3.5.1 Onboard Your Huawei Cloud Account

Pre-Requisites

  • The user who performs the onboarding steps has to have IAM Administrator permissions. If the user is in a user group that has the Security Administrator policy attached, the user will have IAM administrator permissions.

Adding a Huawei Cloud Account

S41. Navigate to the Settings page (gear icon), then click Scan Configuration on the left sidebar.

2. Create a new scan group or use an existing one.

3. On the Scan Configuration page, click on the pencil icon next to the scan group which you would like to import Huawei Cloud projects into.

S7

4. On the right-side panel, click Add Account.

Screenshot from 2021-07-26 12-52-41

5. Select Add a Huawei Account and click Next.

6. Follow the Step by Step guide shown to add the Huawei Cloud Account. The steps are also listed in the next section.

Huawei Cloud Account Setup Step-by-Step Guide

Step 1. Create an IAM Custom Policy at the Global Scope

1. Login to your Huawei account and navigate to the IAM permissions page under the IAM service.

Screenshot from 2021-07-30 11-05-06-1

2. Click on Create Custom Policy.

3. Give an appropriate name (i.e, WardenScannerGlobalScopePolicy) for Policy Name.

4. Ensure that Scope is set to Global services.

5. Select JSON under Policy View.

6. Copy the following text from the JSON here into the Policy Content field.

7. Click OK.

Step 2. Create an IAM Custom Policy at the Project Scope

Screenshot from 2021-07-30 11-29-09

1. Create an IAM Custom Policy at the Project Scope. Navigate to the IAM permissions page under the IAM service.

2. Click on Create Custom Policy.

3. Give an appropriate name (i.e, WardenScannerProjectScopePolicy) for Policy Name.

4. Ensure that Scope is set to Project-level services.

5. Select JSON under Policy View.

6. Copy the following text from the JSON here into the Policy Content field.

7. Click OK.

Step 3. Create an IAM User Group

Screenshot from 2021-07-26 12-17-54

1. Navigate to the User Groups page under IAM service.

2. Click on Create User Group.

Screenshot from 2021-07-26 12-18-16

3. Give an appropriate name (i.e, WardenScannerGroup).

4. Click OK.

Screenshot from 2021-07-26 12-18-52

5. Click More on the created user group and click Manage Permissions.

Screenshot from 2021-07-26 12-19-086. Click Assign Permissions.

Screenshot from 2021-07-26 12-19-59-1

7. With the Global service project scope selected, select the Custom Policy created in step 1.

8. Click OK.

Screenshot from 2021-07-26 12-21-22-19. Repeat steps 6-8, this time with Region-specific projects scope selected and covering All Projects, and select the Custom Policy created in Step 2.

Step 4. Create an IAM User

1. Navigate to the IAM Users page under IAM service.

Screenshot from 2021-07-26 12-21-50

2. Click on Create User.

Screenshot from 2021-07-26 12-22-23

3. Give an appropriate name (i.e, WardenScannerSystemUser) for the username.

4. Select only Programmatic Access under Access Type.

5. Select only Access key under Credential Type.

6. Click Next.

Screenshot from 2021-07-26 12-22-407. Select the User Group created in step 3.

8. Click Create.

9. Click Download Access Key.

Screenshot from 2021-07-26 12-23-06

Step 5. Configure Huawei Cloud credentials to Storyfier

 

Screenshot from 2021-07-26 12-52-48-1

1. Copy the Access Key Id and the Secret Access Key from the downloaded file and paste it onto the corresponding fields below.

2. Copy the Account ID into the field below.


How to Know Your Huawei Cloud Account ID

Screenshot from 2021-07-30 11-59-07

1. To find the Account ID, hover over your username on the upper right of the Huawei Cloud console and click on the My Credentials link. You can also access the page here.

Screenshot from 2021-07-30 12-01-01

2. Look for the Account ID field.