检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Obtaining Information About Account, IAM User, Group, Project, Region, and Agency Obtaining Account, IAM User, and Project Information Using the console On the Huawei Cloud homepage, click Console in the upper right corner.
You have two options for IAM Identity Center: Enable: You will need to enter the email address associated with the IAM Identity Center account. The email address of the management account must not be used for other IAM Identity Center users.
You have two options for IAM Identity Center: Enable: You will need to enter the email address associated with the IAM Identity Center account. The email address of the management account must not be used for other IAM Identity Center users.
Solution Log in to Huawei Cloud using the account you want to enroll, and navigate to the IAM console. In the navigation pane, choose Agencies and click Create Agency in the upper right corner. Figure 1 Creating an agency Set the agency name to RGCServiceExecutionAgency.
IAM Identity Center username in use. Change the IAM Identity Center username and try again. 400 RGC.1115 phone number is required in domestic. Mobile number required.
Updating the management account Enable: RGC will create an IAM Identity Center user as the administrator. If IAM Identity Center is connected to an external identity provider, the default IAM Identity Center user in RGC will lose access to the cloud.
Enforcing the least privilege Low identity:::user N/A RGC-GR_CONFIG_IAM_POLICY_IN_USE Checks whether an IAM policy has been attached to any IAM users, user groups, or agencies. This policy is non-compliant if the IAM policy has not been attached.
IAM Identity Center configurations. If the original landing zone uses IAM Identity Center and you want to use another home region for the new landing zone, you need to reset the original IAM Identity Center. For details, see IAM Identity Center Resetting.
For security purposes, create Identity and Access Management (IAM) users and grant them permissions for routine management. User An IAM user is created by an account to use cloud services. Each IAM user has their own identity credentials (password or access keys).
Configure IAM Identity Center details, including the email address and username. After an account is created, an IAM Identity Center user is automatically created in RGC.
Improving availability Medium ges:::graph N/A IAM Policy Name Function Scenario Severity Resource Mandatory RGC-GR_CONFIG_IAM_CUSTOMER_POLICY_BLOCKED_KMS_ACTIONS Checks whether an IAM policy allows any blocked action on KMS keys.
Appendix Status Codes Error Codes Obtaining Information About Account, IAM User, Group, Project, Region, and Agency
This section describes the elements used by IAM custom policies and Organizations SCPs. The elements include actions, resources, and conditions. For details about how to use these elements to edit an IAM custom policy, see Creating a Custom Policy.
Log in to Huawei Cloud using the account you want to enroll, and navigate to the IAM console. In the navigation pane, choose Agencies and click Create Agency in the upper right corner. Figure 1 Creating an agency Set the agency name to RGCServiceExecutionAgency.
Introduction You can use Identity and Access Management (IAM) for fine-grained permissions management of your RGC resources. If your HUAWEI ID does not need individual IAM users, you can skip this section. With IAM, you can control access to specific Huawei Cloud resources.
or RGC. state String Status of a managed account. message String Description of the error status. parent_organizational_unit_id String ID of a registered parent OU. parent_organizational_unit_name String Name of a registered parent OU. identity_store_user_name String Name of an IAM
Resources in an account can only be accessed by the IAM users or IAM agencies in the account. An account in RGC refers to a Huawei Cloud account. Management Account A management account is the account you used to enable the Organizations service.
Configure IAM Identity Center details, including the email address and username. After an account is created, an IAM Identity Center user is automatically created in RGC.
Identity Center user. identity_store_email No String Email address used for IAM Identity Center. parent_organizational_unit_id Yes String ID of a registered parent OU. parent_organizational_unit_name Yes String Name of a registered parent OU. blueprint No Blueprint object Templates
