Permissions
If you need to assign different permissions to employees in your enterprise to access your VPC Endpoint resources, you can use Identity and Access Management (IAM) to manage fine-grained permissions. IAM provides identity authentication, permissions management, and access control, helping you to securely access your Huawei Cloud resources.
With IAM, you can use your HUAWEI ID to create IAM users and assign permissions to control their access to specific Huawei Cloud resources. For example, if you want website maintenance personnel in your enterprise to use VPC Endpoint resources but do not want them to delete other cloud resources or perform any other high-risk operations, you can create IAM users and grant only permissions to use VPC Endpoint resources.
If your HUAWEI ID does not require individual IAM users for permissions management, you can skip this section.
IAM is a free service. You only pay for the resources in your account.
For more information about IAM, see IAM Service Overview.
VPC Endpoint Permissions
New IAM users do not have any permissions assigned by default. You need to first add them to one or more groups and attach policies or roles to these groups. The users then inherit permissions from the groups and can perform specified operations on cloud services based on the permissions they have been assigned.
VPC Endpoint is a project-level service deployed for specific regions. You need to select a project such as ap-southeast-2 for which the permissions will be granted. If you select All projects, the permissions will be granted for all the projects. When accessing VPC Endpoint, the users need to switch to the authorized region.
Table 2 lists the common operations supported by system-defined permissions for VPC Endpoint.
Operation |
VPCEndpoint Administrator |
---|---|
Creating a VPC endpoint |
√ |
Deleting a VPC endpoint |
√ |
Querying a VPC endpoint |
√ |
Modifying a VPC endpoint |
√ |
Creating a VPC endpoint service |
√ |
Deleting a VPC endpoint service |
√ |
Querying a VPC endpoint service |
√ |
Modifying a VPC endpoint service |
√ |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot