by service, region, and enterprise project. You can also enter a resource name in the search box for exact search.
  7. For services that contain multiple resource types, you can click in the resource type column in the list to filter resource types.

    Resources that meet the search criteria will be displayed.

    If you select ECSs and ECS associated resources for Mode, you cannot filter resources by service or resource type.

  8. Select the resources you want to add and click OK.

    After the resources are added, they appear in the resource list of the current enterprise project.

Verifying Permissions

Verify the permissions with IAM users Test_User_A and Test_User_B.

  1. Log in to the Huawei Cloud console as the created IAM user.
  2. Choose Enterprise > Project Management in the upper right corner of the page.

    If the screen resolution is low, choose More > Enterprise > Project Management.

  3. Click View Resource in the Operation column of a target enterprise project. The enterprise project details page is displayed.
  4. In the resource list in the tab, click a target resource name to go to the details page and verify the permissions.
Parent topic: Getting Started