Key Operations Supported by CTS
With Cloud Trace Service (CTS), you can record IAM Identity Center operations for later query, auditing, and backtracking.
Operation |
Resource Type |
Event Name |
|---|---|---|
Enabling IAM Identity Center |
Instance |
StartIdentityCenter |
Disabling IAM Identity Center |
Instance |
DeleteIdentityCenter |
Registering a region |
Instance |
RegisterRegion |
Updating single sign-on (SSO) configuration |
Instance |
UpdateSsoConfiguration |
Updating the MFA device management in the identity store |
Instance |
UpdateMfaDeviceManagementForIdentityStore |
Adding a user-defined domain name |
Instance |
CreateAlias |
Enabling access control attributes for a specified instance |
Instance |
CreateInstanceAccessControlAttributeConfiguration |
Disabling access control attributes for a specified instance |
Instance |
DeleteInstanceAccessControlAttributeConfiguration |
Updating access control attributes for a specified instance |
Instance |
UpdateInstanceAccessControlAttributeConfiguration |
Assigning users/groups to a specified account with a specified permission set |
AccountAssignment |
CreateAccountAssignment |
Removing users/groups from a specified account with a specified permission set |
AccountAssignment |
DeleteAccountAssignment |
Deleting all permission sets associated with a user/group |
AccountAssignment |
DisassociateProfile |
Creating a permission set in a specified IAM Identity Center instance |
PermissionSet |
CreatePermissionSet |
Deleting a specified permission set |
PermissionSet |
DeletePermissionSet |
Updating a specified permission set |
PermissionSet |
UpdatePermissionSet |
Attaching a system-defined policy to a permission set |
PermissionSet |
AttachManagedPolicyToPermissionSet |
Detaching a system-defined policy from a permission set |
PermissionSet |
DetachManagedPolicyFromPermissionSet |
Attaching a system-defined role to a permission set |
PermissionSet |
AttachManagedRoleToPermissionSet |
Detaching a system-defined role from a permission set |
PermissionSet |
DetachManagedRoleFromPermissionSet |
Attaching a specified permission set to a specified account |
PermissionSet |
ProvisionPermissionSet |
Deleting a custom policy from a specified permission set |
PermissionSet |
DeleteCustomPolicy |
Attaching a custom policy to a permission set |
PermissionSet |
PutCustomPolicy |
Generating a credential for an IAM Identity Center user after user login |
User |
Authenticate |
Activating a device authorization code |
User |
ActiveDevice |
Canceling a device authorization code |
User |
CancelDevice |
Creating a user |
User |
CreateUser |
Deleting a user |
User |
DeleteUser |
Updating a user |
User |
UpdateUser |
Disabling a user |
User |
DisableUser |
Enabling a user |
User |
EnableUser |
Creating a virtual MFA device |
User |
CreateMfaDeviceForUser |
Deleting a virtual MFA device |
User |
DeleteMfaDeviceForUser |
Updating MFA information |
User |
UpdateMfaDeviceForUser |
Sending an email containing the password reset link or a one-time password |
User |
UpdatePwdMode |
Resetting a user password |
User |
ResetPassword |
Sending an email verification link |
User |
VerifyEmail |
Updating the email verification status |
User |
UpdateEmailStatus |
Creating a group |
Group |
CreateGroup |
Deleting a group |
Group |
DeleteGroup |
Updating a group |
Group |
UpdateGroup |
Adding a user to a group |
GroupMembership |
CreateGroupMembership |
Removing a user from a group |
GroupMembership |
DeleteGroupMembership |
Batch adding IAM Identity Center users to groups |
GroupMembership |
BatchCreateMembership |
Batch removing IAM Identity Center users from groups |
GroupMembership |
BatchDeleteMembership |
Batch replacing IAM Identity Center users in groups |
GroupMembership |
BatchReplaceMembership |
Creating external identity provider configuration |
IdP |
CreateExternalIdPConfigurationForDirectory |
Enabling external identity provider |
IdP |
EnableExternalIdPConfigurationForDirectory |
Deleting external identity provider configuration |
IdP |
DeleteExternalIdPConfigurationForDirectory |
Disabling external identity provider |
IdP |
DisableExternalIdPConfigurationForDirectory |
Updating external identity provider configuration |
IdP |
UpdateExternalIdPConfigurationForDirectory |
Deleting a certificate |
IdP |
DeleteExternalIdPCertificate |
Importing a certificate |
IdP |
ImportExternalIdPCertificate |
Creating a bearer token |
IdP |
CreateBearerToken |
Creating the tenant information corresponding to the identity source |
IdP |
CreateProvisioningTenant |
Deleting a bearer token |
IdP |
DeleteBearerToken |
Deleting the tenant information corresponding to the identity source |
IdP |
DeleteProvisioningTenant |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
