IAM UMN 20240116 Version

Reviewed-by: Rogal, Marcel <mrogal@noreply.gitea.eco.tsi-dev.otc-service.com> Co-authored-by: Wei, Hongmin <weihongmin1@huawei.com> Co-committed-by: Wei, Hongmin <weihongmin1@huawei.com>
2024-09-09 12:18:24 +00:00 · 2024-09-09 12:18:24 +00:00 · d48c6004e4
commit d48c6004e4
parent ffd32f07e7
44 changed files with 834 additions and 167 deletions
--- a/docs/iam/umn/ALL_META.TXT.json
+++ b/docs/iam/umn/ALL_META.TXT.json
--- a/docs/iam/umn/CLASS.TXT.json
+++ b/docs/iam/umn/CLASS.TXT.json
@ -135,7 +135,7 @@
 		"code":"15"
 	},
 	{
-		"desc":"IAM users created without being added to any groups do not have permissions. You can assign permissions to these IAM users on the IAM console. After authorization, the us",
+		"desc":"IAM users created without being added to any groups do not have permissions. You can assign permissions to these IAM users on the IAM console. Then the users can use clou",
 		"product_code":"iam",
 		"title":"Assigning Permissions to an IAM User",
 		"uri":"en-us_topic_0079496985.html",
@ -216,7 +216,7 @@
 		"code":"24"
 	},
 	{
-		"desc":"A user inherits permissions from the groups to which the user belongs. To change the permissions of a user, add the user to a new group or remove the user from an existin",
+		"desc":"A user inherits permissions from the groups which the user belongs to. To change the permissions of a user, add the user to a new group or remove the user from an existin",
 		"product_code":"iam",
 		"title":"Adding Users to or Removing Users from a User Group",
 		"uri":"iam_03_0002.html",
@ -227,7 +227,7 @@
 	{
 		"desc":"To delete a user group, do the following:To delete multiple user groups at a time, do the following:",
 		"product_code":"iam",
-		"title":"Deleting a User Group",
+		"title":"Deleting User Groups",
 		"uri":"iam_01_0430.html",
 		"doc_type":"usermanual",
 		"p_code":"23",
@ -297,7 +297,7 @@
 		"code":"33"
 	},
 	{
-		"desc":"You can create custom policies to supplement system-defined policies and implement more refined access control.Global services: Select this option if the services to whic",
+		"desc":"You can create custom policies to supplement system-defined policies and implement more refined access control.Select Allow or Deny.Select a cloud service.Only one cloud ",
 		"product_code":"iam",
 		"title":"Creating a Custom Policy",
 		"uri":"iam_01_0016.html",
@ -351,7 +351,7 @@
 		"code":"39"
 	},
 	{
-		"desc":"The Login Authentication Policy tab of the Security Settings page provides the Session Timeout, Account Lockout, Recent Login Information, Recent Login Information, and C",
+		"desc":"The Login Authentication Policy tab of the Security Settings page provides the Session Timeout, Account Lockout, Account Disabling, Recent Login Information, and Custom I",
 		"product_code":"iam",
 		"title":"Login Authentication Policy",
 		"uri":"iam_01_0704.html",
@ -432,7 +432,7 @@
 		"code":"48"
 	},
 	{
-		"desc":"When an account establishes a trust relationship with your account, you become a delegated party. You and all the users you have authorized can switch to the delegating a",
+		"desc":"When an account establishes a trust relationship with your account, you become a delegated party. The IAM users that are granted agency permissions can switch to the dele",
 		"product_code":"iam",
 		"title":"Switching Roles (by a Delegated Party)",
 		"uri":"en-us_topic_0046613148.html",
@ -443,7 +443,7 @@
 	{
 		"desc":"Services on the cloud platform interwork with each other, and some cloud services are dependent on other services. To delegate a cloud service to access other services an",
 		"product_code":"iam",
-		"title":"Cloud Service Delegation",
+		"title":"Cloud Service Agency",
 		"uri":"iam_06_0004.html",
 		"doc_type":"usermanual",
 		"p_code":"44",
--- a/docs/iam/umn/en-us_image_0289500726.png
+++ b/docs/iam/umn/en-us_image_0289500726.png
--- a/docs/iam/umn/en-us_topic_0046611300.html
+++ b/docs/iam/umn/en-us_topic_0046611300.html
@ -2,13 +2,25 @@
 <h1 class="topictitle1">Change History</h1>
 <div id="body1481683858040">
-<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0046611300__table21997797145555" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Change history</caption><thead align="left"><tr id="en-us_topic_0046611300__row57680627145555"><th align="left" class="cellrowborder" valign="top" width="29.95%" id="mcps1.3.1.2.3.1.1"><p id="en-us_topic_0046611300__p15004592145747"><strong id="en-us_topic_0046611300__b291333503">Released On</strong></p>
+<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0046611300__table21997797145555" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Change history</caption><thead align="left"><tr id="en-us_topic_0046611300__row57680627145555"><th align="left" class="cellrowborder" valign="top" width="29.95%" id="mcps1.3.1.2.3.1.1"><p id="en-us_topic_0046611300__p15004592145747"><strong id="en-us_topic_0046611300__b558513064">Released On</strong></p>
 </th>
 <th align="left" class="cellrowborder" valign="top" width="70.05%" id="mcps1.3.1.2.3.1.2"><p id="en-us_topic_0046611300__p49738431145747"><strong id="en-us_topic_0046611300__b84235270621124_1">What's New</strong></p>
 </th>
 </tr>
 </thead>
-<tbody><tr id="en-us_topic_0046611300__row1320818170129"><td class="cellrowborder" valign="top" width="29.95%" headers="mcps1.3.1.2.3.1.1 "><p id="en-us_topic_0046611300__p1020831711215">2023-07-20</p>
+<tbody><tr id="en-us_topic_0046611300__row27624172915"><td class="cellrowborder" valign="top" width="29.95%" headers="mcps1.3.1.2.3.1.1 "><p id="en-us_topic_0046611300__p13778419293">2024-07-09</p>
 </td>
 <td class="cellrowborder" valign="top" width="70.05%" headers="mcps1.3.1.2.3.1.2 "><p id="en-us_topic_0046611300__p277204142917">This release incorporates the following change:</p>
 <p id="en-us_topic_0046611300__p6225195322910">Added TSI login in <a href="iam_01_0012.html#iam_01_0012__table10454121518219">Table 1</a>.</p>
 </td>
 </tr>
 <tr id="en-us_topic_0046611300__row81831418165319"><td class="cellrowborder" valign="top" width="29.95%" headers="mcps1.3.1.2.3.1.1 "><p id="en-us_topic_0046611300__p171848183534">2024-01-16</p>
 </td>
 <td class="cellrowborder" valign="top" width="70.05%" headers="mcps1.3.1.2.3.1.2 "><p id="en-us_topic_0046611300__p718491810539">This release incorporates the following change:</p>
 <p id="en-us_topic_0046611300__p1011623210539">Modified ELB critical operations described in <a href="iam_01_0029.html#iam_01_0029__en-us_topic_0177717039_table1143213281227">Table 1</a>.</p>
 </td>
 </tr>
 <tr id="en-us_topic_0046611300__row1320818170129"><td class="cellrowborder" valign="top" width="29.95%" headers="mcps1.3.1.2.3.1.1 "><p id="en-us_topic_0046611300__p1020831711215">2023-07-20</p>
 </td>
 <td class="cellrowborder" valign="top" width="70.05%" headers="mcps1.3.1.2.3.1.2 "><p id="en-us_topic_0046611300__p1520910178126">This release incorporates the following changes:</p>
 <ul id="en-us_topic_0046611300__ul13457171951416"><li id="en-us_topic_0046611300__li164571319131417">Modified content in <a href="iam_07_0002.html">Creating a Security Administrator</a>.</li><li id="en-us_topic_0046611300__li1945771931412">Modified content in <a href="iam_01_0030.html">Creating a User Group and Assigning Permissions</a>.</li><li id="en-us_topic_0046611300__li14579196144">Modified the structure and content in section <a href="en-us_topic_0059870089.html">Identity Providers</a>.</li></ul>
@ -29,7 +41,7 @@
 <tr id="en-us_topic_0046611300__row183901816371"><td class="cellrowborder" valign="top" width="29.95%" headers="mcps1.3.1.2.3.1.1 "><p id="en-us_topic_0046611300__p3390416473">2023-04-04</p>
 </td>
 <td class="cellrowborder" valign="top" width="70.05%" headers="mcps1.3.1.2.3.1.2 "><p id="en-us_topic_0046611300__p183906164718">This release incorporates the following changes:</p>
