yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
6d480dcc2099fd426404c7d47136adb1c9546e09
doc-exports/docs/swr/umn/swr_03_0021.html
qiujiandong1 048401a85e SWR UMN 20241101 version 
Reviewed-by: Eotvos, Oliver <oliver.eotvos@t-systems.com>
Co-authored-by: qiujiandong1 <qiujiandong1@huawei.com>
Co-committed-by: qiujiandong1 <qiujiandong1@huawei.com>
2025-06-04 13:39:25 +00:00

55 lines
4.8 KiB
HTML
Raw Blame History

<a name="swr_03_0021"></a><a name="swr_03_0021"></a>
<h1 class="topictitle1">SWR Permissions</h1>
<div id="body0000001488156664"><p id="swr_03_0021__p153069485316">By default, new IAM users do not have any permissions granted. You need to add them to one or more groups and attach permissions policies or roles to these groups. In this way, the users can inherit permissions from the groups and perform operations on specific cloud resources.</p>
<p id="swr_03_0021__p5306134813315">SWR is a project-level service deployed for specific regions. When you set <strong id="swr_03_0021__b178861968524">Scope</strong> to <strong id="swr_03_0021__b14886364524">Region-specific projects</strong> and select projects in specific regions, the users only have permissions for SWR resources in the selected projects. If you set <strong id="swr_03_0021__b1887116195211">Scope</strong> to <strong id="swr_03_0021__b3887136165214">All resources</strong>, the users have permissions for SWR resources in all region-specific projects. When accessing SWR, the users need to switch to the authorized region.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="swr_03_0021__table1409182914134" frame="border" border="1" rules="all"><caption><b>Table 1 </b>System-defined permissions for SWR</caption><thead align="left"><tr id="swr_03_0021__row1346222921318"><th align="left" class="cellrowborder" valign="top" width="20.437956204379564%" id="mcps1.3.3.2.4.1.1"><p id="swr_03_0021__p246217292138">Name</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="56.4043595640436%" id="mcps1.3.3.2.4.1.2"><p id="swr_03_0021__p146292918139">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="23.15768423157684%" id="mcps1.3.3.2.4.1.3"><p id="swr_03_0021__p446218291138">Type</p>
</th>
</tr>
</thead>
<tbody><tr id="swr_03_0021__row1462142915137"><td class="cellrowborder" valign="top" width="20.437956204379564%" headers="mcps1.3.3.2.4.1.1 "><p id="swr_03_0021__p1196518294159">SWR Administrator</p>
</td>
<td class="cellrowborder" valign="top" width="56.4043595640436%" headers="mcps1.3.3.2.4.1.2 "><p id="swr_03_0021__p0462172991319">SWR administrator permissions, including all SWR permissions.</p>
</td>
<td class="cellrowborder" valign="top" width="23.15768423157684%" headers="mcps1.3.3.2.4.1.3 "><p id="swr_03_0021__p18683113815502">System-defined role</p>
</td>
</tr>
<tr id="swr_03_0021__row112721016495"><td class="cellrowborder" valign="top" width="20.437956204379564%" headers="mcps1.3.3.2.4.1.1 "><p id="swr_03_0021__p1327319168913">Tenant Administrator</p>
</td>
<td class="cellrowborder" valign="top" width="56.4043595640436%" headers="mcps1.3.3.2.4.1.2 "><p id="swr_03_0021__p10955185614177">Administrator permissions for all services except IAM, including all SWR permissions.</p>
</td>
<td class="cellrowborder" valign="top" width="23.15768423157684%" headers="mcps1.3.3.2.4.1.3 "><p id="swr_03_0021__p12203918495">System-defined role</p>
</td>
</tr>
<tr id="swr_03_0021__row157318307917"><td class="cellrowborder" valign="top" width="20.437956204379564%" headers="mcps1.3.3.2.4.1.1 "><p id="swr_03_0021__p47312307916">Tenant Guest</p>
</td>
<td class="cellrowborder" valign="top" width="56.4043595640436%" headers="mcps1.3.3.2.4.1.2 "><p id="swr_03_0021__p147317301899">Read-only permissions for all services except IAM, including permissions such as image pull.</p>
</td>
<td class="cellrowborder" valign="top" width="23.15768423157684%" headers="mcps1.3.3.2.4.1.3 "><p id="swr_03_0021__p016539184915">System-defined role</p>
</td>
</tr>
<tr id="swr_03_0021__row19269191915109"><td class="cellrowborder" valign="top" width="20.437956204379564%" headers="mcps1.3.3.2.4.1.1 "><p id="swr_03_0021__p172691119131018">ServiceStage Developer</p>
</td>
<td class="cellrowborder" valign="top" width="56.4043595640436%" headers="mcps1.3.3.2.4.1.2 "><p id="swr_03_0021__p4973747191915">ServiceStage developer permissions, including permissions such as image pull.</p>
</td>
<td class="cellrowborder" valign="top" width="23.15768423157684%" headers="mcps1.3.3.2.4.1.3 "><p id="swr_03_0021__p112123914497">System-defined role</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="note" id="swr_03_0021__note157450580343"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="swr_03_0021__ul12448704536"><li id="swr_03_0021__li9448130145311">You can <a href="https://docs.otc.t-systems.com/en-us/usermanual/swr/swr_01_0015.html" target="_blank" rel="noopener noreferrer">grant permissions</a> (read, write, and manage permissions), to different users for them to access either a specific image or images in a specific organization.</li></ul>
</div></div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="swr_03_0020.html">Permissions</a></div>
</div>
</div>
View Git Blame Copy Permalink