vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/dds/umn/dds_03_0060.html
Wang , Deng Ke ba65944bfd Added version 4.2. 
Reviewed-by: Boka, Ladislav <ladislav.boka@t-systems.com>
Co-authored-by: Wang , Deng Ke <wangdengke2@huawei.com>
Co-committed-by: Wang , Deng Ke <wangdengke2@huawei.com>
2023-07-11 13:21:20 +00:00

27 lines
4.1 KiB
HTML
Raw Blame History

<a name="dds_03_0060"></a><a name="dds_03_0060"></a>
<h1 class="topictitle1">Creating a User and Granting Permissions</h1>
<div id="body0000001540351181"><p id="dds_03_0060__p19958175921417">This section describes how to use IAM to implement fine-grained permissions control for your DDS resources. With IAM, you can:</p>
<ul id="dds_03_0060__ul633893031517"><li id="dds_03_0060__li1933853091512">Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials, providing access to DDS resources.</li><li id="dds_03_0060__li103671143201516">Grant only the permissions required for users to perform a task.</li><li id="dds_03_0060__li933843091519">Entrust an account or cloud service to perform professional and efficient O&amp;M on your DDS resources.</li></ul>
<p id="dds_03_0060__p1777341617">If your account does not need individual IAM users, then you may skip over this topic.</p>
<p id="dds_03_0060__p445162045919">This section describes the procedure for granting permissions (see <a href="#dds_03_0060__fig15125554595">Figure 1</a>).</p>
<div class="section" id="dds_03_0060__section64352220313"><h4 class="sectiontitle"><strong id="dds_03_0060__b20377113133713">Prerequisites</strong></h4><p id="dds_03_0060__p1743265211294">Learn about the permissions (see <a href="dds_01_0019.html">Permissions Management</a>) supported by DDS and choose policies or roles according to your requirements. For the system policies of other services, see Permissions Policies.</p>
</div>
<div class="section" id="dds_03_0060__section911043123119"><h4 class="sectiontitle">Process Flow</h4><div class="fignone" id="dds_03_0060__fig15125554595"><a name="dds_03_0060__fig15125554595"></a><a name="fig15125554595"></a><span class="figcap"><b>Figure 1 </b>Process for granting DDS permissions</span><br><span><img id="dds_03_0060__image85121155155915" src="en-us_image_0000001490031014.png"></span></div>
</div>
<ol id="dds_03_0060__ol12472231404"><li id="dds_03_0060__li124716231010"><a name="dds_03_0060__li124716231010"></a><a name="li124716231010"></a><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0030.html" target="_blank" rel="noopener noreferrer">Create a user group and assign permissions</a> to it.<p id="dds_03_0060__p324742314015">Create a user group on the IAM console, and assign the <strong id="dds_03_0060__b253851023112">DDS FullAccess</strong> policy to the group.</p>
<div class="note" id="dds_03_0060__note79931104406"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="dds_03_0060__p1281535812572">To use some interconnected services, you also need to configure permissions of such services.</p>
<p id="dds_03_0060__p537195714617">For example, when using DAS to connect to a DB instance, you need to configure the DDS FullAccess and DAS FullAccess permissions.</p>
</div></div>
</li><li id="dds_03_0060__li82477231208"><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0031.html" target="_blank" rel="noopener noreferrer">Create an IAM user</a> and add it to a user group.<p id="dds_03_0060__p82471423008">Create a user on the IAM console and add the user to the group created in <a href="#dds_03_0060__li124716231010">1</a>.</p>
</li><li id="dds_03_0060__li924717231300"><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0032.html" target="_blank" rel="noopener noreferrer">Log in</a> and verify permissions.<p id="dds_03_0060__p3247122311018">Log in to the DDS console by using the newly created user, and verify that the user only has read permissions for DDS.</p>
<p id="dds_03_0060__p11741165474718">Choose <strong id="dds_03_0060__b47794619243">Service List</strong> &gt; <strong id="dds_03_0060__b3753549102414">Document Database Service</strong> and click <strong id="dds_03_0060__b193135432412">Buy DB Instance</strong>. If you can buy a DDS DB instance, the required permission policies have taken effect.</p>
</li></ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dds_03_0062.html">Permissions Management</a></div>
</div>
</div>
View Git Blame Copy Permalink