(Optional) Authorizing Subaccounts to Use ImageSearch

Process Flow

Figure 1 Process for granting ImageSearch permissions

For details about the Tenant Guest permission and how to apply for the permission, see System Permissions and Creating a User Group and Assigning Permissions in the Identity and Access Management User Guide.

Step 1: Create a User Group and Grant Permissions

User groups facilitate centralized user management and streamlined permission management. Users in the same user group have the same permissions. Users created in IAM inherit permissions from the groups to which they belong. To create a user group and grant it permissions, perform the following steps:

1. Log in to Huawei Cloud using an account.
2. On the management console, mouse over the username on the upper right corner and then choose Identity and Access Management.
3. On the IAM console, choose User Groups in the navigation pane. Then click Create User Group.
4. Enter a user group name, and click OK.

   The user group is displayed in the user group list.

5. In the row of the created user group, click Manage Permissions in the Operation column. The Permissions Assigned tab page is displayed. Click Assign. Select Global service project for Scope. Select Tenant Guest and click OK, as shown in Figure 2.
   Figure 2 Global service configuration
   
6. In the row of the user group you created, click Manage Permissions in the Operation column. The Permissions Assigned tab page is displayed. Click Assign. Set Scope to Region-specific projects and select All projects (including future projects in all regions). Select Tenant Guest and click OK, as shown in Figure 3.
   Figure 3 Region-specific service configuration
   
7. Return to the user group list, click Manage Permissions under the Operation column in the row that contains the newly created user group. On the Permissions tab page, view the configured permissions, as shown in Figure 4.
   Figure 4 Permissions management
   

Step 2: Create an IAM User

IAM users can be created for employees or applications of an enterprise. Each IAM user has their own security credentials, and inherits permissions from the groups it is a member of. To create an IAM user, perform the following steps:

1. In the navigation pane of the IAM console, choose Users. Then click Create User.
2. Set user information and click Next. For details about the parameters, see Creating an IAM User.
3. On the next page, set a password type, an email address, and a mobile number, and click OK.
4. Add users to user groups so that the users inherit permissions from the groups to which they belong. For details about how to add users, see Adding Users to a User Group.

Step 3: Log In and Verify Permissions

After the user is created, use the username and identity credential to log in to HUAWEI CLOUD, and verify that the user has the permissions.

1. On the HUAWEI CLOUD login page, click IAM User Login.
2. Enter the account name, username, and password, and click Log In.
   • The account name is the name of the Huawei Cloud account that created the IAM user.
   • The username and password are those set by the account when creating the IAM user.
   • If the login fails, contact the entity owning the account to verify the username and password. Alternatively, you can reset the password.
3. After successful login, switch to a region where the user has been granted permissions on the management console. The default region is CN North-Beijing4.
4. In Service List, select ImageSearch. If the instance creation, offline import, and service test and calling can all be performed properly, the permissions are granted successfully.