Updated on 2023-10-11 GMT+08:00

Creating a User and Granting BCS Permissions

This section describes how to use IAM to implement fine-grained permissions control for your BCS resources. With IAM, you can:

  • Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing BCS resources.
  • Grant only the permissions required for users to perform a specific task.
  • Entrust an account or a cloud service to perform professional and efficient O&M on your BCS resources.

If your account does not require individual IAM users, skip this chapter.

This section describes the procedure for granting permissions (see Figure 1).

Prerequisites

Learn about the permissions (see Cluster Permissions (IAM-based)) supported by BCS and choose policies or roles according to your requirements.

Process Flow

Figure 1 Process of granting BCS permissions

  1. Create a user group and assign permissions to it.

    Create a user group on the IAM console, and assign the BCS Administrator policy to the group.

  2. Create a user and add the user to the user group.

    Create a user on the IAM console and add the user to the group created in 1.

  3. Log in and verify permissions.

    Log in to the BCS console as the created user, and verify that the user has the BCS operating permissions.