vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpcep/umn/vpcep_ug_0003.html
Qin Ying, Fan 5f74a04a37 VPCEP UMN 20240710 version 
Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2024-07-29 09:26:39 +00:00

24 lines
5.2 KiB
HTML
Raw Blame History

<a name="vpcep_ug_0003"></a><a name="vpcep_ug_0003"></a>
<h1 class="topictitle1">Creating a User and Granting VPC Endpoint Permissions</h1>
<div id="body8662426"><p id="vpcep_ug_0003__p159711617173110">Use <a href="https://docs.otc.t-systems.com/identity-access-management/umn/service_overview/what_is_iam.html" target="_blank" rel="noopener noreferrer">IAM</a> to implement fine-grained permissions control over your VPC Endpoint resources. With IAM, you can:</p>
<ul id="vpcep_ug_0003__ul497281743111"><li id="vpcep_ug_0003__li9972417163116">Create IAM users for employees based on your enterprise's organizational structure. Each IAM user has their own security credentials for accessing VPC Endpoint resources.</li><li id="vpcep_ug_0003__li497211719312">Grant only the permissions required for users to perform a specific task.</li><li id="vpcep_ug_0003__li11972817203119">Entrust an account or a cloud service to perform efficient O&amp;M on your VPC Endpoint resources.</li></ul>
<p id="vpcep_ug_0003__p1997212175318">If your account does not need individual IAM users, skip this section.</p>
<p id="vpcep_ug_0003__p39721617203116">This section describes the process flow for granting permissions (see <a href="#vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_fig12481104618719">Figure 1</a>).</p>
<div class="section" id="vpcep_ug_0003__section144668716345"><h4 class="sectiontitle">Prerequisites</h4><p id="vpcep_ug_0003__p1590915192237">You must learn about permissions (see <a href="vpcep_pd_0001.html">Permissions</a>) supported by VPC Endpoint and choose policies or roles according to your requirements. To grant permissions for other services, learn about all <a href="https://docs.otc.t-systems.com/additional/permissions.html" target="_blank" rel="noopener noreferrer">Permissions</a> supported by IAM.</p>
</div>
<div class="section" id="vpcep_ug_0003__section1534151814384"><h4 class="sectiontitle">Process Flow</h4><div class="fignone" id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_fig12481104618719"><a name="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_fig12481104618719"></a><a name="en-us_topic_0173481716_en-us_topic_0172268189_fig12481104618719"></a><span class="figcap"><b>Figure 1 </b>Process for granting VPC Endpoint permissions</span><br><span><img id="vpcep_ug_0003__en-us_topic_0173481716_image1244723814172" src="en-us_image_0000001949612456.png"></span></div>
<ol id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_ol32691936499"><li id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_li10269636890"><a name="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_li10269636890"></a><a name="en-us_topic_0173481716_en-us_topic_0172268189_li10269636890"></a><a href="https://docs.otc.t-systems.com/identity-access-management/umn/getting_started/creating_a_user_group_and_assigning_permissions.html" target="_blank" rel="noopener noreferrer">Create a user group and assign it permissions</a>.<p id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_p15269143619914">On the IAM console, create a user group and attach the <strong id="vpcep_ug_0003__b101361468401">VPCEndpoint Administrator</strong> policy to the group.</p>
</li><li id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_li15271113610912"><a href="https://docs.otc.t-systems.com/identity-access-management/umn/getting_started/creating_a_user_and_adding_the_user_to_a_user_group.html" target="_blank" rel="noopener noreferrer">Create an IAM user and add it to the created user group</a>.<p id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_p82718361996">Create an IAM user and add it to the user group created in <a href="#vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_li10269636890">1</a>.</p>
</li><li id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_li8271163618912"><a href="https://docs.otc.t-systems.com/identity-access-management/umn/getting_started/logging_in_as_a_user.html" target="_blank" rel="noopener noreferrer">Log in as the IAM user</a> and verify permissions.<p id="vpcep_ug_0003__en-us_topic_0173481716_en-us_topic_0172268189_p16271336392">In the authorized region, perform the following operations:</p>
<ul id="vpcep_ug_0003__ul662671912184"><li id="vpcep_ug_0003__li26261319101815">On the <strong id="vpcep_ug_0003__b3462519594">Service List</strong> page, choose <strong id="vpcep_ug_0003__b346331914918">VPC Endpoint</strong>. Click <strong id="vpcep_ug_0003__b8676219154417">Create</strong> <strong id="vpcep_ug_0003__b164636191190">VPC Endpoint</strong> in the upper right corner. If you can create a VPC endpoint, the <strong id="vpcep_ug_0003__b7603104619437">VPCEndpoint Administrator</strong> policy has already taken effect. </li><li id="vpcep_ug_0003__li14626119161812">Choose another service from <strong id="vpcep_ug_0003__b1514092220917">Service List</strong>. If a message appears indicating that you have insufficient permissions to access the service, the <strong id="vpcep_ug_0003__b351982119449">VPCEndpoint Administrator</strong> policy has already taken effect.</li></ul>
</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpcep_ug_0001.html">Permissions Management</a></div>
</div>
</div>
View Git Blame Copy Permalink