Modifying the Account Login Policy
Function
This API is used to modify the account login policy.
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.
|
Action |
Access Level |
Resource Type (*: required) |
Condition Key |
Alias |
Dependencies |
|---|---|---|---|---|---|
|
iam:securitypolicies:updateLoginPolicyV5 |
Write |
- |
- |
- |
- |
URI
PUT /v5/login-policy
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
user_validity_period |
No |
Integer |
If an IAM user does not log in within the specified validity period (days), the user is disabled. Value range: [0,240]. This parameter does not apply to the root user. Minimum: 0 Maximum: 240 |
|
custom_info_for_login |
No |
String |
Login information. The value cannot contain the following special characters: @#%&<>\$^* Maximum: 64 |
|
lockout_duration |
No |
Integer |
IAM user login lockout duration (minutes). The value range is [15,1440]. Minimum: 15 Maximum: 1440 |
|
login_failed_times |
No |
Integer |
Number of unsuccessful login attempts to lock users out. Value range: [3,10]. Minimum: 3 Maximum: 10 |
|
period_with_login_failures |
No |
Integer |
Period (minutes) to count the number of unsuccessful login attempts. Value range: [15,60]. Minimum: 15 Maximum: 60 |
|
session_timeout |
No |
Integer |
Session timeout (minutes) that will apply if you or users created using your account do not perform any operations within a specific period. Value range: [15,1440]. Minimum: 15 Maximum: 1440 |
|
show_recent_login_info |
No |
Boolean |
Indicates whether to display the last login information upon successful login. |
|
allow_address_netmasks |
No |
Array of AllowAddressNetmask objects |
IP address or CIDR block that is allowed to access, for example, xxx.xxx.xxx.xxx/24. |
|
allow_ip_ranges |
No |
Array of AllowIpRange objects |
IP address range that is allowed to access, for example, 0.0.0.0-255.255.255.255. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
login_policy |
LoginPolicy object |
Login authentication policy |
|
Parameter |
Type |
Description |
|---|---|---|
|
user_validity_period |
Integer |
If an IAM user does not log in within the validity period (days) specified by this parameter, the user is disabled. This does not apply to the root user. |
|
custom_info_for_login |
String |
Login information. |
|
lockout_duration |
Integer |
Account lockout duration (minute) for IAM users. |
|
login_failed_times |
Integer |
Maximum number of invalid login attempts. |
|
period_with_login_failures |
Integer |
Specified duration (minute). |
|
session_timeout |
Integer |
Timeout duration of a session. |
|
show_recent_login_info |
Boolean |
Indicates whether to display the last login information upon successful login. |
|
allow_address_netmasks |
Array of AllowAddressNetmask objects |
IP addresses or CIDR blocks from which API access is allowed. |
|
allow_ip_ranges |
Array of AllowIpRange objects |
IP address ranges from which API access is allowed. |
|
Parameter |
Type |
Description |
|---|---|---|
|
address_netmask |
String |
IP address or CIDR block, for example, 192.168.0.1/24. Maximum: 50 |
|
description |
String |
Description. The value cannot contain the following special characters: @#%&<>\$^* Maximum: 255 |
|
Parameter |
Type |
Description |
|---|---|---|
|
ip_range |
String |
IP address range, for example, 0.0.0.0-255.255.255.255 Maximum: 50 |
|
description |
String |
Description. The value cannot contain the following special characters: @#%&<>\$^* Maximum: 255 |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
Status code: 403
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error message. |
|
request_id |
String |
Request ID. |
|
encoded_authorization_message |
String |
Encrypted authentication failure information, which can be decrypted using the STS5 decryption API. |
Example Requests
Modifying the account login policy
PUT https://{endpoint}/v5/login-policy
{
"user_validity_period" : 0,
"custom_info_for_login" : "info",
"lockout_duration" : 15,
"login_failed_times" : 5,
"period_with_login_failures" : 15,
"session_timeout" : 60,
"show_recent_login_info" : false,
"allow_address_netmasks" : [ {
"address_netmask" : "192.168.0.1/24",
"description" : "description"
} ],
"allow_ip_ranges" : [ {
"ip_range" : "0.0.0.0-255.255.255.255",
"description" : "description"
} ]
}
Example Responses
Status code: 200
Successful
{
"login_policy" : {
"user_validity_period" : 0,
"custom_info_for_login" : "info",
"lockout_duration" : 15,
"login_failed_times" : 5,
"period_with_login_failures" : 15,
"session_timeout" : 60,
"show_recent_login_info" : false,
"allow_address_netmasks" : [ {
"address_netmask" : "192.168.0.1/24",
"description" : "description"
} ],
"allow_ip_ranges" : [ {
"ip_range" : "0.0.0.0-255.255.255.255",
"description" : "description"
} ]
}
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Successful |
|
400 |
Bad request |
|
403 |
Forbidden |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
