检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
You can use IAM identity providers (IdPs) to manage user identities outside of Huawei Cloud. For details about IAM IdPs, see Identity Providers.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. Choose Settings in the left navigation pane. Click the Authentication tab.
Applying for an Open Beta Test and Enabling IAM Identity Center IAM Identity Center is now under open beta test. Before using IAM Identity Center, you need to apply for an open beta test. Enterprise users can apply for a free trial. Log in to the Huawei Cloud console.
Currently, you can only associate IAM Identity Center users/groups and permission sets with member accounts in your organization, rather than organizational units (OUs) or the whole organization.
Associating Accounts with Users and Permission Sets After IAM Identity Center users/groups and permission sets are created, you can associate one or more member accounts in your organization with the created users/groups and permission sets.
Creating Permissions Policies for ABAC Overview After you add tags to resources and enable and configure access control attributes in IAM Identity Center, you need to add attribute-based access control rules to custom identity policies of the permission set.
Querying Details about the Account Assignment Creation Status Function This API is used to query details about the account assignment creation status of a specified IAM Identity Center instance based on the request ID.
Querying Details about the Account Assignment Deletion Status Function This API is used to query details about the account assignment deletion status of a specified IAM Identity Center instance based on the request ID.
Disabling Access Control Attributes for a Specified Instance Function This API is used to disable ABAC for a specified IAM Identity Center instance and delete all configured attribute mappings.
Listing Account Assignment Creation Statuses Function This API is used to list the account assignment creation statuses of a specified IAM Identity Center instance.
Listing Account Assignment Deletion Statuses Function This API is used to list the account assignment deletion statuses of a specified IAM Identity Center instance.
Customizing User Portal URL After you enable IAM Identity Center, a unique user portal URL is automatically generated. You can customize the URL only once. After the URL is changed, it cannot be modified any longer. Procedure Log in to the Huawei Cloud console.
Updating a Group Function This API is used to update the attributes of an IAM Identity Center group based on the group ID.
Creating a Group Function This API is used to create an IAM Identity Center group in the specified identity source.
Disabling, Enabling, or Deleting a User You can disable the access permissions of an IAM Identity Center user that is not required temporarily. You can enable it again if needed. You can also delete IAM Identity Center users. Deleted users cannot be restored.
API Calling IAM Identity Center supports Representational State Transfer (REST) APIs, allowing you to call APIs using HTTPS. For details about API calling, see Calling APIs. Parent topic: Before You Start
Creating a Permission Set Function This API is used to create a permission set in a specified IAM Identity Center instance.
Listing Groups Function This API is used to list the IAM Identity Center groups in the specified identity source.
Creating a User Function This API is used to create an IAM Identity Center user in the specified identity source.
Listing Users Function This API is used to list the IAM Identity Center users in the specified identity source.
