Creating a User and Granting Permissions
IAM enables you to perform a refined management on your Cloud Eye service. It allows you to:
- Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing Cloud Eye resources.
- Grant different permissions to IAM users based on their job responsibilities.
- Entrust an account or a cloud service to perform efficient O&M on your Cloud Eye resources.
If your account does not require individual IAM users, skip this topic.
This topic describes the procedure for granting permissions (see Figure 1).
Prerequisites
You have learned about the system policies of Cloud Eye before assigning the preset Cloud Eye permissions to user groups (if needed). To associate custom permissions with a user group, ensure that you have created a custom Cloud Eye policy.
For details about the system policies supported by Cloud Eye and the comparison between these policies, see Permissions.
- Create a user group and assign permissions.
Create a user group on the IAM console, and attach the CES Administrator, Tenant Guest, and Server Administrator policies to the group.
- Cloud Eye is a region-specific service and must be deployed in specific physical regions. Cloud Eye permissions can be assigned and take effect only in specific regions. If you want a permission to take effect for all regions, assign it in all these regions. The global permission does not take effect.
- The preceding permissions are all Cloud Eye permissions. For more refined Cloud Eye permissions, see Permissions.
- Create an IAM user and log in. Create a user on the IAM console and add the user to the group created in 1.
- Log in and verify permissions.
Log in to the Cloud Eye console as the created user, and verify that the user only has the CES Administrator permissions. After you log in to the Cloud Eye console and use related functions, if no authentication failure message is displayed, the authorization is successful.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot