Permissions Management
If you need to assign different permissions to employees in your enterprise to access your OCR resources, IAM is a good choice for fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you secure access to your Huawei Cloud resources.
If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section.
With IAM, you can use your Huawei Cloud account to create IAM users, and grant permissions to the users to control their access to specific resources. For example, some software developers in your enterprise need to use OCR but should not be allowed to delete other OCR resources or perform any other high-risk operations. In this scenario, you can create IAM users for the software developers and grant them only the permissions required for using OCR resources.
IAM is free of charge. You pay only for the resources you use. For more information about IAM, see IAM Service Overview.
OCR Permissions
By default, new IAM users do not have permissions assigned. You need to add a user to one or more groups, and attach permissions policies or roles to these groups. Users inherit permissions from the groups to which they are added and can perform specified operations on cloud services based on the permissions.
OCR is a project-level service deployed and accessed in specific physical regions. To assign OCR permissions to a user group, specify the scope as region-specific projects and select projects such as ap-southeast-1 for the permissions to take effect. If All projects is selected, the permissions will take effect for the user group in all region-specific projects. When accessing OCR, the users need to switch to a region where they have been authorized to use this service.
Table 1 lists all the system roles supported by OCR.
Policy |
Description |
Type |
Dependency |
|---|---|---|---|
OCR FullAccess |
All permissions |
System policy |
None |
OCR ReadOnlyAccess |
Read-only access |
System policy |
None |
Table 2 lists the common operations supported by each system policy.
Action |
Description |
OCR FullAccess |
OCR ReadOnlyAccess |
|---|---|---|---|
ocr:passport:subscribe |
Subscribes to Passport OCR. |
√ |
× |
ocr:passport:unsubscribe |
Unsubscribes from Passport OCR. |
√ |
× |
ocr:passport:getSubscribeUserList |
Queries the list of users who have subscribed to Passport OCR. |
√ |
√ |
ocr:passport:subscribeAllUsers |
Subscribes to Passport OCR for other sub-users. |
√ |
× |
ocr:passport:unsubscribeAllUsers |
Unsubscribes from Passport OCR for other sub-users. |
√ |
× |
ocr:webImage:subscribe |
Subscribes to Web Image OCR. |
√ |
× |
ocr:webImage:unsubscribe |
Unsubscribes from Web Image OCR. |
√ |
× |
ocr:webImage:getSubscribeUserList |
Queries the list of users who have subscribed to Web Image OCR. |
√ |
√ |
ocr:webImage:subscribeAllUsers |
Subscribes to Web Image OCR for other sub-users. |
√ |
× |
ocr:webImage:unsubscribeAllUsers |
Unsubscribes from Web Image OCR for other sub-users. |
√ |
× |
ocr:hkIdCard:subscribe |
Subscribes to Hong Kong ID Card OCR. |
√ |
× |
ocr:hkIdCard:unsubscribe |
Unsubscribes from Hong Kong ID Card OCR. |
√ |
× |
ocr:hkIdCard:getSubscribeUserList |
Queries the list of users who have subscribed to Hong Kong ID Card OCR. |
√ |
√ |
ocr:hkIdCard:subscribeAllUsers |
Subscribes to Hong Kong ID Card OCR for other sub-users. |
√ |
× |
ocr:hkIdCard:unsubscribeAllUsers |
Unsubscribes from Hong Kong ID Card OCR for other sub-users. |
√ |
× |
ocr:macaoIdCard:subscribe |
Subscribes to Macao Resident ID Card OCR. |
√ |
× |
ocr:macaoIdCard:unsubscribe |
Unsubscribes from Macao Resident ID Card OCR. |
√ |
× |
ocr:macaoIdCard:getSubscribeUserList |
Queries the list of users who have subscribed to Macao Resident ID Card OCR. |
√ |
√ |
ocr:macaoIdCard:subscribeAllUsers |
Subscribes to Macao Resident ID Card OCR for other sub-users. |
√ |
× |
ocr:macaoIdCard:unsubscribeAllUsers |
Unsubscribes from Macao Resident ID Card OCR for other sub-users. |
√ |
× |
ocr:exitEntryPermit:subscribe |
Subscribes to Exit-Entry Permit for Traveling to and from Hong Kong, Macao, and Taiwan OCR. |
√ |
× |
