Access Control
Access Modes
A bunch of tools, including console, command line tools, APIs, and SDKs, are provided for you to access SWR. No matter which method you use, you are accessing SWR through REST APIs.
SWR APIs support both authenticated and anonymous requests. Anonymous requests are typically used for public access, such as accessing hosted static websites. In most cases, requests for SWR resources must be authenticated. An authenticated request must contain a signature value. The signature value is calculated based on the requester's access keys (AK/SK) as the encryption factor and the specific information carried in the request body. AK/SK authentication uses AK/SK-based encryption to authenticate a request sender. For details about an AK/SK and how to obtain one, see Obtaining a Long-Term Login Command.
Access Control Methods
Users' access to SWR in any mode is restricted by SWR access control. Currently, SWR supports the following control methods:
|
Access Control Method |
Description |
Reference |
|
|---|---|---|---|
|
Permissions control |
IAM permissions |
IAM permissions define which actions on your cloud resources are allowed and which actions are denied, to control access to your resources. After an IAM user is created, the administrator adds it to a user group. The administrator can assign the user group required SWR access permissions, and all users in this group then inherit the assigned permissions. |
|
|
Image permissions |
Image permissions refer to the permissions to read, edit, and manage an image. In addition to assigning permissions to users in IAM, the administrator can add, modify, and delete permissions for IAM users on the image details page of the SWR console. |
||
|
Organization permissions |
Organizations enable efficient management of images. Organizations are used to isolate image repositories. With each organization being limited to one company or department, images can be managed in a centralized and efficient manner. An image name needs to be unique within an organization. An IAM user can access different organizations. |
||
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
