Help Center/ Message & SMS/ Service Overview/ Permission Management
Updated on 2024-07-05 GMT+08:00

Permission Management

If you need to assign different permissions to employees in your enterprise to access your Message & SMS resources, Identity and Access Management (IAM) is a good choice for fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you efficiently manage access to your Huawei Cloud resources.

You can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources. For example, some software developers in your enterprise need to use Message & SMS resources but must not delete them or perform any high-risk operations. To achieve this result, you can create IAM users for the software developers and grant them only the permissions required for using Message & SMS resources.

If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section.

IAM is free. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.

Message & SMS Permissions

By default, new IAM users do not have permissions. To assign permissions to new users, you need to add them to one or more groups, and attach roles to these groups. Users inherit permissions from the groups to which you add them and can perform specified operations on the Message & SMS service.

Message & SMS is a project-level service deployed and accessed in specific physical regions. To assign permissions to a user group, specify the scope as region-specific projects and select projects (for example, ap-southeast-1 for CN-Hong Kong) for the permissions to take effect. If All projects is selected, the permissions will apply to the user group in all region-specific projects. When accessing Message & SMS, users need to switch to a region where they have been authorized to use this service.

Permissions are granted based on roles.

Roles: A coarse-grained authorization mechanism that defines permissions related to user responsibilities. Only a limited number of service-level roles are available. Some roles depend other roles to take effect. When you assign such roles to users, remember to assign the roles they depend on. Roles are not ideal for finer authorization and access control.

Table 1 lists all the system-defined policies supported by Message & SMS.
Table 1 Message & SMS system-defined roles

Role

Description

Policy Type

Dependency

RTC Administrator

Full permissions for Voice Call, Message & SMS, and Private Number.

Role

None

MSGSMS FullAccess

Common user permissions for Message & SMS. Users granted these permissions can perform all operations supported by Message & SMS, including creation, deletion, and viewing, and modifying specifications.

System-defined policy

None

MSGSMS ReadOnlyAccess

Read-only permissions for Message & SMS. Users granted these permissions can only view Message & SMS statistics.

System-defined policy

None

Table 2 describes the operations supported by each system-defined permission of Message & SMS. Select the permissions as needed.

Table 2 Relationships between Message & SMS operations and system-defined policies

Operation

MSGSMS FullAccess

MSGSMS ReadOnlyAccess

Query the number of SMS applications

Query an SMS application

Query permissions

Query an SMS application secret

Query the reason for tenant restrictions

Query signature information

Query SMS types

Query signature names

Query an SMS template

Query and verify the tenant order status

Query developer information

Query SMS template names

Query SMS template variables

Query the name of a Group SMS Assistant task

Query Group SMS Assistant tasks

Query details of a Group SMS Assistant task result

Query SMS threshold policies

Query SMS statistics

Query a contact

Query historical request information

Query SMS overview statistics

Query message alert

Query the price of a single SMS

Query public settings

Query the tenant enterprise name

Query SMS destination country

Query SMS details

Query the effectiveness of the country whitelist

Query the country whitelist

Query a business license file

Deleting a signature key

x

Delete an SMS template

x

Delete a contact

x

Export recipient numbers of a Group SMS Assistant task

x

Export SMS statistics

x

Create an SMS application

x

Send a verification code

x

Add a signature

x

Modify a signature

x

Create an SMS template

x

Import a Group SMS Assistant task

x

Create a Group SMS Assistant task

x

Add a contact

x

Apply for unblocking

x

Update an SMS application secret

x

Modify an SMS application

x

Activate a signature

x

Modify an SMS template

x

Update a scheduled Group SMS Assistant task

x

Set SMS threshold policies

x

Modify contact information

x

Batch import SMS templates

x

Modify the effectiveness of the country whitelist

x

Add the country whitelist

x

Delete the country whitelist

x

Upload a business license file

x