-<ul id="en-us_topic_0046611300__ul6601710111015"><li id="en-us_topic_0046611300__li460210121016">Added section <a href="iam_06_0001.html">Delegating Resource Access to Another Account</a>.</li><li id="en-us_topic_0046611300__li46081011011">Added section <a href="iam_01_0730.html">Deleting or Modifying Agencies</a>.</li><li id="en-us_topic_0046611300__li196031051019">Added section <a href="iam_01_0029.html#iam_01_0029__en-us_topic_0177717039_table1143213281227">Table 1</a>.</li><li id="en-us_topic_0046611300__li360181011104">Modified content in sections <a href="en-us_topic_0046613147.html">Creating an Agency (by a Delegating Party)</a>, <a href="iam_01_0063.html">(Optional) Assigning Permissions to an IAM User (by a Delegated Party)</a>, <a href="en-us_topic_0046613148.html">Switching Roles (by a Delegated Party)</a>, and <a href="iam_06_0004.html">Cloud Service Delegation</a>.</li><li id="en-us_topic_0046611300__li05543455410">Modified content in section <a href="iam_01_0012.html#iam_01_0012__table10454121518219">Table 1</a>.</li></ul>
+<ul id="en-us_topic_0046611300__ul6601710111015"><li id="en-us_topic_0046611300__li460210121016">Added section <a href="iam_06_0001.html">Delegating Resource Access to Another Account</a>.</li><li id="en-us_topic_0046611300__li46081011011">Added section <a href="iam_01_0730.html">Deleting or Modifying Agencies</a>.</li><li id="en-us_topic_0046611300__li196031051019">Added section <a href="iam_01_0029.html#iam_01_0029__en-us_topic_0177717039_table1143213281227">Table 1</a>.</li><li id="en-us_topic_0046611300__li360181011104">Modified content in sections <a href="en-us_topic_0046613147.html">Creating an Agency (by a Delegating Party)</a>, <a href="iam_01_0063.html">(Optional) Assigning Permissions to an IAM User (by a Delegated Party)</a>, <a href="en-us_topic_0046613148.html">Switching Roles (by a Delegated Party)</a>, and <a href="iam_06_0004.html">Cloud Service Agency</a>.</li><li id="en-us_topic_0046611300__li05543455410">Modified content in section <a href="iam_01_0012.html#iam_01_0012__table10454121518219">Table 1</a>.</li></ul>
 </td>
 </tr>
 <tr id="en-us_topic_0046611300__row11781887229"><td class="cellrowborder" valign="top" width="29.95%" headers="mcps1.3.1.2.3.1.1 "><p id="en-us_topic_0046611300__p4781683228">2023-02-21</p>
@ -40,7 +52,7 @@
 <p id="en-us_topic_0046611300__p1968816495235">Added section <a href="iam_02_0004.html">Deleting an IAM User</a>.</p>
 <p id="en-us_topic_0046611300__p816617952417">Added section <a href="iam_01_0653.html">Changing the Login Password of an IAM User</a>.</p>
 <p id="en-us_topic_0046611300__p112422712419">Added section <a href="iam_03_0002.html">Adding Users to or Removing Users from a User Group</a>.</p>
-<p id="en-us_topic_0046611300__p118737535246">Added section <a href="iam_01_0430.html">Deleting a User Group</a>.</p>
+<p id="en-us_topic_0046611300__p118737535246">Added section <a href="iam_01_0430.html">Deleting User Groups</a>.</p>
 <p id="en-us_topic_0046611300__p880921010259">Added section <a href="iam_03_0004.html">Revoking Permissions of a User Group</a>.</p>
 <p id="en-us_topic_0046611300__p1881275253">Added section <a href="iam_01_0657.html">Assigning Dependency Roles</a>.</p>
 <p id="en-us_topic_0046611300__p485974516258">Added section <a href="iam_01_0601.html">Roles</a>.</p>
--- a/docs/iam/umn/en-us_topic_0046613147.html
+++ b/docs/iam/umn/en-us_topic_0046613147.html
@ -1,15 +1,15 @@
 <a name="en-us_topic_0046613147"></a><a name="en-us_topic_0046613147"></a>
 <h1 class="topictitle1">Creating an Agency (by a Delegating Party)</h1>
-<div id="body1484205204048"><p id="en-us_topic_0046613147__en-us_topic_0170090713_p54443803141539">By creating an agency, you can share your resources with another account, or delegate an individual or team to manage your resources. You do not need to share your security credentials (the password and access keys) with the delegated party. Instead, the delegated party can log in with its own account credentials and then switches the role to your account and manage your resources.</p>
+<div id="body1484205204048"><p id="en-us_topic_0046613147__en-us_topic_0170090713_p54443803141539">By creating an agency, you can share your resources with another account, or delegate an individual or team to manage your resources. You do not need to share your security credentials (the password or access keys) with the delegated party. Instead, the delegated party can log in with its own account credentials and then switches the role to your account and manage your resources.</p>
 <div class="section" id="en-us_topic_0046613147__en-us_topic_0170090713_section8461153510110"><h4 class="sectiontitle">Prerequisites</h4><p id="en-us_topic_0046613147__en-us_topic_0170090713_p15905144410368">Before creating an agency, complete the following operations:</p>
 <ul id="en-us_topic_0046613147__en-us_topic_0170090713_ul6238854161714"><li id="en-us_topic_0046613147__en-us_topic_0170090713_li32381254121719">Understand the <a href="en-us_topic_0046611276.html">basic concepts</a> of permissions.</li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li17692133582712">Determine the <a href="https://docs.otc.t-systems.com/additional/permissions.html" target="_blank" rel="noopener noreferrer">permissions</a> to be assigned to the agency, and check whether the permissions have dependencies. For more details, see <a href="iam_01_0657.html#iam_01_0657">Assigning Dependency Roles</a>.</li></ul>
 </div>
-<div class="section" id="en-us_topic_0046613147__en-us_topic_0170090713_section2672115"><h4 class="sectiontitle">Procedure</h4><ol id="en-us_topic_0046613147__en-us_topic_0170090713_ol49998812"><li id="en-us_topic_0046613147__en-us_topic_0170090713_li11128296159"><span>Log in to the IAM console.</span></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li1546779817427"><span>On the IAM console, choose <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b183711578367">Agencies</strong> from the navigation pane, and click <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b14428573365">Create Agency</strong> in the upper right corner.</span><p><div class="fignone" id="en-us_topic_0046613147__en-us_topic_0170090713_fig0737181164117"><span class="figcap"><b>Figure 1 </b>Creating an agency</span><br><span><img id="en-us_topic_0046613147__en-us_topic_0170090713_image573711110414" src="en-us_image_0000001511524692.png" height="118.7025" width="523.6875" title="Click to enlarge" class="imgResize"></span></div>
+<div class="section" id="en-us_topic_0046613147__en-us_topic_0170090713_section2672115"><h4 class="sectiontitle">Procedure</h4><ol id="en-us_topic_0046613147__en-us_topic_0170090713_ol49998812"><li id="en-us_topic_0046613147__en-us_topic_0170090713_li11128296159"><span>Log in to the IAM console.</span></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li1546779817427"><span>On the IAM console, choose <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b183711578367">Agencies</strong> from the left navigation pane, and click <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b14428573365">Create Agency</strong> in the upper right corner.</span><p><div class="fignone" id="en-us_topic_0046613147__en-us_topic_0170090713_fig0737181164117"><span class="figcap"><b>Figure 1 </b>Creating an agency</span><br><span><img id="en-us_topic_0046613147__en-us_topic_0170090713_image573711110414" src="en-us_image_0000001511524692.png" height="118.7025" width="523.6875" title="Click to enlarge" class="imgResize"></span></div>
 </p></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li63471691104814"><span>Enter an agency name.</span><p><div class="fignone" id="en-us_topic_0046613147__en-us_topic_0170090713_fig1866281034218"><span class="figcap"><b>Figure 2 </b>Setting the agency name</span><br><span><img id="en-us_topic_0046613147__en-us_topic_0170090713_image1366211054214" src="en-us_image_0000001562564797.png" height="310.09987400000006" width="465.83250000000004" title="Click to enlarge" class="imgResize"></span></div>
