Permissions
You can use Identity and Access Management (IAM) to manage SMN permissions and control access to your resources. IAM provides identity authentication, permissions management, and access control.
You can create IAM users for your employees, and assign permissions to these users on a principle of least privilege (PoLP) basis to control their access to specific resource types. For example, you can create IAM users for software developers and assign specific permissions to allow them to use SMN resources but prevent them from being able to delete resources or perform any high-risk operations.
If your account does not require individual IAM users for permissions management, skip this section.
IAM can be used free of charge. You pay only for the resources in your account.
For more information about IAM, see Identity and Access Management Service User Guide.
SMN Permissions
By default, new IAM users do not have any permissions assigned. To assign permissions to these new users, add them to one or more groups, and attach permissions policies or roles to these groups.
SMN is a project-level service deployed and accessed in specific physical regions. When assigning SMN permissions to a user group, specify region-specific projects where the permissions will take effect. If you select All projects, the permissions will be granted for all region-specific projects. When accessing SMN, the users need to switch to a region where they have been authorized to use this service.
Table 2 lists the common operations supported by each SMN system policy or role. Select the policies or roles as needed.
Operation |
SMN Administrator |
---|---|
Creating a topic |
√ |
Updating a topic |
√ |
Deleting a topic |
√ |
Querying topics |
√ |
Adding a subscription to a topic |
√ |
Adding tags to a topic |
√ |
Configuring topic policies |
√ |
Publishing a message |
√ |
Adding a subscription |
√ |
Requesting subscription confirmation |
√ |
Canceling a subscription |
√ |
Querying subscriptions |
√ |
Creating a message template |
√ |
Modifying a message template |
√ |
Deleting a message template |
√ |
Querying a message template |
√ |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot