检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Differences Between the Old and New IAM Consoles The new IAM console provides more refined and flexible permission control than the old console. Some functions are deleted to help you focus on IAM access control capabilities.
Detaching an Identity Policy from an IAM User Function This API is used to detach a specified identity policy from a specified IAM user.
For IAM users created on the new IAM console, the access method depends on the credential types of the users. If you set a console password when creating an IAM user, the IAM user can access Huawei Cloud through the console.
Access Control Policies Supported by IAM An IAM principal can perform operations and access APIs in an account. Principals include IAM users, agencies, and trust agencies.
To learn more about how IAM is different from Organizations for access control, see How IAM Is Different from Organizations for Access Control?. This section describes the elements used by IAM custom identity policies and Organizations SCPs.
Read - - iam:users:getUser iam:users:update Grants permission to update a user. Write - - iam:users:updateUser iam:users:list Grants permission to list users. List - - iam:users:listUsers iam:users:delete Grants permission to delete a user.
Parent topic: IAM User Management
Obtaining the Summary of the Usage and Quota of IAM Entities in an Account Function This API is used to obtain the summary of the usage and quota of IAM entities in an account.
Using Tags to Control Access to IAM Users and Trust Agencies Tags can be attached to IAM resources or the principals that are making the request, or passed in the request. An IAM user or trust agency can be both a resource and principal.
Querying All Identity Policies Attached to a Specified IAM User Function This API is used to query all identity policies attached to a specified IAM User.
IAM Access Analyzer Identity Policy-based Authorization Reference IAM provides system-defined identity policies to define typical cloud service permissions.
Parent topic: IAM User Management
To restrict an IAM principal to pass only the allowed IAM agencies, you can use the "Resources" element in the IAM policy to specify which agencies the IAM principal can pass.
On the Huawei Cloud login page, click IAM User. On the IAM User Login page, enter the company's account name, IAM username, and password.
The permissions assigned to this group will also apply to IAM users in the user group in Huawei Cloud. Click OK. IAM user authorization for the EU-Dublin region is completed.
Prerequisites You have already created an IAM user. For details, see Creating an IAM User. Procedure Log in to the Huawei Cloud management console.
Parent topic: Viewing IAM Operation Records
IAM User IAM users use Huawei Cloud resources as specified by the permissions granted by their account. Creation: IAM users are created by an account in IAM. For details, see Creating an IAM User. Huawei Cloud login: Log in to Huawei Cloud by clicking IAM User.
You can authorize IAM users to manage trust agency resources on your behalf. If you have created multiple trust agencies, you can grant an IAM user to manage all or specific trust agency resources.
IAM user: An IAM user is manually created after an account is created. IAM users can be modified and deleted.
