Creating a User and Granting Permissions to Use RFS Based on Roles and Policies

To manage permissions for RFS based on roles and policies, you can use IAM. With IAM, you can:

Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for using RFS.
Grant only the permissions required for users to perform a specific task.
Entrust a Huawei Cloud account or cloud service to perform efficient O&M on your RFS resources.

If your Huawei Cloud account does not require individual IAM users, skip this section.

This section describes the procedure for granting permissions. Figure 1 shows the process flow.

Learn about the permissions supported by RFS.

Figure 1 Process for granting RFS permissions

Create a user group and assign permissions.
Create a user group on the IAM console, and assign the RF FullAccess policy to the group.
Create an IAM user and add it to the user group.
Create a user on the IAM console and add the user to the group created in 1.
Log in and verify permissions.
Log in to the management console as the created user. Switch to the authorized region. Perform the following operations. If they can be successfully performed, the permissions are successfully granted.
1. Choose Service List > Resource Formation Service. The RFS console is displayed.
2. In the navigation pane on the left, choose Templates > My Templates. In the upper right corner of the displayed page, click Create Template.
3. In the navigation pane on the left, choose Stacks. In the upper right corner of the displayed page, click Create Stack, and select the template created in the previous step for deployment.