forked from docs/doc-exports
Lu, Huayi
c5fcb46315
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Lu, Huayi <luhuayi@huawei.com> Co-committed-by: Lu, Huayi <luhuayi@huawei.com>
19 lines
3.7 KiB
HTML
19 lines
3.7 KiB
HTML
<a name="EN-US_TOPIC_0000001180440121"></a><a name="EN-US_TOPIC_0000001180440121"></a>
|
|
|
|
<h1 class="topictitle1">Granting an IAM Account the DWS Database Access Permission</h1>
|
|
<div id="body1538146735807"><p id="EN-US_TOPIC_0000001180440121__p6915813163218">The IAM account you use to access a database must be granted with the <strong id="EN-US_TOPIC_0000001180440121__b15746163919199">DWS Database Access</strong> permission. Only users with both the <strong id="EN-US_TOPIC_0000001180440121__b5746163991913">DWS Administrator</strong> and <strong id="EN-US_TOPIC_0000001180440121__b1274753918194">DWS Database Access</strong> permissions can connect to GaussDB(DWS) databases using the temporary database user credentials generated based on IAM users. Using the <strong id="EN-US_TOPIC_0000001180440121__b1118117017298">DWS Database Access</strong> permission helps to control access to databases.</p>
|
|
<p id="EN-US_TOPIC_0000001180440121__p91314212133">The <strong id="EN-US_TOPIC_0000001180440121__b7761145816307">DWS Database Access</strong> permission can only be granted to user groups. Ensure that your IAM account is in a user group with this permission.</p>
|
|
<p id="EN-US_TOPIC_0000001180440121__p811483151713">On IAM, only users in the <strong id="EN-US_TOPIC_0000001180440121__b71730262343">admin</strong> group have the permissions to manage users. This requires that your IAM account be in the <strong id="EN-US_TOPIC_0000001180440121__b028543717">admin</strong> user group. Otherwise, contact the IAM account administrator to grant your IAM account this permission.</p>
|
|
<div class="section" id="EN-US_TOPIC_0000001180440121__section183185863313"><h4 class="sectiontitle">Procedure</h4><ol id="EN-US_TOPIC_0000001180440121__ol49644474814"><li id="EN-US_TOPIC_0000001180440121__li896410416486"><span>Log in to the <span id="EN-US_TOPIC_0000001180440121__text166071525513">cloud</span> management console and choose <strong id="EN-US_TOPIC_0000001180440121__b0908131120140">Service List > Management & Governance > Identity and Access Management</strong> to enter the IAM management console.</span></li><li id="EN-US_TOPIC_0000001180440121__li1659563112716"><span>Modify the user group to which your IAM user belongs. Set a policy for, grant the <strong id="EN-US_TOPIC_0000001180440121__b325717528570">DWS Database Access</strong> permission to, and add your IAM user to it.</span><p><p id="EN-US_TOPIC_0000001180440121__p3425164712910">Only users in the <strong id="EN-US_TOPIC_0000001180440121__b1168271913019">admin</strong> user group of IAM can perform this step. In IAM, only users in the <strong id="EN-US_TOPIC_0000001180440121__b1197919511003">admin</strong> user group can manage users, including creating user groups and users and setting user group rights.</p>
|
|
<p id="EN-US_TOPIC_0000001180440121__p024213711302">For details, see "User and User Group Management > Viewing or Modifying User Group Information" in the <em id="EN-US_TOPIC_0000001180440121__i1905366147">Identity and Access Management User Guide</em>.</p>
|
|
<p id="EN-US_TOPIC_0000001180440121__p16402111693620">You can also create an IAM user group, and set a policy for, grant the <strong id="EN-US_TOPIC_0000001180440121__b16421115412417">DWS Administrator</strong> and <strong id="EN-US_TOPIC_0000001180440121__b1762501722">DWS Database Access</strong> permissions to, and add your IAM user to it. For details, see "User and User Group Management > Creating a User Group" in the <em id="EN-US_TOPIC_0000001180440121__i15999161510154">Identity and Access Management User Guide</em>.</p>
|
|
</p></li></ol>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="dws_01_0133.html">Connecting to a Cluster Using IAM Authentication</a></div>
|
|
</div>
|
|
</div>
|
|
|