-</p></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li4558455145011"><span>Specify the agency type as <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b141201757224">Account</strong>, and enter the name of a delegated account.</span><p><div class="note" id="en-us_topic_0046613147__en-us_topic_0170090713_note660374821820"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="en-us_topic_0046613147__en-us_topic_0170090713_ul1360364851812"><li id="en-us_topic_0046613147__en-us_topic_0170090713_li860334841812"><strong id="en-us_topic_0046613147__en-us_topic_0170090713_b15765200738">Account</strong>: Share resources with another account or delegate an individual or team to manage your resources. The delegated account can only be an account, rather than an IAM user or a federated user.</li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li196031248121815"><strong id="en-us_topic_0046613147__en-us_topic_0170090713_b124915392320">Cloud service</strong>: Delegate a specific service to access other services. For more information, see <a href="iam_06_0004.html#iam_06_0004">Cloud Service Delegation</a>.</li></ul>
+</p></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li4558455145011"><span>Specify the agency type as <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b141201757224">Account</strong>, and enter the name of a delegated account.</span><p><div class="note" id="en-us_topic_0046613147__en-us_topic_0170090713_note660374821820"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="en-us_topic_0046613147__en-us_topic_0170090713_ul1360364851812"><li id="en-us_topic_0046613147__en-us_topic_0170090713_li860334841812"><strong id="en-us_topic_0046613147__en-us_topic_0170090713_b79222852216">Account</strong>: Share resources with another account or delegate an individual or team to manage your resources. The delegated account can only be an account, rather than an IAM user or a federated user.</li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li196031248121815"><strong id="en-us_topic_0046613147__en-us_topic_0170090713_b124915392320">Cloud service</strong>: Delegate a specific service to access other services. For more information, see <a href="iam_06_0004.html">Cloud Service Agency</a>.</li></ul>
 </div></div>
-</p></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li21344527114840"><span>Set the validity period and enter a description for the agency.</span></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li1694181217579"><span>Click <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b15726203610118">Next</strong>.</span></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li65324613265"><span>Select the policies or roles to be attached to the agency, click <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b9767325341">Next</strong>, and select the authorization scope.</span><p><div class="note" id="en-us_topic_0046613147__en-us_topic_0170090713_note164823561285"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="en-us_topic_0046613147__en-us_topic_0170090713_ul5482115682816"><li id="en-us_topic_0046613147__en-us_topic_0170090713_li2482195618283">Assigning permissions to an agency is similar to assigning permissions to a user group. The two operations differ only in the number of available permissions. For details about how to assign permissions to a user group, see <a href="en-us_topic_0079496985.html">Assigning Permissions to an IAM User</a>.</li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li18482195614284">Agencies cannot be assigned the <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b15825539173410">Security Administrator</strong> role. For account security, grant permissions required to agencies based on the principle of least privilege.</li></ul>
+</p></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li21344527114840"><span>Set the validity period and enter a description for the agency.</span></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li1694181217579"><span>Click <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b15726203610118">Next</strong>.</span></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li65324613265"><span>Select the policies or roles to be attached to the agency, click <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b9767325341">Next</strong>, and select the authorization scope.</span><p><div class="note" id="en-us_topic_0046613147__en-us_topic_0170090713_note164823561285"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="en-us_topic_0046613147__en-us_topic_0170090713_ul5482115682816"><li id="en-us_topic_0046613147__en-us_topic_0170090713_li2482195618283">Assigning permissions to an agency is similar to assigning permissions to a user group. The two operations differ only in the number of available permissions. For details about how to assign permissions to a user group, see <a href="en-us_topic_0079496985.html">Assigning Permissions to an IAM User</a>.</li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li18482195614284">Agencies cannot be assigned the <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b12141738184415">Security Administrator</strong> role. For account security purposes, only grant the required permissions to the agency based on the principle of least privilege (PoLP).</li></ul>
 </div></div>
 </p></li><li id="en-us_topic_0046613147__en-us_topic_0170090713_li1940263053914"><span>Click <strong id="en-us_topic_0046613147__en-us_topic_0170090713_b29042401776">OK</strong>.</span><p><div class="note" id="en-us_topic_0046613147__en-us_topic_0170090713_note1570810524218"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="en-us_topic_0046613147__en-us_topic_0170090713_p9708052423">After creating an agency, provide your domain name, agency name, agency ID, and agency permissions to the delegated party. The delegated party can then switch the role to your account and manage specific resources based on the assigned permissions.</p>
 </div></div>
--- a/docs/iam/umn/en-us_topic_0046613148.html
+++ b/docs/iam/umn/en-us_topic_0046613148.html
@ -1,10 +1,10 @@
 <a name="en-us_topic_0046613148"></a><a name="en-us_topic_0046613148"></a>
 <h1 class="topictitle1">Switching Roles (by a Delegated Party)</h1>
-<div id="body1548236199962"><p id="en-us_topic_0046613148__en-us_topic_0170090706_p3704131518217">When an account establishes a trust relationship with your account, you become a delegated party. You and all the users you have authorized can switch to the delegating account and manage resources under the account based on assigned permissions.</p>
+<div id="body1548236199962"><p id="en-us_topic_0046613148__en-us_topic_0170090706_p3704131518217">When an account establishes a trust relationship with your account, you become a delegated party. The IAM users that are granted agency permissions can switch to the delegating account and manage resources under the account based on the granted permissions.</p>
 <div class="section" id="en-us_topic_0046613148__en-us_topic_0170090706_section8625973163627"><h4 class="sectiontitle">Prerequisites</h4><ul id="en-us_topic_0046613148__en-us_topic_0170090706_ul88321119164115"><li id="en-us_topic_0046613148__en-us_topic_0170090706_li8832619154112">A trust relationship has been established between your account and another account.</li><li id="en-us_topic_0046613148__en-us_topic_0170090706_li1083291944119">You have obtained the delegating account name and agency name.</li></ul>
 </div>
