vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/ces/umn/ces_01_0090.html
qiujiandong1 eb9f8a2617 CES UMN -20240202 version 
Reviewed-by: Rumpler, Mihály <mihaly.rumpler@t-systems.com>
Co-authored-by: qiujiandong1 <qiujiandong1@huawei.com>
Co-committed-by: qiujiandong1 <qiujiandong1@huawei.com>
2024-11-08 11:28:13 +00:00

27 lines
4.7 KiB
HTML
Raw Blame History

<a name="ces_01_0090"></a><a name="ces_01_0090"></a>
<h1 class="topictitle1">Creating a User and Granting Permissions</h1>
<div id="body1559013809882"><p id="ces_01_0090__p20120922174520">You can use <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0026.html" target="_blank" rel="noopener noreferrer">IAM</a> for fine-grained permissions control for your Cloud Eye resources. With IAM, you can:</p>
<ul id="ces_01_0090__ul196501542164516"><li id="ces_01_0090__li5969154604512">Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing Cloud Eye resources.</li><li id="ces_01_0090__li1185110179464">Grant different permissions to IAM users based on their job responsibilities.</li><li id="ces_01_0090__li61122454618">Entrust an account or a cloud service to perform efficient O&amp;M on your Cloud Eye resources.</li></ul>
<p id="ces_01_0090__p55791496463">If your account does not require individual IAM users, skip this topic.</p>
<p id="ces_01_0090__p5133182335315">This topic describes the procedure for granting permissions (see <a href="#ces_01_0090__fig129774214310">Figure 1</a>).</p>
<div class="section" id="ces_01_0090__section721253911457"><h4 class="sectiontitle">Prerequisites</h4><p id="ces_01_0090__p677911617312">You have learned about the system policies of Cloud Eye before assigning the preset Cloud Eye permissions to user groups (if needed). To grant custom permissions to a user group, ensure that you have <a href="ces_01_0091.html">created a custom Cloud Eye policy</a>.</p>
<p id="ces_01_0090__p61311916121019">For details about the system policies supported by Cloud Eye and the comparison between these policies, see <a href="ces_07_0009.html">Permissions</a>.</p>
</div>
<div class="section" id="ces_01_0090__section19846165684214"><h4 class="sectiontitle">Process Flow</h4><div class="fignone" id="ces_01_0090__fig129774214310"><a name="ces_01_0090__fig129774214310"></a><a name="fig129774214310"></a><span class="figcap"><b>Figure 1 </b>Process for granting Cloud Eye permissions</span><br><span><img class="eddx" id="ces_01_0090__image1040250184416" src="en-us_image_0000002051460077.png"></span></div>
<p id="ces_01_0090__p1887901564415"></p>
</div>
<ol id="ces_01_0090__ol32691936499"><li id="ces_01_0090__li10269636890"><a name="ces_01_0090__li10269636890"></a><a name="li10269636890"></a><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0030.html" target="_blank" rel="noopener noreferrer">Create a user group and assign permissions</a>.<p id="ces_01_0090__p13556148121715"><p id="ces_01_0090__p741019734">Create a user group on the IAM console, and attach the <strong id="ces_01_0090__b15869220191415">CES Administrator</strong>, <strong id="ces_01_0090__b138102385718">Tenant Guest</strong>, and <strong id="ces_01_0090__b543673215710">Server Administrator</strong> policies to the group.</p>
</p>
<div class="note" id="ces_01_0090__note1568533852011"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="ces_01_0090__ul201712013712"><li id="ces_01_0090__li1617116131919">Cloud Eye is a region-specific service and must be deployed in specific physical regions. Cloud Eye permissions can be assigned and take effect only in specific regions. If you want a permission to take effect for all regions, assign it in all these regions. The global permission does not take effect.</li><li id="ces_01_0090__li36433155119">The preceding permissions are all Cloud Eye permissions. For more refined Cloud Eye permissions, see <a href="ces_07_0009.html">Permissions</a>.</li></ul>
</div></div>
</li><li id="ces_01_0090__li15271113610912"><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0031.html" target="_blank" rel="noopener noreferrer">Create a user and add it to a user group. </a>Create a user on the IAM console and add the user to the group created in <a href="#ces_01_0090__li10269636890">1</a>.</li><li id="ces_01_0090__li8271163618912"><a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0032.html" target="_blank" rel="noopener noreferrer">Log in</a> and verify permissions.<p id="ces_01_0090__p16271336392">Log in to the Cloud Eye console as the created user, and verify that the user only has the <strong id="ces_01_0090__b173012215810269">CES Administrator</strong> permissions. After you log in to the Cloud Eye console and use related functions, if no authentication failure message is displayed, the authorization is successful.</p>
</li></ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="ces_01_0089.html">Permissions Management</a></div>
</div>
</div>
View Git Blame Copy Permalink