Creating an IAM User and Granting SFS Permissions
This section describes how to use IAM to implement fine-grained permissions control for your SFS resources. With IAM, you can:
- Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing SFS resources.
- Grant only the permissions required for users to perform a specific task.
If your Huawei Cloud account does not require individual IAM users, skip this section.
Figure 1 shows the process flow for granting permissions.
Prerequisites
Learn about the permissions (see system-defined roles and policies) supported by SFS and choose policies or roles according to your requirements. For the permissions of other services, see System Permissions.
Process Flow
- Create a user group and assign permissions to it.
Create a user group on the IAM console and assign the SFS3 ReadOnlyAccess permissions to the group.
- Create a user and add it to a user group.
Create a user on the IAM console and add the user to the group created in 1.
- Log in and verify permissions.
Log in to the console as the created user and switch to the authorized region. Choose Scalable File Service > General Purpose File System > File Systems. Click Create File System in the upper right corner. If a message appears indicating that you have insufficient permissions, the SFS3 ReadOnlyAccess policy is in effect.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
