Why Was I Prompted to Grant Security Administrator Permissions When I Create a Rule or Set Resource File Storage?
This is because the Identity and Access Management (IAM) user that you are using is not granted with the required management permissions. Use the administrator account to perform one of the following methods to grant permissions to the IAM user.
Method 1 (recommended): Create a custom policy (that allows agency creation, role query, and more) and attach it to the user group to which the IAM user belongs.
- Log in to the IAM console, choose Permissions > Policies/Roles in the left navigation pane, and click Create Custom Policy in the upper right corner.
- Policy Name: Enter a policy name.
- Policy View: Select JSON.
- Policy Content: Set this parameter as follows:
{ "Version": "1.1", "Statement": [ { "Action": [ "iam:agencies:createAgency", "iam:agencies:listAgencies", "iam:agencies:getAgency", "iam:permissions:listRolesForAgencyOnDomain", "iam:permissions:listRolesForAgencyOnProject", "iam:permissions:grantRoleToAgencyOnProject", "iam:permissions:revokeRoleFromAgencyOnProject", "iam:permissions:grantRoleToAgencyOnDomain", "iam:permissions:revokeRoleFromAgencyOnDomain", "iam:permissions:checkRoleForAgencyOnProject", "iam:permissions:checkRoleForAgencyOnDomain", "iam:roles:createRole", "iam:roles:listRoles", "iam:roles:getRole" ], "Effect": "Allow" } ] }
- Click OK. The custom policy is created.
- Choose User Groups in the left navigation pane and click the target user group.
- Click the Permissions tab and click Authorize.
- On the Select Policy/Role page, select the policy created in 1, and click Next.
- On the Select Scope page, select All Resources, and click OK.
Method 2: Grant the Security Administrator permissions to the user group to which the IAM user belongs.
- Log in to the IAM console, choose User Groups in the left navigation pane, and click the target user group.
- Click the Permissions tab, search for Security Administrator, select Security Administrator, and click Next.
Note: Users with the Security Administrator permissions can perform all actions such as agency, role, and user management. Exercise caution when assigning the permissions.
- On the Select Scope page, select All Resources, and click OK.
Solution Consulting FAQs
- In What Scenarios Can the IoT Platform Be Applied?
- What Are the Changes Brought by the Integration of IoT Device Management and IoTDA?
- Can I Enable IoTDA for IAM Users or Sub-Projects?
- Which Regions of Huawei Cloud Are Supported by the IoT Platform?
- Does Huawei Provide Modules, Hardware Devices, and Application Software?
- What Should I Do If I Want to Call an API But Have No Permissions to Do So as an IAM User? (Is It Edition-specific?)
- Why Was I Prompted to Grant Security Administrator Permissions When I Create a Rule or Set Resource File Storage?
- Which Resource Space Will Be Set As Default on the IoT Platform?
- How Does IoTDA Obtain Device Data?
- Is There Any Limitation on the Number of Resource Spaces and Devices I Can Add on the IoT Platform?
- Does the IoTDA Support Device Registration in Batches?
- Are There Any Limitations on the Use of the IoT Platform?
- What DTLS Encryption Algorithms Are Supported by the IoT Platform?
- Does the IoT Platform Support Conversion Between Big Endian and Little Endian for Binary Data?
- What Is NB-IoT?
- What Are the Components of the IoT Platform and What Hardware Architectures Does It Support?
- How Do I Obtain the Platform Access Address?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore