检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Obtaining Information About Account, IAM User, Group, Project, Region, and Agency Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
Querying IAM Identity Center Users Function This API is used to query the information about IAM Identity Center users.
You have two options for IAM Identity Center: Enable: You will need to enter the email address associated with the IAM Identity Center account. The email address of the management account must not be used for other IAM Identity Center users.
You have two options for IAM Identity Center: Enable: You will need to enter the email address associated with the IAM Identity Center account. The email address of the management account must not be used for other IAM Identity Center users.
Solution Log in to Huawei Cloud using the account you want to enroll, and navigate to the IAM console. In the navigation pane, choose Agencies and click Create Agency in the upper right corner. Figure 1 Creating an agency Set the agency name to RGCServiceExecutionAgency.
IAM Identity Center username in use. Change the IAM Identity Center username and try again. 400 RGC.1115 phone number is required in domestic. Mobile number required.
Updating the management account Enable: RGC will create an IAM Identity Center user as the administrator. If IAM Identity Center is connected to an external identity provider, the default IAM Identity Center user in RGC will lose access to the cloud.
Enforcing the least privilege Low identity:::user N/A RGC-GR_CONFIG_IAM_POLICY_IN_USE Checks whether an IAM policy has been attached to any IAM users, user groups, or agencies. This policy is non-compliant if the IAM policy has not been attached.
IAM Identity Center configurations. If the original landing zone uses IAM Identity Center and you want to use another home region for the new landing zone, you need to reset the original IAM Identity Center. For details, see IAM Identity Center Resetting.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account to use cloud services. Each IAM user has their own identity credentials (password or access keys).
Configure IAM Identity Center details, including the email address and username. After an account is created, an IAM Identity Center user is automatically created in RGC.
Appendix Status Codes Error Codes Obtaining Information About Account, IAM User, Group, Project, Region, and Agency
Managing the Landing Zone Querying the Home Region Pre-checking for Landing Zone Setting up Landing Zone Deleting a Landing Zone Querying Landing Zone Setup Status Checking Landing Zone Updates Querying Landing Zone Configurations Querying IAM Identity Center Users Parent topic: APIs
This section describes the elements used by IAM custom policies and Organizations SCPs. The elements include actions, resources, and conditions. For details about how to use these elements to edit an IAM custom policy, see Creating a Custom Policy.
Log in to Huawei Cloud using the account you want to enroll, and navigate to the IAM console. In the navigation pane, choose Agencies and click Create Agency in the upper right corner. Figure 1 Creating an agency Set the agency name to RGCServiceExecutionAgency.
Introduction You can use Identity and Access Management (IAM) for fine-grained permissions management of your RGC resources. If your HUAWEI ID does not need individual IAM users, you can skip this section. With IAM, you can control access to specific Huawei Cloud resources.
Resources in an account can only be accessed by the IAM users or IAM agencies in the account. An account in RGC refers to a Huawei Cloud account. Management Account A management account is the account you used to enable the Organizations service.
Configure IAM Identity Center details, including the email address and username. After an account is created, an IAM Identity Center user is automatically created in RGC.
Request Parameters Table 1 Request body parameters Parameter Mandatory Type Description account_name Yes String Name of an enrolled account. account_email No String Email address of an enrolled account. phone No String Mobile number. identity_store_user_name No String Name of an IAM
Table 2 CommonConfiguration Parameter Type Description home_region String Name of the home region. cloud_trail_type Boolean CTS configuration status. identity_center_status String Whether to set IAM Identity Center for the landing zone. organization_structure_type String Organization
