检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Obtaining Account, IAM User, Group, Project, Region, and Agency Information Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
Cloud Services that Support Resource-Level Authorization Using IAM If you want to grant permissions to an IAM user for specific resources, create a custom policy that contains permissions for the resources, and attach the policy to the user.
IAM User IAM users use Huawei Cloud resources as specified by the permissions granted by their account. Creation: IAM users are created by an account in IAM. For details, see Creating an IAM User. Huawei Cloud login: Log in to Huawei Cloud by clicking IAM User.
Progressive Knowledge | HUAWEI CLOUD
Figure 1 Relationship between an account and its IAM users Identifying IAM Users When you create an IAM user, IAM provides the following methods to identify that user: An IAM username, which is specified when you create the IAM user.
Token of an IAM User IAM 07:32 IAM
Error Codes None Parent topic: IAM User Management
Creating an IAM User and Configuring an External Identity ID Changing the External Identity ID of an Existing IAM User Creating an IAM User and Configuring an External Identity ID Log in to the IAM console as an administrator.
*", "iam:credentials:*", "iam:groups:*", "iam:identityProviders:*", "iam:mfa:*", "iam:permissions:*", "iam:projects:*", "iam:quotas:*", "iam:roles:*",
Table 1 lists IAM endpoints. IAM is a global service with all data stored in the Global service project. All APIs of IAM can be called using the endpoint of a global service.
IAM implements security design for each identity credential to protect user data and enable users to access IAM more securely. For details, see Table 1.
Verifying a Token Function This API can be used by the administrator to verify the token of an IAM user or used by an IAM user to verify their own token. The administrator can only verify the token of an IAM user created using the account.
Creating a Permanent Access Key Function This API can be used by the administrator to create a permanent access key for an IAM user or used by an IAM user to create a permanent access key.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI GET /v3/users/{user_id}/projects Table 1 URI parameters Parameter Mandatory Type Description user_id Yes String IAM user ID.
Symptom Permissions that you grant to an IAM user on the IAM console have not been applied. Troubleshooting Cause: Incorrect permissions were granted to the user group to which the user belongs.
Figure 1 Permissions management model IAM User Management You can use your account to create IAM users and assign permissions for specific resources.
Deleting a Permanent Access Key Function This API can be used by the administrator to delete the specified permanent access key of an IAM user or used by an IAM user to delete one of their own permanent access keys.
Querying a Permanent Access Key Function This API can be used by the administrator to query the specified permanent access key of an IAM user or used by an IAM user to query one of their own permanent access keys.
Modifying a Permanent Access Key Function This API can be used by the administrator to modify the specified permanent access key of an IAM user or used by an IAM user to modify one of their own permanent access keys.
If IAM users need to modify their login password, mobile number, or email address, they can contact the administrator. For details, see Managing IAM User Information.
