检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Managing Permissions Assigned to IAM Users As an administrator, you can view or delete permissions assigned to IAM users on the Permissions tab of the IAM console.
IAM Custom Policy Examples If system-defined policies cannot meet your requirements, you can create custom policies to implement more refined access control. You can refer to the following examples to customize policies for cloud services.
To manage access keys of IAM users, see Managing Access Keys for an IAM User. Parent topic: IAM User Management
Listing Projects Accessible to an IAM User Function This API is used to list the projects in which resources are accessible to a specified IAM user. The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Querying the MFA Device Information of an IAM User Function This API can be used by the administrator to query the MFA device information of a specified IAM user or used by an IAM user to query their own MFA device information.
Querying the Login Protection Configuration of an IAM User Function This API can be used by the administrator to query the login protection configuration of a specified IAM user or used by an IAM user to query their own login protection configuration.
Adding an IAM User to a User Group Function This API is provided for the administrator to add an IAM user to a specified user group. The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
IAM User SSO via SAML Overview of IAM User SSO via SAML Creating an IdP Entity Configuring an Enterprise IdP Configuring an External Identity ID Verifying the Login Configuring a Federated Login Entry in the Enterprise IdP Parent topic: Identity Providers
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
Table 3 login_protects Parameter Type Description enabled Boolean Indicates whether login protection has been enabled for an IAM user. The value can be true or false. user_id String IAM user ID. verification_method String Login authentication method of the IAM user.
Listing MFA Device Information of IAM Users Function This API is provided for the administrator to query the MFA device information of IAM users. The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
Parent topic: IAM User Management
CTS records all operations performed on IAM, such as creating users and user groups. Table 1 shows the IAM operations that can be recorded by CTS.
Parent topic: IAM User Management
Removing an IAM User from a User Group Function This API can be used by the administrator to remove an IAM user from a specified user group. The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Click IAM User on the login page. Incorrect tenant name/Huawei Cloud account name or IAM username. Enter the correct tenant name/Huawei Cloud account name and IAM username.
Parent topic: IAM User Management
Parent topic: IAM User Management
Parent topic: IAM User Management
