vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/lts/umn/lts_04_0015.html
Liu, Siying 35cd899fe1 LTS UMN 20230609 version. 
Reviewed-by: Mützel, Andrea <andrea.muetzel@t-systems.com>
Co-authored-by: Liu, Siying <liusiying@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-committed-by: Liu, Siying <liusiying@noreply.gitea.eco.tsi-dev.otc-service.com>
2023-08-08 15:12:51 +00:00

17 lines
4.6 KiB
HTML
Raw Blame History

<a name="lts_04_0015"></a><a name="lts_04_0015"></a>
<h1 class="topictitle1">Permissions Management</h1>
<div id="body32001227"><p id="lts_04_0015__en-us_topic_0191978428_p198079372297">This chapter describes how to use <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0026.html" target="_blank" rel="noopener noreferrer">Identity and Access Management (IAM)</a> for fine-grained permissions control for your LTS. With IAM, you can:</p>
<ul id="lts_04_0015__en-us_topic_0191978428_ul1848820457453"><li id="lts_04_0015__en-us_topic_0191978428_li348974516454">Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing LTS resources</li><li id="lts_04_0015__en-us_topic_0191978428_li11681126173515">Grant only the permissions required for users to perform a specific task.</li><li id="lts_04_0015__en-us_topic_0191978428_li12185165313915">Entrust an account or a cloud service to perform professional and efficient O&amp;M on your LTS resources.</li></ul>
<p id="lts_04_0015__en-us_topic_0191978428_p14662743155318">If your account meets your permissions requirements, skip this section.</p>
<p id="lts_04_0015__en-us_topic_0191978428_p158501603165">This section describes the procedure for granting user permissions. <a href="#lts_04_0015__en-us_topic_0191978428_fig1591121431319">Figure 1</a> shows the process flow.</p>
<div class="section" id="lts_04_0015__en-us_topic_0191978428_section17723185741610"><h4 class="sectiontitle">Prerequisites</h4><p id="lts_04_0015__en-us_topic_0191978428_p17286682272">Before granting permissions to user groups, learn about "Permissions Management" in the section <em id="lts_04_0015__en-us_topic_0191978428_i316523211329">Service Overview</em>) for LTS and select the permissions as required. For system permissions of other cloud services, see <a href="https://docs.otc.t-systems.com/permissions/index.html" target="_blank" rel="noopener noreferrer">Permissions</a> supported by IAM.</p>
</div>
<div class="section" id="lts_04_0015__en-us_topic_0191978428_section1251605871216"><h4 class="sectiontitle">Process Flow</h4><div class="fignone" id="lts_04_0015__en-us_topic_0191978428_fig1591121431319"><a name="lts_04_0015__en-us_topic_0191978428_fig1591121431319"></a><a name="en-us_topic_0191978428_fig1591121431319"></a><span class="figcap"><b>Figure 1 </b>Process of granting permissions to a user</span><br><span><img id="lts_04_0015__en-us_topic_0191978428_image4822187201314" src="en-us_image_0231061605.png"></span></div>
<ol id="lts_04_0015__en-us_topic_0191978428_ol10176191312813"><li id="lts_04_0015__en-us_topic_0191978428_li1777449128"><a name="lts_04_0015__en-us_topic_0191978428_li1777449128"></a><a name="en-us_topic_0191978428_li1777449128"></a>Log in to the IAM console. Create a user group on the IAM console and grant the <strong id="lts_04_0015__en-us_topic_0191978428_b1231154018307">LTS FullAccess</strong> permission to the user group. For details, see <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0030.html" target="_blank" rel="noopener noreferrer">Create a user group and grant it permissions</a>.<div class="note" id="lts_04_0015__en-us_topic_0191978428_note36614429366"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="lts_04_0015__en-us_topic_0191978428_p6661124263616">If you select the <strong id="lts_04_0015__en-us_topic_0191978428_b1346252205311">LTS FullAccess</strong> permissions, the <strong id="lts_04_0015__en-us_topic_0191978428_b15346195215536">Tenant Guest</strong> policy that the permission depends on is automatically selected. You also need to grant the <strong id="lts_04_0015__en-us_topic_0191978428_b33465521538">Tenant Administrator</strong> policy for the global service project to the user group.</p>
</div></div>
</li><li id="lts_04_0015__en-us_topic_0191978428_li568819106510">Create a user on the IAM console and add the user to the user group created in <a href="#lts_04_0015__en-us_topic_0191978428_li1777449128">1</a>. For details, see <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0031.html" target="_blank" rel="noopener noreferrer">Create an IAM user and add it to the created user group</a>.</li><li id="lts_04_0015__en-us_topic_0191978428_li398018201382">Log in to the console by using the created user and verify permissions in the authorized region. For details, see <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0032.html" target="_blank" rel="noopener noreferrer">Log in as the IAM user</a> and verify permissions.</li></ol>
</div>
</div>
View Git Blame Copy Permalink