Creating a User and Granting DMS for RocketMQ Permissions
This section describes how to use Identity and Access Management (IAM) for fine-grained permissions control for your Distributed Message Service (DMS) for RocketMQ resources. With IAM, you can:
- Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing DMS for RocketMQ resources.
- Manage permissions on a principle of least permissions (PoLP) basis.
- Entrust a Huawei Cloud account or cloud service to perform efficient O&M on your DMS for RocketMQ resources.
If your Huawei Cloud account does not need IAM, skip this section.
This section describes the procedure for granting permissions (see Figure 1).
Prerequisites
Learn about the permissions (see Permissions Management) supported by DMS for RocketMQ and choose policies or roles according to your requirements. For the system policies of other services, see System Permissions.
Process Flow
- Create a user group and assign permissions.
Create a user group on the IAM console, and assign the DMS ReadOnlyAccess policy to the group.
- Create a user and add it to the user group.
Create a user on the IAM console and add the user to the group created in 1.
- Log in as the created user and verify permissions.
Log in to the DMS for RocketMQ console using the user you just created, and verify that the user has the administrator permissions for DMS for RocketMQ.
Feedback
Was this page helpful?
Provide feedbackFor any further questions, feel free to contact us through the chatbot.
Chatbot