-<div class="section" id="en-us_topic_0046613148__en-us_topic_0170090706_section1608192323216"><h4 class="sectiontitle">Procedure</h4><ol id="en-us_topic_0046613148__en-us_topic_0170090706_ol1523164310324"><li id="en-us_topic_0046613148__en-us_topic_0170090706_li9238437320"><span>Log in to the management console using your account or log in as the IAM user created in <a href="iam_01_0063.html#iam_01_0063__en-us_topic_0170090700_li695863494610">2</a>.</span><p><div class="note" id="en-us_topic_0046613148__en-us_topic_0170090706_note173853818336"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="en-us_topic_0046613148__en-us_topic_0170090706_p173993812333">The IAM user created in <a href="iam_01_0063.html#iam_01_0063__en-us_topic_0170090700_li695863494610">2</a> of <a href="iam_01_0063.html#iam_01_0063">(Optional) Assigning Permissions to an IAM User (by a Delegated Party)</a> can switch roles to manage resources for the delegating party.</p>
+<div class="section" id="en-us_topic_0046613148__en-us_topic_0170090706_section1608192323216"><h4 class="sectiontitle">Procedure</h4><ol id="en-us_topic_0046613148__en-us_topic_0170090706_ol1523164310324"><li id="en-us_topic_0046613148__en-us_topic_0170090706_li9238437320"><span>Log in to the management console using your account or log in as the IAM user created in <a href="iam_01_0063.html#iam_01_0063__en-us_topic_0170090700_li695863494610">2</a>.</span><p><div class="note" id="en-us_topic_0046613148__en-us_topic_0170090706_note173853818336"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="en-us_topic_0046613148__en-us_topic_0170090706_p173993812333">The IAM user created in <a href="iam_01_0063.html#iam_01_0063__en-us_topic_0170090700_li695863494610">2</a> can switch roles to manage resources for the delegating party.</p>
 </div></div>
 </p></li><li id="en-us_topic_0046613148__en-us_topic_0170090706_li223144317322"><span>Hover the mouse pointer over the username in the upper right corner and choose <strong id="en-us_topic_0046613148__en-us_topic_0170090706_b113441924163819">Switch Role</strong>.</span></li><li id="en-us_topic_0046613148__en-us_topic_0170090706_li1623124320322"><span>On the <span class="wintitle" id="en-us_topic_0046613148__en-us_topic_0170090706_wintitle1623625841113"><b>Switch Role</b></span> page, enter the domain name of the delegating party.</span><p><div class="p" id="en-us_topic_0046613148__en-us_topic_0170090706_p171044544561"><div class="note" id="en-us_topic_0046613148__en-us_topic_0170090706_note11259104465416"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="en-us_topic_0046613148__en-us_topic_0170090706_p31891546134011">After you enter the domain name, the agencies created under this account will be automatically displayed after you click the agency name text box. Select an authorized one from the drop-down list.</p>
 </div></div>
--- a/docs/iam/umn/en-us_topic_0046661675.html
+++ b/docs/iam/umn/en-us_topic_0046661675.html
@ -2,7 +2,7 @@
 <h1 class="topictitle1">Viewing and Modifying User Information</h1>
 <div id="body1484269500700"><p id="en-us_topic_0046661675__p1699191844810">You can modify the user information, including the status, access type, description, external identity ID, and belonged user group.</p>
-<p id="en-us_topic_0046661675__p294752944613">If the job responsibilities of a user are changed, you can change the groups to which the user belongs to modify the user permissions. You can also change the virtual MFA device and access keys of the user by choosing <strong id="en-us_topic_0046661675__b1727185533412">More</strong> &gt; <strong id="en-us_topic_0046661675__b15211185710342">Security Settings</strong> in the row containing the target user. If a user forgot their password or access keys, you can modify the login credentials of the user.</p>
+<p id="en-us_topic_0046661675__p294752944613">If the job responsibilities of a user are changed, you can change the permissions assigned for that user by changing the groups which the user belongs to. You can also change the virtual MFA device and access keys of the user by choosing <strong id="en-us_topic_0046661675__b1727185533412">More</strong> &gt; <strong id="en-us_topic_0046661675__b15211185710342">Security Settings</strong> in the row containing the target user. If a user forgot their password or access keys, you can modify the login credentials of the user.</p>
 <div class="section" id="en-us_topic_0046661675__section17362720871"><p id="en-us_topic_0046661675__p0641185914718">As an administrator, you can modify the basic information about an IAM user, change the security settings of the user and the groups to which the user belongs, and view or delete the assigned permissions. To view or modify user information, click <strong id="en-us_topic_0046661675__b929813392517">Security Settings</strong> in the row containing the IAM user.</p>
 <p id="en-us_topic_0046661675__p1016014114476">To adjust the item columns displayed on the list, click <span><img id="en-us_topic_0046661675__image4682335744" src="en-us_image_0000001524684833.png"></span>. The <strong id="en-us_topic_0046661675__b0565114110512">Username</strong> and <strong id="en-us_topic_0046661675__b17565204110515">Operation</strong> columns are displayed by default, and the <strong id="en-us_topic_0046661675__b126598019011555">Status</strong> column cannot be removed. You can also select <strong id="en-us_topic_0046661675__b183805615511555">Description</strong>, <strong id="en-us_topic_0046661675__b43332226011555">Last Login</strong>, <strong id="en-us_topic_0046661675__b72555193811555">Created</strong>, <strong id="en-us_topic_0046661675__b204451079011555">Access Type</strong>, <strong id="en-us_topic_0046661675__b162510438011555">Virtual MFA Device</strong>, <strong id="en-us_topic_0046661675__b172387985011555">Password Age</strong>, and <strong id="en-us_topic_0046661675__b90532330711555">Access Key (Status, Age, and AK)</strong>.</p>
 </div>
@ -14,12 +14,12 @@
 </div>
 <div class="section" id="en-us_topic_0046661675__section1388814374718"><h4 class="sectiontitle">User Groups</h4><p id="en-us_topic_0046661675__p5334528114516">An IAM user inherits permissions from the groups to which the user belongs. You can change the permissions assigned for an IAM user by changing the groups to which the user belongs. To modify the permissions of a user group, see <a href="en-us_topic_0085605493.html">Viewing and Modifying User Group Information</a>.</p>
 <p id="en-us_topic_0046661675__p927615217167">Your account belongs to the default group <strong id="en-us_topic_0046661675__b121647041611555">admin</strong>, which cannot be changed.</p>
-<ul id="en-us_topic_0046661675__ul96216281165"><li id="en-us_topic_0046661675__li2068632113575">Click <strong id="en-us_topic_0046661675__b134134401716">Add to User Groups</strong>, and select one or more groups to which the user will belong. The user then inherits permissions of these groups.</li><li id="en-us_topic_0046661675__li46213281168">Click <strong id="en-us_topic_0046661675__b38679096811555">Remove</strong> on the right of a user group and click <strong id="en-us_topic_0046661675__b79605040211555">Yes</strong>. The user no longer has the permissions assigned to the group.</li></ul>
+<ul id="en-us_topic_0046661675__ul96216281165"><li id="en-us_topic_0046661675__li2068632113575">Click <strong id="en-us_topic_0046661675__b134134401716">Add to User Group</strong>, and select one or more groups to which the user will belong. The user then inherits permissions of these groups.</li><li id="en-us_topic_0046661675__li46213281168">Click <strong id="en-us_topic_0046661675__b38679096811555">Remove</strong> on the right of a user group and click <strong id="en-us_topic_0046661675__b79605040211555">Yes</strong>. The user no longer has the permissions assigned to the group.</li></ul>
 </div>
 <div class="section" id="en-us_topic_0046661675__section04991493273"><h4 class="sectiontitle">Security Settings</h4><p id="en-us_topic_0046661675__p133641626216">As an administrator, you can modify the MFA device, login credential, login protection, and access keys of an IAM user on this page. If you are an IAM user and need to change your mobile number, email address, or virtual MFA device, see <a href="en-us_topic_0046611308.html">Security Settings</a>.</p>
