vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/dns/umn/dns_usermanual_0027.html
Qin Ying, Fan 9a9e02c671 DNS UMN 20240223 version 
Reviewed-by: Hajba, László Antal <laszlo-antal.hajba@t-systems.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2024-06-07 13:20:48 +00:00

24 lines
5.1 KiB
HTML
Raw Blame History

<a name="dns_usermanual_0027"></a><a name="dns_usermanual_0027"></a>
<h1 class="topictitle1">Creating a User and Granting DNS Permissions</h1>
<div id="body8662426"><p id="dns_usermanual_0027__p443995011299">To implement fine-grained permissions control over your DNS resources, <a href="https://docs.otc.t-systems.com/usermanual/iam/iam_01_0026.html" target="_blank" rel="noopener noreferrer">IAM</a> is a good choice. With IAM, you can:</p>
<ul id="dns_usermanual_0027__ul20439105062911"><li id="dns_usermanual_0027__li54391150102910">Create IAM users for employees based on your enterprise's organizational structure. Each IAM user will have their own security credentials for accessing DNS resources.</li><li id="dns_usermanual_0027__li19440115042917">Grant only the permissions required for users to perform a specific task.</li><li id="dns_usermanual_0027__li154401350152916">Entrust another account or cloud service to perform efficient O&amp;M on your DNS resources.</li></ul>
<p id="dns_usermanual_0027__p19440165022913">Skip this part if your account does not need individual IAM users.</p>
<p id="dns_usermanual_0027__p5440135032917">The following describes the procedure for granting permissions (see <a href="#dns_usermanual_0027__en-us_topic_0172268189_fig12481104618719">Figure 1</a>).</p>
<div class="section" id="dns_usermanual_0027__en-us_topic_0172268189_section1778196161211"><h4 class="sectiontitle"><strong id="dns_usermanual_0027__b842352706102921">Prerequisites</strong></h4><p id="dns_usermanual_0027__p182721533175217">You have learned about DNS permissions (see <a href="dns_pd_0002.html">Permissions</a>) and have chosen the right policies or roles based on your requirements. For the permission policies of other services, see <a href="https://docs.otc.t-systems.com/permissions/index.html" target="_blank" rel="noopener noreferrer">System Permissions</a>.</p>
</div>
<div class="section" id="dns_usermanual_0027__section3547133433710"><h4 class="sectiontitle">Process Flow</h4><div class="fignone" id="dns_usermanual_0027__en-us_topic_0172268189_fig12481104618719"><a name="dns_usermanual_0027__en-us_topic_0172268189_fig12481104618719"></a><a name="en-us_topic_0172268189_fig12481104618719"></a><span class="figcap"><b>Figure 1 </b>Process for granting permissions</span><br><span><img id="dns_usermanual_0027__image17990164225710" src="en-us_image_0000001906813634.png"></span></div>
<ol id="dns_usermanual_0027__en-us_topic_0172268189_ol32691936499"><li id="dns_usermanual_0027__en-us_topic_0172268189_li10269636890"><a name="dns_usermanual_0027__en-us_topic_0172268189_li10269636890"></a><a name="en-us_topic_0172268189_li10269636890"></a><a href="https://docs.otc.t-systems.com/identity-access-management/umn/getting_started/creating_a_user_group_and_assigning_permissions.html" target="_blank" rel="noopener noreferrer">Create a user group and grant permissions</a>.<p id="dns_usermanual_0027__p950312385269">Create a user group on the IAM console and assign the <strong id="dns_usermanual_0027__b1066121218214">DNS Administrator</strong> policy to the group.</p>
</li><li id="dns_usermanual_0027__en-us_topic_0172268189_li15271113610912"><a href="https://docs.otc.t-systems.com/identity-access-management/umn/getting_started/creating_a_user_and_adding_the_user_to_a_user_group.html" target="_blank" rel="noopener noreferrer">Create a user and add the user to the user group</a><p id="dns_usermanual_0027__en-us_topic_0172268189_p82718361996">Create a user on the IAM console and add the user to the group created in step <a href="#dns_usermanual_0027__en-us_topic_0172268189_li10269636890">1</a>.</p>
</li><li id="dns_usermanual_0027__en-us_topic_0172268189_li8271163618912"><a href="https://docs.otc.t-systems.com/identity-access-management/umn/getting_started/logging_in_as_a_user.html" target="_blank" rel="noopener noreferrer">Log in to the management console as the created user</a>.<p id="dns_usermanual_0027__p68461114113917">Log in to the DNS console by using the created user, and verify that the user only has read permissions for DNS.</p>
<ul id="dns_usermanual_0027__ul1984710149394"><li id="dns_usermanual_0027__li26261319101815">Choose <strong id="dns_usermanual_0027__b18373113316180">Service List</strong> &gt; <strong id="dns_usermanual_0027__b17179183721817">Domain Name Service</strong>. On the <strong id="dns_usermanual_0027__b133923431918">Dashboard</strong> page, click <strong id="dns_usermanual_0027__b81786121914">Private Zones</strong>. Then click <strong id="dns_usermanual_0027__b318120131919">Create Private Zone</strong> in the upper right corner. If the private zone can be created, the DNS Administrator policy is in effect.</li><li id="dns_usermanual_0027__li14626119161812">Choose any other service from <strong id="dns_usermanual_0027__b16715193516192">Service List</strong>. If a message appears indicating that you have insufficient permissions to access the service, the <strong id="dns_usermanual_0027__b1271612354195">DNS Administrator</strong> policy is in effect.</li></ul>
</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="dns_usermanual_0025.html">Permissions Management</a></div>
</div>
</div>
View Git Blame Copy Permalink