Help Center> Identity and Access Management> User Guide> IAM Users> Viewing or Modifying IAM User Information

Viewing or Modifying IAM User Information

As an administrator, you can modify the basic information about an IAM user, change the security settings of the user and the groups to which the user belongs, and view or delete the assigned permissions. To view or modify user information, click Security Settings in the row containing the IAM user.

Figure 1 Going to the IAM user security settings page
Click to enlarge

To change the columns of the user list, click . The Username and Operation columns are displayed by default, and the Status column cannot be removed. You can also select Description, Last Login, Created, Access Type, Virtual MFA Status, Password Age, and Access Key (Status, Age, and AK).

Basic Information

You can view the basic information of each IAM user. The username, user ID, and creation time cannot be modified.

Figure 2 Modifying the status, access type, and description of an IAM user
Click to enlarge

Status: New IAM users are enabled by default. You can set Status to Disabled to disable an IAM user. The user is no longer able to log in to HUAWEI CLOUD through the management console or programmatic access.
Access Type: Change the access type of the IAM user.
- Pay attention to the following when you set the access type of an IAM user:
  - If the user accesses cloud services only by using the management console, specify the access type as Management console access and the credential type as Password.
  - If the user accesses cloud services only through programmatic calls, specify the access type as Programmatic access and the credential type as Access key.
  - If the user needs to use a password as the credential for programmatic access to certain APIs, specify the access type as Programmatic access and the credential type as Password.
  - If the user needs to perform access key verification when using certain services in the console, specify the access type as "Programmatic access + Management console access" and the credential type as "Access Key + Password". For example, the user needs to perform access key verification when creating a data migration job in the Cloud Data Migration (CDM) console.
- If the access type of the user is Programmatic access or "Programmatic access + Management console access", deselecting Programmatic access will restrict the user's access to HUAWEI CLOUD. Exercise caution when performing this operation.
Description: Modify the description of the IAM user.

User Groups

An IAM user inherits permissions from the groups to which the user belongs. To change the permissions of an IAM user, you need to change the groups to which the user belongs. To modify the permissions of a user group, see Viewing or Modifying User Group Information.

Your account belongs to the default group admin, which cannot be changed.

Click Add to User Groups, and select one or more groups to which the user will belong. The user then inherits permissions of these groups.
Figure 3 Adding the user to user groups
Click Remove on the right of a user group and click Yes. The user no longer has the permissions assigned to the group.
Figure 4 Removing the IAM user from a user group

Security Settings

As an administrator, you can modify the MFA device, login credential, login protection, and access keys of an IAM user on this page. If you are an IAM user and need to change your mobile number, email address, or virtual MFA device, see Security Settings Overview.

Figure 5 IAM user security settings
Click to enlarge

MFA Authentication: You can change the multi-factor authentication (MFA) settings of an IAM user on the Security Settings page.
- Change the mobile number or email address of the user.
  
  The mobile number and email address of the IAM user cannot be the same as those of your account or other IAM users.
- Remove the MFA device from the user. For more information about MFA authentication and virtual MFA device, see MFA Authentication and Virtual MFA Device.

Login Credentials: You can change the login password of the IAM user. For more information, see Changing the Login Password of an IAM User.
Login Protection: You can change the login verification method of the IAM user. Three verification methods are available: virtual MFA device, SMS, and email.
This option is disabled by default. If you enable this option, the user will need to enter a verification code in addition to the username and password when logging in to the console.
Access Keys: You can manage access keys of the IAM user. For more information, see Managing Access Keys for an IAM User.

Permissions

View or delete permissions of IAM users. To modify permissions of IAM users, see User Groups.

Figure 6 Permissions assigned to an IAM user
Click to enlarge

To view all authorization records under your account, see Viewing Authorization Records.

Deleting the permissions of an IAM user will delete the permissions assigned to the group to which the user belongs. All users in the group will no longer have the permissions. Exercise caution when performing this operation.

Parent topic: IAM Users

Last Article: Logging In as an IAM User

Next Article: Deleting an IAM User

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English