yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
a41a4e0331fbc0beff63bb28fa59228cc9a751df
doc-exports/docs/das/umn/das_08_0003.html
wangdengke2 de9f8a7cc5 das_umn 
Reviewed-by: Wagner, Fabian <fabian.wagner@t-systems.com>
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: wangdengke2 <wangdengke2@huawei.com>
Co-committed-by: wangdengke2 <wangdengke2@huawei.com>
2025-07-16 11:51:16 +00:00

3.1 KiB
Raw Blame History

Creating a User and Granting Permissions

You can use IAM to implement refined permission control for DAS resources. To be specific, you can:

  • Create IAM users for employees from different departments of your enterprise. In this way, each IAM user has unique security credentials and can use DAS resources.
  • Grant only the permissions required for users to perform a specific task.
  • Entrust an account or cloud service to perform professional and efficient O&M on your DAS resources.

If your account does not need individual IAM users, then you may skip over this section.

Figure 1 describes how to grant permissions to a user group.

Prerequisites

Before assigning permissions to user groups, you should learn about DAS system policies and select policies based on service requirements.

Process Flow

Figure 1 Flowchart for granting DAS permissions
  1. Create a user group and assign permissions to it.

    Create a user group on the IAM console and attach the DAS FullAccess policy to the group.

  2. Create a user and add it to a user group.

    Create a user on the IAM console and add the user to the group created in 1.

  3. Log in and verify permissions.

    In the service list, choose Data Admin Service. On the displayed page, click Add DB Instance Connection. If a database connection can be created, the DAS permissions have taken effect.

Parent topic: Permissions Management