检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer. URI GET /v3 Request Parameters None Response Parameters Table 1 Parameters in the response body Parameter Type Description version Object Information about Keystone API 3.0.
IAM does not provide APIs for batch querying and modifying personal data. Operation Logs IAM logs all personal data operations, including adding, modifying, querying, and deleting personal data.
Company B assigns permissions to one or more of its IAM users to manage company A's resources. Requirements Company B wants to authorize its employees (IAM users) to manage the delegated resources of company A.
Disabling IAM User Login Verification as an Administrator An administrator can disable login verification for an IAM user on the IAM console as follows: In the navigation pane, choose Users. Click Security Settings in the row containing the target user.
For IAM endpoints, see Regions and Endpoints. Debugging You can debug this API in API Explorer.
IAM Users Creating an IAM User Assigning Permissions to an IAM User Logging In as an IAM User Changing the Password of an IAM User User Groups and Permissions Creating a User Group and Assigning Permissions Creating a Custom Policy Agencies Account Agencies Cloud Service Agencies
Then, the IAM users created for the enterprise personnel can be added to different user groups based on their job responsibilities. For the definitions of an account and IAM user, see Basic Concepts.
A mobile number or an email address can be bound only to one account or IAM user. Only one mobile number, email address, and virtual MFA device can be bound to an account or IAM user.
Parent topic: IAM User SSO via SAML
Symptom You have set an API access control policy, but IAM users who do not meet the policy requirements can still access Huawei Cloud using APIs. Solution The API access control policy has not taken effect yet. API access control policies take effect within 2 hours once set.
an IAM User POST /v3/users iam:users:createUser - - Modifying User Information PATCH /v3/users/{user_id} iam:users:updateUser - - Deleting an IAM User DELETE /v3/users/{user_id} iam:users:deleteUser - - Creating an IAM User (Recommended) POST /v3.0/OS-USER/users iam:users:createUser
IAM User Management API Description Listing IAM Users Provided for the administrator to list all IAM users.
Table 1 lists IAM endpoints. IAM is a global service with all data stored in the Global service project. All APIs of IAM can be called using the endpoint of a global service.
IAM project: The name of an IAM project or region. If you select IAM project and enter a project name, the IAM project view is displayed. Parent topic: Permissions Management
Handling Suspected Access Key Leakage for an IAM User Scenario 1: If the access key has not been used, disable and delete the access key of the IAM user on the IAM console. If you do not have the permission, contact an administrator who has the required IAM permissions.
Operation Constraints Table 3 Operation constraints Scenario Item Description Creating IAM users IAM users that can be created at a time A maximum of 10 users can be created at a time. IAM username A new username must be different from existing IAM usernames.
Critical Operations Administrator: Full access IAM users: Read-only access Login Authentication Policy Administrator: Full access IAM users: Read-only access Password Policy Administrator: Full access IAM users: Read-only access ACL Administrator: Full access IAM users: Read-only
Users Querying the MFA Device Information of an IAM User Listing Login Protection Configurations of IAM Users Querying the Login Protection Configuration of an IAM User Modifying the Login Protection Configuration of an IAM User Binding a Virtual MFA Device Unbinding a Virtual MFA
Each IAM user can create a maximum of two access keys. The quota cannot be increased.
