Help Center> Cloud Phone Host> User Guide> Permission Management> Creating a User and Granting CPH Permissions
Updated on 2023-10-11 GMT+08:00
View PDF

Creating a User and Granting CPH Permissions

This section describes how to use IAM to implement fine-grained permissions control for your CPH resources. With IAM, you can:

  • Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing cloud resources.
  • Grant only the permissions required for users to perform a specific task.
  • Entrust a Huawei Cloud account or cloud service to perform efficient O&M on your CPH resources.

If your Huawei Cloud account does not need individual IAM users, skip this chapter.

This section uses the CPH User policy as an example to describe how to grant permissions to a user. Figure 1 shows the process.

Prerequisites

Learn about the permissions (see Permissions Management) supported by CPH and choose policies or roles according to your requirements. For the system policies of other services, see System-defined Permissions.

Authorization Process

Figure 1 Process for granting CPH permissions
  1. Create a user group and assign permissions to it.

    On the IAM console, create a user group, and assign the read-only permission CPH User and its dependent permission Tenant Guest to the group.

  2. Create an IAM user and add it to the user group.

    Create a user on the IAM console and add the user to the group created in step 1.

  3. Log in and verify permissions.

    Log in to the management console as the created user, switch to the authorized region, and verify that the user has the required permissions. (Assume that the user has only the CPH User and Tenant Guest permissions.)

    • Click Service List. Choose Compute > Cloud Phone Host. In the navigation pane on the left, choose Servers and Instances to view the server data and cloud phone data respectively. If the cloud phone information can be viewed, the read-only permission has taken effect.
    • Click Service List. Choose Compute > Cloud Phone Host. On the displayed CPH console, check whether the Buy Server button is displayed in the upper right corner. If no, the read-only permission has taken effect.
Parent topic: Permission Management