Help Center/
MapReduce Service/
Component Operation Guide (LTS) (Ankara Region)/
Using KMS/
Permission Control/
Creating a KMS Role
Updated on 2024-11-29 GMT+08:00
Creating a KMS Role
Scenario
Create and configure a KMS role on FusionInsight Manager as an MRS cluster administrator. The KMS role can configure key management permissions and key operation permissions.
Procedure
- Log in to FusionInsight Manager, and choose System > Permission > Role.
- On the displayed page, click Create Role and specify Role Name and Description.
- In the Configure Resource Permission area, set permissions as described in Table 1.
- Key Management Permission: permission to perform all key management operations, including createKey, deleteKey, and rolloverNewVersion
- Specify key permissions:
- management: permission to manage this key, including createKey, deleteKey, and rolloverNewVersion
- view: permission to perform all read operations on this key. However, the createKey, deleteKey, and rolloverNewVersion operations cannot be performed.
Table 1 Setting roles Scenario
Role Authorization
Setting the key management permission
In the Configure Resource Permission area, choose Name of the desired cluster > KMS, and select Key Management Permission.
Setting operation permissions of a specified key
- In the Configure Resource Permission area, choose Name of the desired cluster > KMS > Keys.
- In the resource list, click a required resource name. In the Permission column, select required permissions.
Users in the default kmsadmin group have the read permission to read all keys in KMS.
- Click OK. Return to the Role page.
Parent topic: Permission Control
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
