- Service Overview
- Billing
- Getting Started
-
User Guide
- Before You Start
- Buying an Instance
- Instance Management
-
Enterprise Administrator Guide
- Logging In to the OneAccess Administrator Portal
- User Management
-
Resources
- Overview
-
Applications
- Adding an Application
- Enabling, Disabling, or Deleting an Application
- General Information
- Authentication Integration
- Synchronization Integration
- Login Configuration
- Access Control
- Object Models
- Authorization Management
- API Permission Management
- Application Permission Management
- Security Settings
- Audit Logs
- APIs
- Authentication
- Security
- Audit
- Settings
- Common User Guide
- Key Operations Recorded by CTS
-
Best Practices
- OneAccess Best Practices
- Identity Source Integration
-
Application Integration
-
Logging In to the Huawei Cloud Through User Portal
- Introduction
- Logging In to Single Huawei Cloud Account via OneAccess Without Password (SAML - Virtual User SSO)
- Logging In to Multiple Huawei Cloud Accounts via OneAccess Without Password (SAML - Virtual User SSO)
- Logging In to Single Huawei Cloud Account via OneAccess Without Password (SAML - IAM User SSO)
- Logging In to Multiple Huawei Cloud Accounts via OneAccess Without Password (SAML - IAM User SSO)
- Logging In to Huawei Cloud via OneAccess Without Password (OIDC)
- SSO Access to Applications Through SAML
- SSO Access to Applications Through OAuth 2.0
- SSO Access to Applications Through OIDC
- SSO Access to Applications Through CAS
- SSO Access to Applications Through Plug-in Autocompletion
-
Logging In to the Huawei Cloud Through User Portal
- Data Synchronization
- Authentication Provider Integration
- Authorizing IAM Users to Access a OneAccess Instance Administrator Portal
- API Usage
- Configuring MFA for User Login
- Developer Guide
-
API Reference
- Before You Start
- API Overview
-
OneAccess APIs
-
Management APIs
- Calling APIs
- Access Credentials
-
User Management
- Creating a User
- Modifying a User
- Deleting a User
- Enabling a User
- Disabling a User
- Changing a User Password
- Verifying and Modifying the Original User Password
- Querying User Details by User ID
- Querying User Details by Username
- Querying the User List
- Authorizing an Application Account
- Querying All Authorized Application Accounts of a User
- Organization Management
- Application Organization Management
- Application Account Management
- Application Role Management
- User APIs
- Application Integration APIs
-
Management APIs
- Appendix
- FAQs
- General Reference
Copied.
Authorizing IAM Users to Access a OneAccess Instance Administrator Portal
Identity and Access Management (IAM) provides permissions management for secure access to your Huawei Cloud services and resources. IAM is free of charge.
You can use your account to create IAM users and assign permissions for specific resources. Each IAM user has their own identity credentials (password and access keys) and uses cloud resources based on assigned permissions.
To log in to Huawei Cloud from OneAccess through SSO, see Logging In to Single Huawei Cloud Account via OneAccess Without Password (SAML - Virtual User SSO).
IAM users can access OneAccess instances through Huawei Cloud. This helps the enterprise administrator to securely control access to OneAccess resources.
This section describes how to authorize IAM users to access a OneAccess instance administrator portal.
Configuration Process
Prerequisites
You have a Huawei Cloud account and have bought a OneAccess instance. For details about how to purchase such an instance, see Buying an Instance.
Authorizing IAM Users to View OneAccess
Create a user group on the IAM console, assign required permissions to the user group, create users, and add them to the user group. The users are thus authorized with the permissions of the user group.
- Create a user group on the IAM console and assign the OneAccess ReadOnlyAccess permission to the group. For details, see Creating a User Group and Assigning Permissions.
- Create a user on the IAM console and add the user to the group created in 1. For details, see Creating an IAM User.
- Log in to the console and verify the read-only permission by referring to Logging In as an IAM User.
Authorizing IAM Users to Access OneAccess
Authorize IAM users to access OneAccess in the OneAccess console.
- Log in to the OneAccess console as an administrator.
- Click Manage Authorization.
- Click Add User, select the user created in 2, and click OK to authorize the IAM user to access OneAccess.
NOTE:
You can authorize a maximum of 50 IAM users to access OneAccess.
- Go to the administrator portal, and view the system administrator that is automatically generated.
Accessing OneAccess as an Authorized IAM User
Authorized IAM users can access the OneAccess administrator portal through Huawei Cloud.
- Log in to Huawei Cloud as an IAM user. For details, see Logging In as an IAM User. If you want to log in by scanning a QR code, refer to Scanning QR Code to Log in.
- Choose Service List > Management & Governance > OneAccess.
- Click the instance name to go to the administrator portal.
NOTE:
- By default, IAM users do not have permissions for the Administrator Permissions page. For details about other operations, see Enterprise Administrator Guide.
- To grant the IAM user all permissions for OneAccess, select the OneAccess FullAccess policy. For details, see 1.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot