• Identity and Access Management

iam
  1. Help Center
  2. Identity and Access Management
  3. User Guide
  4. User Guide
  5. Audit
  6. IAM Operations That Can Be Recorded by CTS

IAM Operations That Can Be Recorded by CTS

Table 1 lists IAM operations that can be recorded by CTS.

Table 1 IAM operations that can be recorded by CTS

Operation

Resource Type

Event Name

Obtain token

token

createTokenByPwd

Obtain token

token

createTokenByHwAccessKey

Obtain token

token

createTokenByToken

Obtain token

token

createTokenByAssumeRole

Obtain token

token

createTokenByHwRenewToken

Log in

user

login

Log out

user

logout

Change user password

user

changePassword

Create user

user

createUser

Modify user information

user

updateUser

Delete user

user

deleteUser

Change user password

user

updateUserPwd

Create AK/SK

user

addCredential

Delete AK/SK

user

deleteCredential

Change email address

user

modifyUserEmail

Change mobile number

user

modifyUserMobile

Change password

user

modifyUserPassword

Enable two-factor authentication

user

modifySMVerify

Upload avatar

user

modifyUserPicture

Administrator sets user password

user

setPasswordByAdmin

Create user group

userGroup

createGroup

Update user group

userGroup

updateGroup

Delete user group

userGroup

deleteGroup

Add user to user group

userGroup

addUserToGroup

Delete user from user group

userGroup

removeUserFromGroup

Create project

project

createProject

Modify project

project

updateProject

Delete project

project

deleteProject

Update project status

project

updateProjectStatus

Cancel project deletion

project

cancelProjectDeletion

Create agency

agency

createAgency

Modify agency

agency

updateAgency

Delete agency

agency

deleteAgency

Switch role

user

switchRole

Register IdP

identityProvider

createIdentityProvider

Update IdP

identityProvider

updateIdentityProvider

Delete IdP

identityProvider

deleteIdentityProvider

Update IdP metadata

identityProvider

updateMetaConfigure

Update preset IdP metadata

identityProvider

updateSystemMetaConfigure

Register mapping

mapping

createMapping

Update mapping

mapping

updateMapping

Delete mapping

mapping

deleteMapping

Register protocol

protocol

createProtocol

Update protocol

protocol

updateProtocol

Delete protocol

protocol

deleteProtocol

Grant permissions to an agency based on account information

roleAgencyDomain

assignRoleToAgencyOnDomain

Delete permissions of an agency based on account information

roleAgencyDomain

unassignRoleToAgencyOnDomain

Grant permissions to an agency based on project information

roleAgencyProject

assignRoleToAgencyOnProject

Delete permissions of an agency based on project information

roleAgencyProject

unassignRoleToAgencyOnProject

Grant permissions to a user group under an account

roleGroupDomain

assignRoleToGroupOnDomain

Delete permissions of a user group under an account

roleGroupDomain

unassignRoleToGroupOnDomain

Grant permissions to a user group corresponding to a project

roleGroupProject

assignRoleToGroupOnProject

Delete permissions of a user group corresponding to a project

roleGroupProject

unassignRoleToGroupOnProject

Update account login policy

domain

updateSecurityPolicies

Update password policy

domain

updatePasswordPolicies

Update ACL

domain

updateACLPolicies