检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Querying IAM Identity Center Users Function This API is used to query the information about IAM Identity Center users.
Obtaining Information About Account, IAM User, Group, Project, Region, and Agency Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
Introduction You can use Identity and Access Management (IAM) for fine-grained permissions management of your RGC resources. If your HUAWEI ID does not need individual IAM users, you can skip this section. With IAM, you can control access to specific Huawei Cloud resources.
This section describes the elements used by IAM custom policies and Organizations SCPs. The elements include actions, resources, and conditions. For details about how to use these elements to edit an IAM custom policy, see Creating a Custom Policy.
Configure IAM Identity Center details, including the email address and username. After an account is created, an IAM Identity Center user is automatically created in RGC.
Configure IAM Identity Center details, including the email address and username. After an account is created, an IAM Identity Center user is automatically created in RGC.
IAM Identity Center configurations. If the original landing zone uses IAM Identity Center and you want to use another home region for the new landing zone, you need to reset the original IAM Identity Center. For details, see IAM Identity Center Resetting.
Enforcing the least privilege Low identity:::user N/A RGC-GR_CONFIG_IAM_POLICY_IN_USE Checks whether an IAM policy has been attached to any IAM users, user groups, or agencies. This policy is non-compliant if the IAM policy has not been attached.
Updating the management account Enable: RGC will create an IAM Identity Center user as the administrator. If IAM Identity Center is connected to an external identity provider, the default IAM Identity Center user in RGC will lose access to the cloud.
IAM Identity Center username in use. Change the IAM Identity Center username and try again. 400 RGC.1115 phone number is required in domestic. Mobile number required.
Appendix Status Codes Error Codes Obtaining Information About Account, IAM User, Group, Project, Region, and Agency
You have two options for IAM Identity Center: Enable: You will need to enter the email address associated with the IAM Identity Center account. The email address of the management account must not be used for other IAM Identity Center users.
Managing the Landing Zone Querying the Home Region Pre-checking for Landing Zone Setting up Landing Zone Deleting a Landing Zone Querying Landing Zone Setup Status Checking Landing Zone Updates Querying Landing Zone Configurations Querying IAM Identity Center Users Parent topic: APIs
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account to use cloud services. Each IAM user has their own identity credentials (password or access keys).
You have two options for IAM Identity Center: Enable: You will need to enter the email address associated with the IAM Identity Center account. The email address of the management account must not be used for other IAM Identity Center users.
Request Parameters Table 1 Request body parameters Parameter Mandatory Type Description account_name Yes String Name of an enrolled account. account_email No String Email address of an enrolled account. phone No String Mobile number. identity_store_user_name No String Name of an IAM
Solution Log in to Huawei Cloud using the account you want to enroll, and navigate to the IAM console. In the navigation pane, choose Agencies and click Create Agency in the upper right corner. Figure 1 Creating an agency Set the agency name to RGCServiceExecutionAgency.
Log in to Huawei Cloud using the account you want to enroll, and navigate to the IAM console. In the navigation pane, choose Agencies and click Create Agency in the upper right corner. Figure 1 Creating an agency Set the agency name to RGCServiceExecutionAgency.
Table 2 CommonConfiguration Parameter Type Description home_region String Name of the home region. cloud_trail_type Boolean CTS configuration status. identity_center_status String Whether to set IAM Identity Center for the landing zone. organization_structure_type String Organization
or RGC. state String Status of an enrolled account. message String Description of the error status. parent_organizational_unit_id String ID of a registered parent OU. parent_organizational_unit_name String Name of a registered parent OU. identity_store_user_name String Name of an IAM
