检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
If IAM users need to modify their login password, mobile number, or email address, they can contact the administrator. For details, see Managing IAM User Information.
Supported Cloud Services IAM provides identity authentication and permissions management for other Huawei Cloud services. Users created in IAM can access these services based on assigned permissions.
Querying Permanent Access Keys Function This API can be used by the administrator to query all permanent access key of an IAM user or used by an IAM user to query all of their own permanent access keys.
Creating a Virtual MFA Device Function This API is provided for IAM users to create a virtual MFA device. The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
A token is an access credential issued to an IAM user to bear its identity and permissions. When calling the APIs of IAM or other cloud services, you can use this API to obtain a user token for authentication.
Only the following users can use IAM: Account administrator (with full permissions for all services, including IAM) IAM users added to the admin group (with full permissions for all services, including IAM) IAM users assigned the Security Administrator role or an xxx FullAccess policy
For example, if a user or user group has the IAM ReadOnlyAccess permission, the user or user group only has the read-only permission on IAM service data. IAM also supports custom policies to assign IAM service permissions.
including IAM) IAM users assigned the Security Administrator role (with permissions to access IAM) If you want to view, audit, and track the records of key operations performed on IAM, enable Cloud Trace Service (CTS).
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
Feature Description Phase Document 1 Changing the access type of IAM users The administrator can change the access type of an IAM user on the Basic Information page.
Parent topic: IAM User SSO via SAML
To identify the principal that uses access keys, create an IAM user with the same name as the corresponding IAM user or your account. Click OK. Obtain an access key for the IAM user. Log in to the IAM console and select the EU-Dublin region.
For details about how to obtain the project ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
For details about how to obtain the project ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI DELETE /v3.0/OS-ROLE/roles/{role_id} Table 1 URI parameters Parameter Mandatory Type Description role_id Yes String Custom policy ID.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI DELETE /v3/OS-FEDERATION/identity_providers/{id} Table 1 URI parameters Parameter Mandatory Type Description id Yes String ID of the identity provider to be deleted.
In the case of a custom policy for agencies, the type of this parameter is Object, and the value should be "Resource": {"uri": ["/iam/agencies/agencyTest"]}.
For details about how to obtain the agency ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
