检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
In this case, you can manually provision users and groups through the IAM Identity Center console. When you add users to IAM Identity Center, ensure that the username is the same as that in your IdP.
On the Identity Source tab, click Change to IAM Identity Center in the Identity Source row. Figure 4 Changing to IAM Identity Center Review and confirm the change.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. Choose Settings in the navigation pane. Click the Authentication tab.
Before using IAM Identity Center, you must enable the Organizations service and create an organization. Then, you can log in to IAM Identity Center using the organization's management account.
Currently, you can only associate IAM Identity Center users/groups and permission sets with member accounts in your organization, rather than organizational units (OUs) or the whole organization.
Associating Accounts with Users and Permission Sets After IAM Identity Center users/groups and permission sets are created, you can associate one or more member accounts in your organization with the created users/groups and permission sets.
Querying Details about the Account Assignment Creation Status Function This API is used to query details about the account assignment creation status of a specified IAM Identity Center instance based on the request ID.
Querying Details about the Account Assignment Deletion Status Function This API is used to query details about the account assignment deletion status of a specified IAM Identity Center instance based on the request ID.
Creating Permissions Policies for ABAC Overview After you add tags to resources and enable and configure access control attributes in IAM Identity Center, you need to add attribute-based access control rules to custom identity policies of the permission set.
Disabling Access Control Attributes for a Specified Instance Function This API is used to disable ABAC for a specified IAM Identity Center instance and delete all configured attribute mappings.
Listing Account Assignment Creation Statuses Function This API is used to list the account assignment creation statuses of a specified IAM Identity Center instance.
Listing Account Assignment Deletion Statuses Function This API is used to list the account assignment deletion statuses of a specified IAM Identity Center instance.
Customizing User Portal URL After you enable IAM Identity Center, a unique user portal URL is automatically generated. You can customize the URL only once. After the URL is changed, it cannot be modified any longer. Procedure Log in to the Huawei Cloud console.
Updating a Group Function This API is used to update the attributes of an IAM Identity Center group based on the group ID.
Creating a Group Function This API is used to create an IAM Identity Center group in the specified identity source.
Disabling, Enabling, or Deleting a User You can disable the access permissions of an IAM Identity Center user that is not required temporarily. You can enable it again if needed. You can also delete IAM Identity Center users. Deleted users cannot be restored.
API Calling IAM Identity Center supports Representational State Transfer (REST) APIs, allowing you to call APIs using HTTPS. For details about API calling, see Calling APIs. Parent topic: Before You Start
Listing Groups Function This API is used to list the IAM Identity Center groups in the specified identity source.
Creating a Permission Set Function This API is used to create a permission set in a specified IAM Identity Center instance.
Creating a User Function This API is used to create an IAM Identity Center user in the specified identity source.