Help Center/ Cloud Connect/ FAQs/ Permissions/ How Can I Grant Cloud Connect Permissions to IAM Users?
Updated on 2022-07-07 GMT+08:00

How Can I Grant Cloud Connect Permissions to IAM Users?

You can use IAM to implement fine-grained permissions control for your Cloud Connect resources. With IAM, you can:

  • Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing Cloud Connect resources.
  • Grant only the permissions required for users to perform a specific task.
  • Delegate a Huawei Cloud account to manage your Cloud Connect resources or a cloud service to access your Cloud Connect resources.

Skip this part if you do not require individual IAM users for refined permissions management.

Figure 1 shows the process for granting permissions.

Prerequisites

Before you assign permissions to a user group, you need to know the Cloud Connect permissions that you can assign to the user group and select permissions based on service requirements. For details about system permissions of Cloud Connect, see Permissions. For the system policies of other services, see System Permissions.

Process Flow

Figure 1 Process for granting Cloud Connect permissions
  1. Create a user group and assign permissions to it.

    Create a user group on the IAM console and assign the Cross Connect Administrator policy to the group.

  2. Create an IAM user.

    Create a user on the IAM console and add the user to the group created in 1.

  3. Log in and verify permissions.

    Log in to the Cloud Connect console using the created user and verify that the user only has the assigned permissions for Cloud Connect.

    • Hover on the upper left corner to display Service List and choose Networking > Cloud Connect. Click Create Cloud Connection in the upper right corner. If the cloud connection can be created, the Cross Connect Administrator policy has taken effect.
    • Choose any other service in the Service List. A message will appear indicating that you have sufficient permissions to access the service.