ocr:exitEntryPermit:unsubscribe |
Unsubscribes from Exit-Entry Permit for Traveling to and from Hong Kong, Macao, and Taiwan OCR. |
√ |
× |
ocr:exitEntryPermit:getSubscribeUserList |
Queries the list of users who have subscribed to Exit-Entry Permit for Traveling to and from Hong Kong, Macao, and Taiwan OCR. |
√ |
√ |
ocr:exitEntryPermit:subscribeAllUsers |
Subscribes to Exit-Entry Permit for Traveling to and from Hong Kong, Macao, and Taiwan OCR for other sub-users. |
√ |
× |
ocr:exitEntryPermit:unsubscribeAllUsers |
Unsubscribes from Exit-Entry Permit for Traveling to and from Hong Kong, Macao, and Taiwan OCR for other sub-users. |
√ |
× |
ocr:mainlandTravelPermit:subscribe |
Subscribes to Mainland Travel Permit for Hong Kong, Macao, and Taiwan Residents OCR. |
√ |
× |
ocr:mainlandTravelPermit:unsubscribe |
Unsubscribes from Mainland Travel Permit for Hong Kong, Macao, and Taiwan Residents OCR. |
√ |
× |
ocr:mainlandTravelPermit:getSubscribeUserList |
Queries the list of users who have subscribed to Mainland Travel Permit for Hong Kong, Macao, and Taiwan Residents OCR. |
√ |
√ |
ocr:mainlandTravelPermit:subscribeAllUsers |
Subscribes to Mainland Travel Permit for Hong Kong, Macao, and Taiwan Residents OCR for other sub-users. |
√ |
× |
ocr:mainlandTravelPermit:unsubscribeAllUsers |
Unsubscribes from Mainland Travel Permit for Hong Kong, Macao, and Taiwan Residents OCR for other sub-users. |
√ |
× |
ocr:myanmarIdCard:subscribe |
Subscribes to Myanmar ID Card OCR. |
√ |
× |
ocr:myanmarIdCard:unsubscribe |
Unsubscribes from Myanmar ID Card OCR. |
√ |
× |
ocr:myanmarIdCard:getSubscribeUserList |
Queries the list of users who have subscribed to Myanmar ID Card OCR. |
√ |
√ |
ocr:myanmarIdCard:subscribeAllUsers |
Subscribes to Myanmar ID Card OCR for other sub-users. |
√ |
× |
ocr:myanmarIdCard:unsubscribeAllUsers |
Unsubscribes from Myanmar ID Card OCR for other sub-users. |
√ |
× |
ocr:myanmarDriverLicense:subscribe |
Subscribes to Myanmar Driving License OCR. |
√ |
× |
ocr:myanmarDriverLicense:unsubscribe |
Unsubscribes from Myanmar Driving License OCR. |
√ |
× |
ocr:myanmarDriverLicense:getSubscribeUserList |
Queries the list of users who have subscribed to Myanmar Driving License OCR. |
√ |
√ |
ocr:myanmarDriverLicense:subscribeAllUsers |
Subscribes to Myanmar Driving License OCR for other sub-users. |
√ |
× |
ocr:myanmarDriverLicense:unsubscribeAllUsers |
Unsubscribes from Myanmar Driving License OCR for other sub-users. |
√ |
× |
ocr:thailandLicensePlate:subscribe |
Subscribes to Thailand Plate Number OCR. |
√ |
× |
ocr:thailandLicensePlate:unsubscribe |
Unsubscribes from Thailand Plate Number OCR. |
√ |
× |
ocr:thailandLicensePlate:getSubscribeUserList |
Queries the list of users who have subscribed to Thailand Plate Number OCR. |
√ |
√ |
ocr:thailandLicensePlate:subscribeAllUsers |
Subscribes to Thailand Plate Number OCR for other sub-users. |
√ |
× |
ocr:thailandLicensePlate:unsubscribeAllUsers |
Unsubscribes from Thailand Plate Number OCR for other sub-users. |
√ |
× |
ocr:thailandIdCard:subscribe |
Subscribes to Thailand ID Card OCR. |
√ |
× |
ocr:thailandIdCard:unsubscribe |
Unsubscribes from Thailand ID Card OCR. |
√ |
× |
ocr:thailandIdCard:getSubscribeUserList |
Queries the list of users who have subscribed to Thailand ID Card OCR. |
√ |
√ |
ocr:thailandIdCard:subscribeAllUsers |
Subscribes to Thailand ID Card OCR for other sub-users. |
√ |
× |
ocr:thailandIdCard:unsubscribeAllUsers |
Unsubscribes from Thailand ID Card OCR for other sub-users. |
√ |
× |
ocr:cambodianIdcard:subscribe |
Subscribes to Cambodian ID Card OCR. |
√ |
× |
ocr:cambodianIdcard:unsubscribe |
Unsubscribes from Cambodian ID Card OCR. |
√ |
× |
ocr:cambodianIdcard:getSubscribeUserList |
Queries the list of users who have subscribed to Cambodian ID Card OCR. |
√ |
√ |
ocr:cambodianIdcard:subscribeAllUsers |
Subscribes to Cambodian ID Card OCR for other sub-users. |
√ |
× |
ocr:cambodianIdcard:unsubscribeAllUsers |
Unsubscribes from Cambodian ID Card OCR for other sub-users. |
√ |
× |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
