Anti-DDoS Permissions
If you need to assign different permissions to employees in your enterprise to access your Anti-DDoS resources, IAM is an ideal choice for fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you efficiently manage access to your Anti-DDoS resources.
With IAM, you can use your Huawei Cloud account to create IAM users for your employees, and assign permissions to the users to control their access to specific resource types. For example, some software developers in your enterprise need to use Anti-DDoS resources but must not delete them or perform any high-risk operations. To achieve this purpose, you can create IAM users for the software developers and grant them only the permissions required for using Anti-DDoS resources.
If your Huawei Cloud account does not need individual IAM users for permissions management, skip this topic.
Anti-DDoS Permissions
By default, new IAM users do not have any permissions. You need to add a user to one or more groups, and attach permission policies or roles to these groups. Users inherit permissions from their groups and can perform specified operations on cloud services based on the permissions.
To assign Anti-DDoS permissions to a user group, specify the scope as region-specific projects and select projects for the permissions to take effect. If All projects is selected, the permissions will take effect for the user group in all region-specific projects. When accessing Anti-DDoS, the users need to switch to a region where they have been authorized.
Table 1 lists all the system policies supported by Anti-DDoS. Huawei Cloud services interwork with each other, and roles of Anti-DDoS are dependent on roles of other services to take effect. When assigning Anti-DDoS permissions to users, you also need to assign dependent roles for the Anti-DDoS permissions to take effect.
Policy Name |
Description |
Dependency |
|---|---|---|
Anti-DDoS Administrator |
Administrator permissions for Anti-DDoS. |
It depends on the Tenant Guest role. Tenant Guest: a global role, which must be assigned in the Global project |
Anti-DDoS FullAccess |
All permissions for Anti-DDoS |
- |
Anti-DDoS ReadOnlyAccess |
Read-only permissions for Anti-DDoS |
- |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
