How Do I Grant Cloud Service Permissions in the ME-Abu Dhabi-OP5 Region to IAM Users?

Symptom

You have enabled cloud services in the ME-Abu Dhabi-OP5 region as an administrator, and need to authorize IAM users in your account to use cloud services in this region.

Users access cloud services in the ME-Abu Dhabi-OP5 region as virtual users authorized through federated authentication. They are not real users who exist in the cloud service system, and need to be authorized in HUAWEI CLOUD's default regions and the ME-Abu Dhabi-OP5 region, respectively.

Prerequisites

You have created an IAM user in a default region of HUAWEI CLOUD and added the user to a user group. For example, you have created IAM user User-001 and added them to user group UserGroup-001. For details, see Creating an IAM User and Adding Users to or Removing Users from a User Group.

Procedure

1. Log in to HUAWEI CLOUD as an administrator, click on the console homepage, and select the ME-Abu Dhabi-OP5 region.
2. On the console of the ME-Abu Dhabi-OP5 region, choose Management & Deployment > Identity and Access Management.
3. On the IAM console, choose User Groups from the navigation pane, and click Create User Group in the upper right corner to create a group with the same name (UserGroup-001).
4. On the User Groups page, click Modify in the row that contains the user group created in 3.
5. In the Group Permissions area, click Attach Policy in the row that contains the target region for user authorization, select desired permissions, and click OK.

   The permissions assigned to this group will also apply to IAM users in the user group in HUAWEI CLOUD.

6. Click OK. IAM user authorization for the ME-Abu Dhabi-OP5 region is completed.

After the authorization, log in to the HUAWEI CLOUD console as an IAM user, switch to the ME-Abu Dhabi-OP5 region, and use cloud resources as specified by the assigned permissions.