 <ul id="en-us_topic_0046661675__ul8366114719383"><li id="en-us_topic_0046661675__li763310524382"><strong id="en-us_topic_0046661675__b53748094211555">MFA Authentication</strong>: You can change the multi-factor authentication (MFA) settings of an IAM user on the <strong id="en-us_topic_0046661675__b36445479211555">Security Settings</strong> page.<ul id="en-us_topic_0046661675__ul153341166395"><li id="en-us_topic_0046661675__li1388974755917">Change the mobile number or email address of the user.<div class="note" id="en-us_topic_0046661675__note947485511013"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="en-us_topic_0046661675__p96400765313">The mobile number and email address of the IAM user cannot be the same as those of your account or other IAM users.</p>
 </div></div>
-</li><li id="en-us_topic_0046661675__li12141115123916">Remove the MFA device from the user. For more information about MFA authentication and virtual MFA device, see <a href="iam_10_0002.html">MFA Authentication and Virtual MFA Device</a>.</li></ul>
+</li><li id="en-us_topic_0046661675__li12141115123916">Remove the virtual MFA device from the user. For more information about MFA authentication and virtual MFA device, see <a href="iam_10_0002.html">MFA Authentication and Virtual MFA Device</a>.</li></ul>
 </li></ul>
 <ul id="en-us_topic_0046661675__ul126848275213"><li id="en-us_topic_0046661675__li1268410235213"><strong id="en-us_topic_0046661675__b211888094711555">Login Credentials</strong>: You can change the login password of the IAM user. For more information, see <a href="iam_01_0653.html">Changing the Login Password of an IAM User</a>.</li><li id="en-us_topic_0046661675__li3684102125212"><strong id="en-us_topic_0046661675__b203261012311555">Login Protection</strong>: You can change the login verification method of the IAM user. Three verification methods are available: virtual MFA device, SMS, and email.<p id="en-us_topic_0046661675__p146847214521">This option is disabled by default. If you enable this option, the user will need to enter a verification code in addition to the username and password when logging in to the console.</p>
 </li><li id="en-us_topic_0046661675__li46842021522"><strong id="en-us_topic_0046661675__b163079549411555">Access Keys</strong>: You can manage access keys of the IAM user.</li></ul>
--- a/docs/iam/umn/en-us_topic_0079496985.html
+++ b/docs/iam/umn/en-us_topic_0079496985.html
@ -1,7 +1,7 @@
 <a name="en-us_topic_0079496985"></a><a name="en-us_topic_0079496985"></a>
-<h1 class="topictitle1">Assigning Permissions to an IAM User</h1>
+<h1 class="topictitle1">Assigning Permissions to an IAM User </h1>
-<div id="body1536567611765"><p id="en-us_topic_0079496985__p1367911438716"><a href="en-us_topic_0046611303.html">IAM users created</a> without being added to any groups do not have permissions. You can assign permissions to these IAM users on the IAM console. After authorization, the users can use cloud resources in your account as specified by their permissions.</p>
+<div id="body1536567611765"><p id="en-us_topic_0079496985__p1367911438716"><a href="en-us_topic_0046611303.html">IAM users created</a> without being added to any groups do not have permissions. You can assign permissions to these IAM users on the IAM console. Then the users can use cloud resources based on the assigned permissions.</p>
 <p id="en-us_topic_0079496985__p64718305201">An IAM user obtains permissions from the user groups to which the user belongs. After you attach policies or roles to a group and add a user to the group, the user inherits the permissions defined by the policies or roles.</p>
 <ul id="en-us_topic_0079496985__ul1542310171018"><li id="en-us_topic_0079496985__li1269115557578">If you do not add an IAM user to any group, the user will not have permissions for accessing any cloud services. For details on how to assign permissions to an IAM user, see <a href="en-us_topic_0046611269.html">Creating a User Group and Assigning Permissions</a> and <a href="iam_03_0002.html">Adding Users to or Removing Users from a User Group</a>.</li><li id="en-us_topic_0079496985__li144231108102">If you have been added to the default group <strong id="en-us_topic_0079496985__b145217448517">admin</strong>, you have administrator permissions and you can perform all operations on all cloud services.</li><li id="en-us_topic_0079496985__li1830412710115">For the system-defined permissions of all cloud services supported by IAM, see "Permissions".</li><li id="en-us_topic_0079496985__li123551922135512">If you add a user to multiple user groups, the user inherits the permissions that are assigned to all the groups.</li></ul>
 <div class="section" id="en-us_topic_0079496985__section1574417223919"><h4 class="sectiontitle">Procedure</h4><ol id="en-us_topic_0079496985__ol20559158192317"><li id="en-us_topic_0079496985__li85591058192314"><span>In the user list, click <strong id="en-us_topic_0079496985__b96541281967">Authorize</strong> in the row that contains the target user.</span></li><li id="en-us_topic_0079496985__li2349810123119"><span>On the <strong id="en-us_topic_0079496985__b1365217161661">Authorize User</strong> page, select an authorization mode and permissions.</span><p><ul id="en-us_topic_0079496985__ul5803174018355"><li id="en-us_topic_0079496985__li680311401351"><strong id="en-us_topic_0079496985__b13340133416614">Inherit permissions from user groups</strong>: Add the IAM user to certain groups to inherit their permissions.<p id="en-us_topic_0079496985__p19437792571">If you select this option, select the user groups to which the user will belong.</p>
--- a/docs/iam/umn/en-us_topic_0079496986.html
+++ b/docs/iam/umn/en-us_topic_0079496986.html
@ -6,7 +6,7 @@
 <ul class="ullinks">
 <li class="ulchildlink"><strong><a href="iam_01_0054.html">Account Delegation</a></strong><br>
 </li>
-<li class="ulchildlink"><strong><a href="iam_06_0004.html">Cloud Service Delegation</a></strong><br>
+<li class="ulchildlink"><strong><a href="iam_06_0004.html">Cloud Service Agency</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="iam_01_0730.html">Deleting or Modifying Agencies</a></strong><br>
 </li>
--- a/docs/iam/umn/en-us_topic_0079620341.html
+++ b/docs/iam/umn/en-us_topic_0079620341.html
@ -1,7 +1,7 @@
 <a name="en-us_topic_0079620341"></a><a name="en-us_topic_0079620341"></a>
 <h1 class="topictitle1">Introduction</h1>
-<div id="body1507796925646"><p id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_p3444342426">The cloud platform provides <span class="keyword" id="en-us_topic_0079620341__en-us_topic_0177310145_keyword10765163916218">identity federation</span> based on Security Assertion Markup Language (SAML) or OpenID Connect. This function allows users in your enterprise management system to access  through single sign-on (SSO).</p>
+<div id="body1507796925646"><p id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_p3444342426">The cloud platform provides <span class="keyword" id="en-us_topic_0079620341__en-us_topic_0177310145_keyword10765163916218">identity federation</span> based on Security Assertion Markup Language (SAML) or OpenID Connect. This function allows users in your enterprise management system to access the cloud platform through single sign-on (SSO).</p>
 <div class="section" id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_section1938813653310"><h4 class="sectiontitle">Basic Concepts</h4>
 <div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="en-us_topic_0079620341__en-us_topic_0177310145_table192841634019" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Basic concepts</caption><thead align="left"><tr id="en-us_topic_0079620341__en-us_topic_0177310145_row828141684014"><th align="left" class="cellrowborder" valign="top" width="27.99%" id="mcps1.3.2.2.2.3.1.1"><p id="en-us_topic_0079620341__en-us_topic_0177310145_p32819161407">Concept</p>
 </th>
