检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
IAM Identity Center automatically synchronizes the account permission information to IAM without the complexity of managing individual accounts.
Changing the Identity Source Enabling and configuring ABAC in IAM Identity Center IAM Identity Center as identity source: Enable ABAC on the IAM Identity Center console and add user attributes for configuring ABAC.
IAM Identity Center supports identity federation with Security Assertion Markup Language (SAML). IAM Identity Center adds SAML IdP capabilities to either your IAM Identity Center identity store or external identity provider (IdP) applications.
OBT What Is IAM Identity Center?
You can set the duration as follows: If you use an external identity provider (IdP) as the identity source of IAM Identity Center, the duration of the user portal session is the shorter one that you set in the IdP or IAM Identity Center.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Applications. Click the name of the application to which you want to map attributes.
Procedure You can add, edit, or delete tags of a permission set on the IAM Identity Center console. Log in to the Huawei Cloud management console. Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center.
The principal can be either a user or a group in IAM Identity Center. It can be called only from the organization's management account or from a delegated administrator account of a cloud service.
Table 5 attached_managed_roles Parameter Type Description role_id String Unique ID of the IAM system-defined policy. Minimum length: 20 Maximum length: 2048 role_name String Name of the IAM system-defined policy.
Table 5 attached_managed_policies Parameter Type Description policy_id String Unique ID of the IAM system-defined identity policy. Minimum length: 20 Maximum length: 2048 policy_name String Name of the IAM system-defined identity policy.
Maximum length: 2048 Table 3 Parameters in the request body Parameter Mandatory Type Description managed_role_id Yes String Unique ID of the IAM system-defined policy. managed_role_name No String Name of the IAM system-defined policy.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Users. In the user list, click a username to go to the user details page.
Table 2 Query parameters Parameter Mandatory Type Description principal_id Yes String Globally unique ID of an IAM Identity Center principal. principal_type Yes String IAM Identity Center principal type. limit No Integer Maximum number of results returned for each request. marker
Maximum length: 2048 Table 3 Parameters in the request body Parameter Mandatory Type Description managed_policy_id Yes String Unique ID of the IAM system-defined identity policy. managed_policy_name No String Name of the IAM system-defined identity policy.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. In the navigation pane, choose Multi-Account Permissions > Permission Sets. View the created permission sets and their details in the list.
Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center. Choose Settings in the navigation pane. On the Identity Source tab, click Modify SAML 2.0 Configuration in the Authentication Method row.
URI POST /v1/instances/{instance_id}/access-control-attribute-configuration Table 1 Path parameters Parameter Mandatory Type Description instance_id Yes String Globally unique ID of an IAM Identity Center instance.
User Management Creating Users Logging In as an IAM Identity Center User and Accessing Resources Managing Users Deleting a User Configuring the Duration of the User Portal Session
To improve security, you are advised to enable MFA in IAM Identity Center.
Appendixes Status Codes Error Codes Obtaining Information About Account, IAM User, Group, Project, Region, and Agency Configuring SDK Client Authentication
