Help Center/ CloudTable Service/ User Guide/ Permissions Management/ Creating a User and Granting Permissions
Updated on 2024-04-29 GMT+08:00
View PDF

Creating a User and Granting Permissions

This chapter describes IAM fine-grained permissions management for your CloudTable. With IAM, you can:

  • Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing CloudTable resources.
  • Grant only the permissions required for users to perform a task.
  • Entrust a HUAWEI CLOUD account or service to perform professional and efficient O&M on your CloudTable resources.

If your HUAWEI CLOUD account does not require individual IAM users, skip this chapter.

This section describes the procedure for granting permissions (see Figure 1).

Prerequisites

  • CloudTable does not support fine-grained policies. It supports only the system-defined role cloudtable Administrator. The default system role cloudtable Administrator of CloudTable applies only to accounts that have not enabled the enterprise project function. If the enterprise project function has been enabled, use the IAM custom policy to grant permissions to users.
  • Learn about the permissions (see CloudTable System-Defined Permissions) supported by CloudTable and choose policies or roles according to your requirements. For the system policies of other services, see Permissions Policies.

Process Flow

Figure 1 Process for granting CloudTable permissions
  1. Create a user group and assign permissions to it.

    Log in to the IAM console, create a user group, and assign the cloudtable Administrator permission to it.

  2. Create a user and add it to a user group.

    Create a user on the IAM console and add the user to the group created in Step 1.

  3. Log in and verify permissions.

    Log in to the console by using the user created, and verify that the user has the granted permissions.

    • Choose Service List > CloudTable Service. Then click Buy Cluster on the CloudTable console. If the cluster can be created (for example, there is only the cloudtable Administrator permission), the cloudtable Administrator permission has already taken effect
    • Choose any other service in the Service List (for example, there is only the cloudtable Administrator policy). If a message appears indicating insufficient permissions to access the service, the cloudtable Administrator policy has already taken effect.
Parent topic: Permissions Management