Permission Management
If you need to assign different permissions to employees in your enterprise to access your Message & SMS resources, Identity and Access Management (IAM) is a good choice for fine-grained permissions management. IAM provides identity authentication, permissions management, and access control, helping you efficiently manage access to your Huawei Cloud resources.
You can use your Huawei Cloud account to create IAM users, and assign permissions to the users to control their access to specific resources. For example, some software developers in your enterprise need to use Message & SMS resources but must not delete them or perform any high-risk operations. To achieve this result, you can create IAM users for the software developers and grant them only the permissions required for using Message & SMS resources.
If your Huawei Cloud account does not require individual IAM users for permissions management, skip this section.
IAM is free. You pay only for the resources in your account. For more information about IAM, see IAM Service Overview.
Message & SMS Permissions
By default, new IAM users do not have permissions. To assign permissions to new users, you need to add them to one or more groups, and attach roles to these groups. Users inherit permissions from the groups to which you add them and can perform specified operations on the Message & SMS service.
Message & SMS is a project-level service deployed and accessed in specific physical regions. To assign permissions to a user group, specify the scope as region-specific projects and select projects (for example, ap-southeast-1 for CN-Hong Kong) for the permissions to take effect. If All projects is selected, the permissions will apply to the user group in all region-specific projects. When accessing Message & SMS, users need to switch to a region where they have been authorized to use this service.
Permissions are granted based on roles.
Roles: A coarse-grained authorization mechanism that defines permissions related to user responsibilities. Only a limited number of service-level roles are available. Some roles depend other roles to take effect. When you assign such roles to users, remember to assign the roles they depend on. Roles are not ideal for finer authorization and access control.
|
Role |
Description |
Policy Type |
Dependency |
|---|---|---|---|
|
RTC Administrator |
Full permissions for Voice Call, Message & SMS, and Private Number. |
Role |
None |
|
MSGSMS FullAccess |
Common user permissions for Message & SMS. Users granted these permissions can perform all operations supported by Message & SMS, including creation, deletion, and viewing, and modifying specifications. |
System-defined policy |
None |
|
MSGSMS ReadOnlyAccess |
Read-only permissions for Message & SMS. Users granted these permissions can only view Message & SMS statistics. |
System-defined policy |
None |
Table 2 describes the operations supported by each system-defined permission of Message & SMS. Select the permissions as needed.
|
Operation |
MSGSMS FullAccess |
MSGSMS ReadOnlyAccess |
|---|---|---|
|
Query the number of SMS applications |
√ |
√ |
|
Query an SMS application |
√ |
√ |
|
Query permissions |
√ |
√ |
|
Query an SMS application secret |
√ |
√ |
|
Query the reason for tenant restrictions |
√ |
√ |
|
Query signature information |
√ |
√ |
|
Query SMS types |
√ |
√ |
|
Query signature names |
√ |
√ |
|
Query an SMS template |
√ |
√ |
|
Query and verify the tenant order status |
√ |
√ |
|
Query developer information |
√ |
√ |
|
Query SMS template names |
√ |
√ |
|
Query SMS template variables |
√ |
√ |
|
Query the name of a Group SMS Assistant task |
√ |
√ |
|
Query Group SMS Assistant tasks |
√ |
√ |
|
Query details of a Group SMS Assistant task result |
√ |
√ |
|
Query SMS threshold policies |
√ |
√ |
|
Query SMS statistics |
√ |
√ |
|
Query a contact |
√ |
√ |
|
Query historical request information |
√ |
√ |
|
Query SMS overview statistics |
√ |
√ |
|
Query message alert |
√ |
√ |
|
Query the price of a single SMS |
√ |
√ |
|
Query public settings |
√ |
√ |
|
Query the tenant enterprise name |
√ |
√ |
|
Query SMS destination country |
√ |
√ |
|
Query SMS details |
√ |
√ |
|
Query the effectiveness of the country whitelist |
√ |
√ |
|
Query the country whitelist |
√ |
√ |
|
Query a business license file |
√ |
√ |
|
Deleting a signature key |
√ |
x |
|
Delete an SMS template |
√ |
x |
|
Delete a contact |
√ |
x |
|
Export recipient numbers of a Group SMS Assistant task |
√ |
x |
|
Export SMS statistics |
√ |
x |
|
Create an SMS application |
√ |
x |
|
Send a verification code |
√ |
x |
|
Add a signature |
√ |
x |
|
Modify a signature |
√ |
x |
|
Create an SMS template |
√ |
x |
|
Import a Group SMS Assistant task |
√ |
x |
|
Create a Group SMS Assistant task |
√ |
x |
|
Add a contact |
√ |
x |
|
Apply for unblocking |
√ |
x |
|
Update an SMS application secret |
√ |
x |
|
Modify an SMS application |
√ |
x |
|
Activate a signature |
√ |
x |
|
Modify an SMS template |
√ |
x |
|
Update a scheduled Group SMS Assistant task |
√ |
x |
|
Set SMS threshold policies |
√ |
x |
|
Modify contact information |
√ |
x |
|
Batch import SMS templates |
√ |
x |
|
Modify the effectiveness of the country whitelist |
√ |
x |
|
Add the country whitelist |
√ |
x |
|
Delete the country whitelist |
√ |
x |
|
Upload a business license file |
√ |
x |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