@ -14,7 +14,7 @@
 <td class="cellrowborder" valign="top" width="72.00999999999999%" headers="mcps1.3.2.2.2.3.1.2 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p32811618402">An IdP collects and stores user identity information, such as usernames and passwords, and authenticates users during login. For identity federation between an enterprise and the cloud platform, the identity authentication system of the enterprise is an identity provider and is also called "enterprise IdP". Popular third-party IdPs include Microsoft Active Directory Federation Services (AD FS) and Shibboleth.</p>
 </td>
 </tr>
-<tr id="en-us_topic_0079620341__en-us_topic_0177310145_row528816174019"><td class="cellrowborder" valign="top" width="27.99%" headers="mcps1.3.2.2.2.3.1.1 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p129161694017">Service Provider (SP)</p>
+<tr id="en-us_topic_0079620341__en-us_topic_0177310145_row528816174019"><td class="cellrowborder" valign="top" width="27.99%" headers="mcps1.3.2.2.2.3.1.1 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p129161694017">Service provider (SP)</p>
 </td>
 <td class="cellrowborder" valign="top" width="72.00999999999999%" headers="mcps1.3.2.2.2.3.1.2 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p929171616408">A service provider establishes a trust relationship with an IdP and provides services based on the user information provided by the IdP. For identity federation between an enterprise and the cloud platform, the cloud platform is a service provider.</p>
 </td>
@ -31,12 +31,12 @@
 </tr>
 <tr id="en-us_topic_0079620341__en-us_topic_0177310145_row1729141614018"><td class="cellrowborder" valign="top" width="27.99%" headers="mcps1.3.2.2.2.3.1.1 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p92961664010">SAML 2.0</p>
 </td>
-<td class="cellrowborder" valign="top" width="72.00999999999999%" headers="mcps1.3.2.2.2.3.1.2 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p152931604019">SAML 2.0 is an XML-based protocol that uses securityTokens containing assertions to pass information about an end user between an IdP and an SP. It is an open standard ratified by the Organization for the Advancement of Structured Information Standards (OASIS) and is being used by many IdPs. For more information about this standard, see <a href="https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html" target="_blank" rel="noopener noreferrer">SAML 2.0 Technical Overview</a>. The cloud platform implements identity federation in compliance with SAML 2.0. To successfully federate users to the cloud platform, ensure that your enterprise IdP is compatible with this protocol.</p>
+<td class="cellrowborder" valign="top" width="72.00999999999999%" headers="mcps1.3.2.2.2.3.1.2 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p152931604019">SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about an end user between an IdP and an SP. It is an open standard ratified by the Organization for the Advancement of Structured Information Standards (OASIS) and is being used by many IdPs. For more information about this standard, see <a href="https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-tech-overview-2.0.html" target="_blank" rel="noopener noreferrer">SAML 2.0 Technical Overview</a>. The cloud platform implements identity federation in compliance with SAML 2.0. To successfully federate your enterprise users with the cloud platform, ensure that your enterprise IdP is compatible with this protocol.</p>
 </td>
 </tr>
 <tr id="en-us_topic_0079620341__en-us_topic_0177310145_row172971664015"><td class="cellrowborder" valign="top" width="27.99%" headers="mcps1.3.2.2.2.3.1.1 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p17291816184012">OpenID Connect</p>
 </td>
-<td class="cellrowborder" valign="top" width="72.00999999999999%" headers="mcps1.3.2.2.2.3.1.2 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p104901136154810">OpenID Connect is a simple identity layer on top of the Open Authorization 2.0 (OAuth 2.0) protocol. IAM implements identity federation in compliance with OpenID Connect 1.0. To successfully federate users to the cloud platform, ensure that your enterprise IdP is compatible with this protocol.</p>
+<td class="cellrowborder" valign="top" width="72.00999999999999%" headers="mcps1.3.2.2.2.3.1.2 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p104901136154810">OpenID Connect is a simple identity layer on top of the Open Authorization 2.0 (OAuth 2.0) protocol. IAM implements identity federation in compliance with OpenID Connect 1.0. To successfully federate your enterprise users with the cloud platform, ensure that your enterprise IdP is compatible with this protocol.</p>
 </td>
 </tr>
 <tr id="en-us_topic_0079620341__en-us_topic_0177310145_row3871254134818"><td class="cellrowborder" valign="top" width="27.99%" headers="mcps1.3.2.2.2.3.1.1 "><p id="en-us_topic_0079620341__en-us_topic_0177310145_p0871135413485">OAuth 2.0</p>
@ -48,8 +48,8 @@
 </table>
 </div>
 </div>
-<div class="section" id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_section969112502211"><h4 class="sectiontitle">Advantages of Identity Federation</h4><ul id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_ul4409204783417"><li id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li184885263377">Easy identity management<p id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_p682793183817"><a name="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li184885263377"></a><a name="en-us_topic_0177310145_en-us_topic_0175818742_li184885263377"></a>As an administrator, you only need to create accounts for your employees in your enterprise management system. The employees can use their own accounts to access both the enterprise management system and the cloud platform.</p>
+<div class="section" id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_section969112502211"><h4 class="sectiontitle">Advantages of Identity Federation</h4><ul id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_ul4409204783417"><li id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li184885263377">Easy identity management<p id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_p682793183817"><a name="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li184885263377"></a><a name="en-us_topic_0177310145_en-us_topic_0175818742_li184885263377"></a>With an identity provider, the administrator can manage workforce identities outside of the cloud platform and give these external workforce identities permissions to use resources on the cloud platform.</p>
-</li><li id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li77551533163917">Simplified operations<p id="en-us_topic_0079620341__en-us_topic_0177310145_p1739271581517"><a name="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li77551533163917"></a><a name="en-us_topic_0177310145_en-us_topic_0175818742_li77551533163917"></a>Employees can log in to the cloud platform from the enterprise management system.</p>
+</li><li id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li77551533163917">Simplified operations<p id="en-us_topic_0079620341__en-us_topic_0177310145_p1739271581517"><a name="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818742_li77551533163917"></a><a name="en-us_topic_0177310145_en-us_topic_0175818742_li77551533163917"></a>Workforce users can use their existing accounts in the enterprise to access the cloud platform through SSO.</p>
 <div class="fignone" id="en-us_topic_0079620341__en-us_topic_0177310145_fig209622546363"><span class="figcap"><b>Figure 1 </b>Advantages of identity federation</span><br><span><img id="en-us_topic_0079620341__en-us_topic_0177310145_image5962154133618" src="en-us_image_0000001117174928.png" height="297.92" width="465.5" title="Click to enlarge" class="imgResize"></span></div>
 </li></ul>
 </div>
@ -110,7 +110,7 @@
 </table>
 </div>
 </div>
