User Overview
You can add developer accounts (that is, member accounts) to the same account to implement collaborative development. That is, all developers under the same account can share application resources, such as viewing and using created applications, flows, and scripts.
Enterprise Administrator
When you successfully sign up for Huawei Cloud, your account is automatically created. Your account has full access permissions for your cloud services and resources and makes payments for the use of these resources. After login using an account, you will see a user marked Enterprise administrator on the Users page of the IAM console.
Instance Administrator
An IAM user created by an enterprise administrator with Astro Zero Instance ManageAccess can apply for a free instance or purchase a commercial one. Choose User Security > Users. You can see that the profile is System Administrator Profile.
System Administrator
IAM users added by a HUAWEI ID or Instance Administrator and assigned System Administrator Profile under the same HUAWEI ID have full operational permissions but cannot manage instances. Choose User Security > Users. You can see that the profile is also System Administrator Profile.
If the system administrator needs to add other IAM users to Huawei Cloud Astro Zero, the user group to which the system administrator belongs must have the Astro Zero Instance ViewAccess and Astro Zero IAM User QueryAccess profiles.
User
IAM or WeLink users added by the administrator and assigned the Developer Profile profile are application developers.
When adding an IAM user to Huawei Cloud Astro Zero and assigning them Developer Profile, ensure the IAM user is either not added to any user group or is added to a user group with Astro Zero Instance ViewAccess.
In Huawei Cloud Astro Zero, users can perform the following operations:
Portal User
Portal users refer to the user accounts for accessing applications developed in Huawei Cloud Astro Zero, that is, application users. Choose Configuration Center > Organizations & Users > Users to create and manage portal users. After a portal user is added to Huawei Cloud Astro Zero, the user has the Portal User Profile profile by default.
Understanding Preset Profiles
Profiles are used to control the operation permissions of users and portal users. The platform provides the following standard profiles:
- System Administrator Profile: grants users full permissions.
- Developer Profile: grants developer permissions, typically assigned to users. These users can perform development tasks on the platform, such as adding objects, fields, and processes.
- Portal User Profile: grants portal user permissions, typically assigned to portal users. These portal users can log in and use applications created in the platform.
- Anonymous User Profile: grants access permissions to guest users, allowing them to access applications created in the platform without logging in.
- Standard User Profile: grants permissions to run system processes and create, view, modify, and delete records of existing system objects when the service is enabled. This profile does not include development permissions, such as adding objects or processes.
- NoCode Developer Profile: grants permission for no-code application development and is preset only in the runtime environment.
- NoCode Manager Profile: grants permission for managing no-code application data and is preset only in the runtime environment.
A profile can be assigned to multiple users, but each user can belong to only one profile. For details about the permissions in a profile, see Table 1.
You can customize a profile based on the default profiles. For details, see Creating a Permission Set.
|
Permission |
Description |
|---|---|
|
View Metadata |
Mandatory permission for users to access metadata. This permission is displayed only on the console and cannot be canceled. |
|
Develop Application |
The highest permission in the system. With this permission, you can customize all customizable parts in the system. By default, you have other permissions. |
|
View All User |
Permission to view the user list and user details. |
|
View Roles |
Permission to view the role list and role details. |
|
Managing Roles |
Permission to add, delete, and modify the permissions of a role. |
|
View Profiles |
Permission to view the profile list and profile details. |
|
View Permission Sets |
Permission to view the permission list and permission details. |
|
View Groups |
Permission to view the group list and group details. |
|
Manage Groups |
Permission to add, delete, and modify the permissions of a public group. |
|
View Queues |
Permission to view the queue list and queue details. |
|
Manage Queues |
Permission to add, delete, and modify queues. |
|
View Portal User |
Permission to view the portal user and portal user details. |
|
Managing Portal User |
Permission to add, delete, and modify the permissions of a portal user. |
|
View Service Permissions Credential |
Permission to view the service permission credential list and service permission credential details. |
|
View System Configuration |
Permission to view the system settings. |
|
View Alarm Template/Record |
Permission to view the alarm list and alarm details. |
|
Manage Alarm Template/Record |
Permission to add and modify alarm definitions. |
|
View BPM |
Permission to view the BPM definition list and details, including decision tables and triggers associated with the BPM. |
|
Manage BPM Instances |
Permission to modify BPM instance details. |
|
View Flows |
View the flow definition list and details. |
|
View Scripts |
Permission to view the script list and details. |
|
View TimedTasks |
Permission to view the scheduled task list and details. |
|
Run limited import tasks |
Permission to view the data import and data import template areas and upload data import templates. |
|
View Reports |
Permission to view the report list and details. |
|
Run Reports |
Permission to view the running instance of a report. |
|
View Dashboards |
Permission to view the dashboard list and details. |
|
Run Dashboards |
Permission to view the running instance of a dashboard. |
|
View All Dashboards |
Permission to view the tenant dashboard and application dashboard. |
|
Manage Dashboards |
Permission to perform operations on the tenant dashboard and application dashboard. |
|
Manage Views |
Permission to add, delete, and modify the permissions of a view. |
|
Update Object Data |
Permission to update object data and synchronize data. |
|
View All Data |
Permission to view all data. If this option is selected, the permission on a single object will be ignored. |
|
Run SQL |
Permission to execute SQL statements. |
|
View Encrypted Data |
Permission to view the plaintext of encrypted data. |
|
View Tenant Trace Logs |
Permission to view tenant tracing logs. |
|
View Privacy Data |
Permission to view some sensitive data objects in the form of data objects, such as permission configuration and connector definition. |
|
Manage Data |
Permission to operate any object on the data console. |
|
Manage Bulletins |
A developer with this permission can add, delete, and edit bulletins on the workbench page. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
