Access Control for CloudPond
Access Control
You can create IAM users to grant minimum permissions required for completing specific tasks, and periodically review the granted permissions. For details, see IAM Best Practices.
Enterprise Project
You can group, manage, and isolate resources by project or enterprise project to control resource access and manage permissions by organization like enterprise, department, or project team.
Enterprise projects are used to categorize and manage multiple resources. Resources in different regions can belong to one enterprise project. You can classify resources by department or project group and put related resources into one enterprise project for management. Resources can be moved between enterprise projects.
An enterprise project can be managed by one or more user groups. Users who manage enterprise projects belong to user groups. You can authorize a user group by applying policies to it. Then users inherit permissions defined by the policies.
For details about how to create an enterprise project and assign permissions, see Enterprise Project.
Communication Security
O&M and service connectivity between edge sites and the cloud is secured as follows:
- O&M connectivity: CloudPond provides a built-in Virtual Private Network (VPN) for ensuring secure transmission of O&M data and management data over the network.
- Service connectivity: Service data is securely transmitted between CloudPond sites and the cloud over the VPC.
CloudPond Infrastructure Security
Huawei Cloud is committed to building a trusted cloud platform. CloudPond inherits all security specifications of Huawei Cloud. For details, see the Huawei Cloud Security White Paper.
- CloudPond adopts strict security isolation policies at both the user and platform layers. Huawei Cloud provides 24/7 security monitoring and operation services as well as the O&M of the CloudPond platform.
- Host Security Service (HSS) is used to periodically scan for vulnerabilities, and patches are installed in a timely manner based on the Service Level Agreement (SLA) to fix vulnerabilities.
- Huawei Cloud manages CloudPond account permissions in a centralized manner and changes access keys for each account periodically to prevent unauthorized access.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot