Permissions Management
This chapter describes how to use Identity and Access Management (IAM) for fine-grained permissions control for your LTS. With IAM, you can:
- Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing LTS resources
- Grant only the permissions required for users to perform a specific task.
- Entrust an account or a cloud service to perform professional and efficient O&M on your LTS resources.
If your account meets your permissions requirements, skip this section.
This section describes the procedure for granting user permissions. Figure 1 shows the process flow.
Prerequisites
Before granting permissions to user groups, learn about ) for LTS and select the permissions as required. For system permissions of other cloud services, see System Permissions supported by IAM.
Process Flow
- Log in to the IAM console. Create a user group on the IAM console and grant the LTS FullAccess permission to the user group. For details, see Create a user group and grant it permissions.
If you select the LTS FullAccess permissions, the Tenant Guest policy that the permission depends on is automatically selected. You also need to grant the Tenant Administrator policy for the global service project to the user group.
- Create a user on the IAM console and add the user to the user group created in 1. For details, see Create an IAM user and add it to the created user group.
- Log in to the console by using the created user and verify permissions in the authorized region. For details, see Log in as the IAM user and verify permissions.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot