Help Center/ Intelligent EdgeFabric/ User Guide/ User Guide (Platinum)/ Permissions Management/ Creating a User and Granting Permissions
Updated on 2023-11-24 GMT+08:00
View PDF

Creating a User and Granting Permissions

This section describes how to use IAM to implement fine-grained permissions control for your IEF resources. With IAM, you can:

Entrust a cloud account or cloud service to perform efficient O&M on your IEF resources.

If your account does not need individual IAM users, you may skip over this section.

This section describes the procedure for granting permissions (see Figure 1).

IEF supports only operation-level permission management and does not support resources or request conditions.

Prerequisites

Learn about the permissions (see ) supported by IEF. For the system-defined policies of other services, see .

Process Flow

Figure 1 Process for granting IEF permissions
  1. Create a user group and assign permissions to it.

    Create a user group on the IAM console, and assign the IEF ReadOnlyAccess policy to the group. When assigning permissions to a user group, set Scope to Region-specific projects, and set parameters according to the following rules:

    • To assign permissions in certain regions, select one or more specified projects, for example, cn-north-4 [CN North-Beijing4]. Note: If you select All Projects in this scenario, the authorization will not take effect.
    • To assign permissions in all regions, select All projects.
    Figure 2 Assigning permissions in certain regions
    Figure 3 Assigning permissions in all regions
  2. Create an IAM user.

    Create a user on the IAM console and add the user to the group created in 1.

  3. Log in and verify permissions.

    Log in to the management console as the user you created and verify that the user has the assigned permissions.

    • Choose Intelligent EdgeFabric from Service List. In the navigation pane, choose Managed Resources > Edge Nodes. On the displayed page, click Register Edge Node in the upper right corner. If you cannot register an edge node, the IEF ReadOnlyAccess policy has taken effect.
    • Choose any other service from Service List. If a message appears indicating that you have insufficient permissions to access the service, the IEF ReadOnlyAccess policy has already taken effect.
Parent topic: Permissions Management