The Huawei Cloud IAM account is used to invoke target cloud API interfaces during disaster recovery To create access to cloud resources and store disaster recovery data, download the corresponding AccessKey and AccessSecretKey when activating the IAM account. Please send the account information, AK/SK via email to us.

Create IAM User

:::tips

https://support.huaweicloud.com/intl/en-us/usermanual-iam/iam_02_0001.html

:::

Granting Authorization to IAM User

:::tips

https://support.huaweicloud.com/intl/en-us/usermanual-iam/iam_01_0652.html

:::

Managing IAM User Access Keys

:::tips

https://support.huaweicloud.com/intl/en-us/usermanual-iam/iam_02_0003.html

:::

Huawei Cloud IAM requirements

#ecs/vpc/evs/ims

{
    "Version": "1.1",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ecs:serverPasswords:manage",
                "ecs:serverKeypairs:delete",
                "ecs:cloudServers:reboot",
                "ecs:diskConfigs:use",
                "ecs:cloudServers:start",
                "ecs:cloudServers:vnc",
                "ecs:servers:lock",
                "ecs:servers:rebuild",
                "ecs:cloudServers:attach",
                "ecs:serverInterfaces:get",
                "ecs:cloudServers:detachVolume",
                "ecs:servers:unlock",
                "ecs:cloudServers:delete",
                "ecs:serverKeypairs:get",
                "ecs:cloudServers:updateMetadata",
                "ecs:cloudServers:stop",
                "ecs:servers:setMetadata",
                "ecs:serverVolumes:use",
                "ecs:cloudServers:create",
                "ecs:serverKeypairs:create",
                "ecs:servers:get",
                "ecs:serverInterfaces:use",
                "ecs:serverGroups:manage",
                "ecs:securityGroups:use",
                "ecs:*:get*",
                "ecs:*:list*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "evs:snapshots:rollback",
                "evs:volumes:use",
                "evs:snapshots:delete",
                "evs:volumes:create",
                "evs:snapshots:create",
                "evs:volumes:update",
                "evs:backups:get",
                "evs:volumes:get",
                "evs:snapshots:get",
                "evs:volumes:delete",
                "evs:*:get*",
                "evs:*:list*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "vpc:securityGroups:create",
                "vpc:vpcs:delete",
                "vpc:subnets:update",
                "vpc:routers:update",
                "vpc:subnets:delete",
                "vpc:vpcs:create",
                "vpc:networks:get",
                "vpc:publicIps:create",
                "vpc:ports:get",
                "vpc:ports:update",
                "vpc:ports:create",
                "vpc:securityGroupRules:get",
                "vpc:subnets:create",
                "vpc:securityGroups:delete",
                "vpc:publicIps:delete",
                "vpc:subnets:get",
                "vpc:securityGroups:update",
                "vpc:routers:get",
                "vpc:securityGroups:get",
                "vpc:networks:create",
                "vpc:networks:update",
                "vpc:*:list*",
                "vpc:*:get*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "ims:images:get",
                "ims:*:list*"
            ]
        }
    ]
}

#obs

{
    "Version": "1.1",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "OBS:*:*"
            ]
        }
    ]
}