-<div class="section" id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818705_section421816517461"><h4 class="sectiontitle">Precautions</h4><ul id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818705_ul18726545014"><li id="en-us_topic_0079620341__en-us_topic_0177310145_li169421533124715">Ensure that your enterprise IdP server and the cloud platform use Greenwich Mean Time (GMT) time in the same time zone.</li><li id="en-us_topic_0079620341__en-us_topic_0177310145_li8960128142617">The identity information (such as email address or mobile number) of federated users is stored in the enterprise IdP. Federated users are mapped to the cloud platform as virtual identities, so their access to the cloud platform has the following restrictions:<ul id="en-us_topic_0079620341__en-us_topic_0177310145_ul1330394714915"><li id="en-us_topic_0079620341__en-us_topic_0177310145_li83033473920">Federated users do not need to perform a 2-step verification when performing critical operations even though <a href="iam_01_0029.html#iam_01_0029">critical operation protection</a> (login protection or operation protection) is enabled.</li><li id="en-us_topic_0079620341__en-us_topic_0177310145_li17303104718918">Federated users cannot create access keys with unlimited validity, but they can obtain temporary access credentials (access keys and securityTokens) using user or agency tokens.<p id="en-us_topic_0079620341__en-us_topic_0177310145_p8697185421212"><a name="en-us_topic_0079620341__en-us_topic_0177310145_li17303104718918"></a><a name="en-us_topic_0177310145_li17303104718918"></a>If a federated user needs an access key with unlimited validity, they can contact the account administrator or an IAM user to create one. An access key contains the permissions granted to a user, so it is recommended that the federated user request an IAM user in the same group to create an access key.</p>
+<div class="section" id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818705_section421816517461"><h4 class="sectiontitle">Precautions</h4><ul id="en-us_topic_0079620341__en-us_topic_0177310145_en-us_topic_0175818705_ul18726545014"><li id="en-us_topic_0079620341__en-us_topic_0177310145_li169421533124715">Ensure that your enterprise IdP server and the cloud platform use Greenwich Mean Time (GMT) time in the same time zone.</li><li id="en-us_topic_0079620341__en-us_topic_0177310145_li8960128142617">The identity information (such as email address or mobile number) of federated users is stored in the enterprise IdP. Federated users are mapped to the cloud platform as virtual identities, so their access to the cloud platform has the following restrictions:<ul id="en-us_topic_0079620341__en-us_topic_0177310145_ul1330394714915"><li id="en-us_topic_0079620341__en-us_topic_0177310145_li83033473920">Federated users do not need to perform a 2-step verification when performing critical operations even though <a href="iam_01_0029.html#iam_01_0029">critical operation protection</a> (login protection or operation protection) is enabled.</li><li id="en-us_topic_0079620341__en-us_topic_0177310145_li17303104718918">Federated users cannot create access keys with unlimited validity, but they can obtain temporary access credentials (access keys and security tokens) using user or agency tokens.<p id="en-us_topic_0079620341__en-us_topic_0177310145_p8697185421212"><a name="en-us_topic_0079620341__en-us_topic_0177310145_li17303104718918"></a><a name="en-us_topic_0177310145_li17303104718918"></a>If a federated user needs an access key with unlimited validity, they can contact the account administrator or an IAM user to create one. An access key contains the permissions granted to a user, so it is recommended that the federated user request an IAM user in the same group to create an access key.</p>
 </li></ul>
 </li></ul>
 </div>
--- a/docs/iam/umn/iam_01_0003.html
+++ b/docs/iam/umn/iam_01_0003.html
@ -12,7 +12,7 @@
 </div></div>
 </div>
 </p></li><li id="iam_01_0003__li29124630165752"><span>Add your account to an MFA application.</span><p><ul id="iam_01_0003__ul47975312165752"><li id="iam_01_0003__li44989164165752">Scanning the QR code<p id="iam_01_0003__p27368417165752"><a name="iam_01_0003__li44989164165752"></a><a name="li44989164165752"></a>Open the MFA application on your mobile phone, click the plus sign <strong id="iam_01_0003__b461202764416">+</strong> on the application, and scan the QR code displayed on the <strong id="iam_01_0003__b12612627124411">Bind Virtual MFA Device</strong> page. Your account is then automatically added to the application, with the username and secret key displayed.</p>
-</li><li id="iam_01_0003__li20243671165752">Manually entering the secret key<p id="iam_01_0003__p2249296165752"><a name="iam_01_0003__li20243671165752"></a><a name="li20243671165752"></a>Open the MFA application on your mobile phone, click the plus sign <strong id="iam_01_0003__b046912519457">+</strong> on the application, and manually enter the secret key displayed on the <strong id="iam_01_0003__b1647415104519">Bind Virtual MFA Device</strong> page.</p>
+</li><li id="iam_01_0003__li20243671165752">Manually entering the secret key<p id="iam_01_0003__p2249296165752"><a name="iam_01_0003__li20243671165752"></a><a name="li20243671165752"></a>Open the MFA application on your mobile phone, click the plus sign <strong id="iam_01_0003__b8904814124614">+</strong> on the application, and manually enter the secret key displayed on the <strong id="iam_01_0003__b1390441420466">Bind Virtual MFA Device</strong> page.</p>
 <div class="note" id="iam_01_0003__note634888331772"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0003__p345285911772">The manual entry function is time-based. Ensure that automatic time setup has been enabled on your mobile phone.</p>
 </div></div>
 </li></ul>
--- a/docs/iam/umn/iam_01_0012.html
+++ b/docs/iam/umn/iam_01_0012.html
@ -137,6 +137,13 @@
 <td class="cellrowborder" valign="top" width="43.55%" headers="mcps1.3.2.2.4.1.3 "><p id="iam_01_0012__p580219855012">federationLoginNoPwdFailed</p>
 </td>
 </tr>
 <tr id="iam_01_0012__row174021939135611"><td class="cellrowborder" valign="top" width="33.910000000000004%" headers="mcps1.3.2.2.4.1.1 "><p id="iam_01_0012__p1340214399566">TSI login</p>
 </td>
 <td class="cellrowborder" valign="top" width="22.54%" headers="mcps1.3.2.2.4.1.2 "><p id="iam_01_0012__p340273925617">user</p>
 </td>
 <td class="cellrowborder" valign="top" width="43.55%" headers="mcps1.3.2.2.4.1.3 "><p id="iam_01_0012__p540215391568">tsiLogin</p>
 </td>
 </tr>
 <tr id="iam_01_0012__row84571715142116"><td class="cellrowborder" valign="top" width="33.910000000000004%" headers="mcps1.3.2.2.4.1.1 "><p id="iam_01_0012__p208231434519">Creating a user group</p>
 </td>
 <td class="cellrowborder" valign="top" width="22.54%" headers="mcps1.3.2.2.4.1.2 "><p id="iam_01_0012__p782320311514">userGroup</p>
--- a/docs/iam/umn/iam_01_0013.html
+++ b/docs/iam/umn/iam_01_0013.html
@ -3,7 +3,7 @@
 <h1 class="topictitle1">Viewing Audit Logs</h1>
 <div id="body1525426617418"><p id="iam_01_0013__p10936255304">After you enable CTS, it records key operations performed on IAM. You can view the operation records of the last 7 days on the CTS console.</p>
