Setting Common Guardian Parameters

Page Access

Go to the Guardian configuration page by referring to Modifying Cluster Service Configuration Parameters.

Description

**Table 1** Guardian parameters
Parameter	Description	Default Value
token.server.access.label.agency.name	Name of an IAM agency.	-
token.server.access.iam.domain.id	Domain ID corresponding to the user who accesses IAM. This parameter is mandatory only when the ECS agency cannot be configured on physical machines.	-
token.server.access.iam.endpoint	Endpoint of IAM. This parameter is used only when the ECS agency cannot be configured on physical machines. If the OBS endpoint is configured in the meta component, the configuration is automatically generated based on the https://iam-apigateway-proxy.${obs_endpoint_region_id}.${obs_endpoint_domain_name} rule.	If the OBS endpoint is configured in the meta component, the configuration is automatically generated based on the https://iam-apigateway-proxy.${obs_endpoint_region_id}.${obs_endpoint_domain_name} rule.
token.server.access.iam.sk	Secret key for accessing IAM. This parameter is mandatory only when the ECS agency cannot be configured on physical machines.	-
token.server.access.iam.ak	Access key for accessing IAM. This parameter is mandatory only when the ECS agency cannot be configured on physical machines. The user must have the Agent Operator role permission.	-
fs.obs.delegation.token.providers	By default, this parameter is left blank. If this parameter is true, both com.xxx.mrs.dt.MRSDelegationTokenProvider and com.xxx.mrs.dt.GuardianDTProvider must be set.	-
fs.obs.guardian.accesslabel.enabled	Whether to enable access label for using Guardian to connect to OBS.	false
fs.obs.guardian.enabled	Whether to enable Guardian. NOTE: After you change the value of this parameter, you need to synchronize the configuration again, restart the cluster, and refresh the client configuration.	false