检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Disabling Access Control Attributes for a Specified Instance Function This API is used to disable ABAC for a specified IAM Identity Center instance and delete all configured attribute mappings.
Listing Account Assignment Deletion Statuses Function This API is used to list the account assignment deletion statuses of a specified IAM Identity Center instance.
Listing Account Assignment Creation Statuses Function This API is used to list the account assignment creation statuses of a specified IAM Identity Center instance.
Minimum length: 12 Maximum length: 12 user_id Yes String Globally unique ID of an IAM Identity Center user in the identity source.
Querying the Region Where a Service Instance Is Enabled Function This API is used to query the region where an IAM Identity Center instance is enabled. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
URI POST /v1/instances/{instance_id}/permission-sets Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance.
Array length: 0-10 group_id String Globally unique ID of an IAM Identity Center group in the identity source. Minimum length: 1 Maximum length: 47 identity_store_id String Globally unique ID of an identity source.
Functions Centralized Identity Management IAM Identity Center allows you to create and manage users and groups and configure the login authentication mode.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Groups. In the group list, select multiple groups and click Delete above the list.
Registering a Client Function This API is used to register a client in IAM Identity Center, which allows the client to initiate device authorization. The output should be persistent for reuse by authentication requests.
Creating a Shortcut Link in the IAM Identity Center Access Portal Log in to the IAM Identity Center access portal and click Create Shortcut in the upper right corner.
Minimum length: 12 Maximum length: 12 group_id Yes String Globally unique ID of an IAM Identity Center group in the identity source.
Deleting a User Function This API is used to delete an IAM Identity Center user based on the user ID. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
The principal can be either a user or a group in IAM Identity Center. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
Querying Details about the Account Assignment Deletion Status Function This API is used to query details about the account assignment deletion status of a specified IAM Identity Center instance based on the request ID.
Querying Details about the Account Assignment Creation Status Function This API is used to query details about the account assignment creation status of a specified IAM Identity Center instance based on the request ID.
Creating a User Function This API is used to create an IAM Identity Center user in the specified identity source. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
If you are using IAM Identity Center as the identity source, you can configure MFA in IAM Identity Center as follows. Procedure Log in to the Huawei Cloud management console. Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center.
Listing Users Function This API is used to list the IAM Identity Center users in the specified identity source. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
The differences between performing ABAC on IAM Identity Center and on external identity providers are as follows: IAM Identity Center: You need to add the attributes for performing ABAC on the Access Control Attributes tab of IAM Identity Center.
