Creating a User and Granting VPC Endpoint Permissions
Use IAM to implement fine-grained permissions control over your VPC Endpoint resources. With IAM, you can:
- Create IAM users for employees based on your enterprise's organizational structure. Each IAM user has their own security credentials for accessing VPC Endpoint resources.
- Grant only the permissions required for users to perform a specific task.
- Entrust a HUAWEI ID or a cloud service to perform efficient O&M on your VPC Endpoint resources.
If your HUAWEI ID does not need individual IAM users, skip this section.
This section describes the process flow for granting permissions (see Figure 1).
Prerequisites
You must learn about permissions (see Permissions) supported by VPC Endpoint and choose policies or roles according to your requirements. To grant permissions for other services, learn about all System Permissions supported by IAM.
Process Flow
- Create a user group and assign it permissions.
On the IAM console, create a user group and attach the VPCEndpoint Administrator policy to the group.
- Create an IAM user and add it to the created user group.
Create an IAM user and add it to the user group created in 1.
- Log in as the IAM user and verify permissions.
In the authorized region, perform the following operations:
- On the Service List page, choose VPC Endpoint. Click Buy VPC Endpoint in the upper right corner. If you can buy a VPC endpoint, the VPCEndpoint Administrator policy has already taken effect.
- Choose another service from Service List. If a message appears indicating that you have insufficient permissions to access the service, the VPCEndpoint Administrator policy has already taken effect.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