 <div class="section" id="iam_01_0013__section85961038162216"><h4 class="sectiontitle">Viewing IAM Audit Logs</h4><ol id="iam_01_0013__ol1194546193110"><li id="iam_01_0013__li10838950182817"><span>Log in to the management console.</span></li><li id="iam_01_0013__li155741795333"><span>Click <strong id="iam_01_0013__b3796124865619">Service List</strong> in the upper part of the page and choose <strong id="iam_01_0013__b880216481565">Cloud Trace Service</strong> under <strong id="iam_01_0013__b680214875610">Management &amp; Deployment</strong>.</span></li><li id="iam_01_0013__li8240924153816"><span>In the navigation pane, choose <strong id="iam_01_0013__b1085537195718">Trace List</strong>.</span></li><li id="iam_01_0013__li1199125415539"><span>Click <strong id="iam_01_0013__b928021795715">Filter</strong> in the upper right corner of the trace list to set filter conditions.</span><p><div class="p" id="iam_01_0013__p1348504172220">The following filters are available:<ul class="subitemlist" id="iam_01_0013__ul4173195016221"><li id="iam_01_0013__li25120207165721"><strong id="iam_01_0013__b842352706161410">Trace Source</strong>, <strong id="iam_01_0013__b84235270616143">Resource Type</strong>, and <strong id="iam_01_0013__b842352706161359">Search By</strong><ul id="iam_01_0013__ul138358421566"><li id="iam_01_0013__li422110403562">Select a filter criteria from the drop-down list. Specifically, select <strong id="iam_01_0013__b842352706161141">IAM</strong> from the <strong id="iam_01_0013__b842352706161230">Trace Source</strong> drop-down list.</li><li id="iam_01_0013__li5224174025618">If you select <strong id="iam_01_0013__b842352706153249">Trace name</strong> for <strong id="iam_01_0013__b1803301537153246">Search By</strong>, select a trace name.</li><li id="iam_01_0013__li222614017560">If you select <strong id="iam_01_0013__b1369790384153349">Resource ID</strong> for <strong id="iam_01_0013__b1590770393153349">Search By</strong>, select or enter a resource ID.</li><li id="iam_01_0013__li1822754014568">If you select <strong id="iam_01_0013__b565110228153447">Resource name</strong> for <strong id="iam_01_0013__b1329536783153447">Search By</strong>, select or enter a resource name.</li></ul>
-</li><li id="iam_01_0013__li16990144143538"><strong id="iam_01_0013__b842352706153633">Operator</strong>: Select an operator (a user rather than domain).</li><li id="iam_01_0013__li2227630716221"><strong id="iam_01_0013__b842352706153531">Trace Status</strong>: Available options include <strong id="iam_01_0013__b1447794024144642">All trace statuses</strong>, <strong id="iam_01_0013__b842352706153558">normal</strong>, <span class="parmvalue" id="iam_01_0013__parmvalue9654017118"><b>incident, </b></span>and <strong id="iam_01_0013__b84235270615364">warning</strong>.</li><li id="iam_01_0013__li2484476616221">Specify the start time and end time for querying traces.</li></ul>
+</li><li id="iam_01_0013__li16990144143538"><strong id="iam_01_0013__b842352706153633">Operator</strong>: Select an operator (a user rather than domain).</li><li id="iam_01_0013__li2227630716221"><strong id="iam_01_0013__b842352706153531">Trace Status</strong>: Available options include <strong id="iam_01_0013__b1447794024144642">All trace statuses</strong>, <strong id="iam_01_0013__b842352706153558">normal</strong>, <span class="parmvalue" id="iam_01_0013__parmvalue9654017118"><b>incident,</b></span> and <strong id="iam_01_0013__b84235270615364">warning</strong>.</li><li id="iam_01_0013__li2484476616221">Specify the start time and end time for querying traces.</li></ul>
 </div>
 </p></li><li id="iam_01_0013__li1326512181411"><span>Click <strong id="iam_01_0013__b842352706161557">Query</strong>.</span></li><li id="iam_01_0013__li11445413104011"><span>Expand the details of a trace, as shown in <a href="#iam_01_0013__fig181771925164317">Figure 1</a>.</span><p><div class="fignone" id="iam_01_0013__fig181771925164317"><a name="iam_01_0013__fig181771925164317"></a><a name="fig181771925164317"></a><span class="figcap"><b>Figure 1 </b>Expanding trace details</span><br><span><img id="iam_01_0013__image317762564313" src="en-us_image_0000001135554103.png" height="71.82000000000001" width="523.6875" title="Click to enlarge" class="imgResize"></span></div>
 </p></li><li id="iam_01_0013__li157172804213"><span>Click <strong id="iam_01_0013__b842352706154059">View Trace</strong> in the <strong id="iam_01_0013__b18195288151449">Operation</strong> column. In the <strong id="iam_01_0013__b25439609151522">View Trace</strong> dialog box as shown in <a href="#iam_01_0013__fig9310171012116">Figure 2</a>, the trace details are displayed.</span><p><div class="fignone" id="iam_01_0013__fig9310171012116"><a name="iam_01_0013__fig9310171012116"></a><a name="fig9310171012116"></a><span class="figcap"><b>Figure 2 </b>Viewing a trace</span><br><span><img id="iam_01_0013__image2112195535814" src="en-us_image_0274187205.png" height="269.02575" width="492.06675000000007" title="Click to enlarge" class="imgResize"></span></div>
--- a/docs/iam/umn/iam_01_0016.html
+++ b/docs/iam/umn/iam_01_0016.html
@ -2,32 +2,28 @@
 <h1 class="topictitle1">Creating a Custom Policy</h1>
 <div id="body1597751871933"><p id="iam_01_0016__p178751134152415">You can create custom policies to supplement system-defined policies and implement more refined access control.</p>
-<div class="section" id="iam_01_0016__section127131384256"><h4 class="sectiontitle">Creating a Custom Policy in the Visual Editor</h4><ol id="iam_01_0016__ol349213810218"><li id="iam_01_0016__li1249213383220"><span>On the IAM console, choose <span class="uicontrol" id="iam_01_0016__uicontrol19744191362413"><b>Policies</b></span> in the navigation pane, and click <span class="uicontrol" id="iam_01_0016__uicontrol2749121319246"><b>Create Custom Policy</b></span>.</span></li><li id="iam_01_0016__li1049216384218"><span>Enter a policy name.</span></li><li id="iam_01_0016__li186751681668"><span>Select a scope based on the type of services related to this policy.</span><p><ul id="iam_01_0016__ul206753813617"><li id="iam_01_0016__li6675178467"><strong id="iam_01_0016__b18583192142615">Global services</strong>: Select this option if the services to which the policy is related must be deployed in the Global region. When creating custom policies for globally deployed services, specify the scope as <strong id="iam_01_0016__b51019293264">Global services</strong>. Custom policies of this scope must be attached to user groups for the global service project.</li><li id="iam_01_0016__li66755811617"><strong id="iam_01_0016__b6256557152616">Project-level services</strong>: Select this option if the services to which the policy is related must be deployed in specific regions. When creating custom policies for regionally deployed services, specify the scope as <strong id="iam_01_0016__b439896162715">Project-level services</strong>. Custom policies of this scope must be attached to user groups for specific projects except the global service project.</li></ul>
+<div class="section" id="iam_01_0016__section127131384256"><h4 class="sectiontitle">Creating a Custom Policy in the Visual Editor</h4><ol id="iam_01_0016__ol349213810218"><li id="iam_01_0016__li1249213383220"><span>On the IAM console, choose <span class="uicontrol" id="iam_01_0016__uicontrol19744191362413"><b>Policies</b></span> in the navigation pane, and click <span class="uicontrol" id="iam_01_0016__uicontrol2749121319246"><b>Create Custom Policy</b></span>.</span></li><li id="iam_01_0016__li1049216384218"><span>Enter a policy name.</span></li><li id="iam_01_0016__li499013117715"><span>Select <strong id="iam_01_0016__b13900115615276">Visual editor</strong>.</span></li><li id="iam_01_0016__li11144122232119"><span>Set the policy content.</span><p><ol type="a" id="iam_01_0016__ol67011432182116"><li id="iam_01_0016__li161466351218">Select <strong id="iam_01_0016__b720815292812">Allow</strong> or <strong id="iam_01_0016__b8213821283">Deny</strong>.</li><li id="iam_01_0016__li1684612437215">Select a cloud service.<div class="note" id="iam_01_0016__note9255142512522"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0016__p1625582510529">Only one cloud service can be selected for each permission block. To configure permissions for multiple cloud services, click <strong id="iam_01_0016__b273715172817">Add Permissions</strong> or switch to the JSON view.</p>
 <p id="iam_01_0016__p156751812611">For example, when creating a custom policy containing the action <strong id="iam_01_0016__b614332195114">evs:volumes:create</strong> for EVS, specify the scope as <strong id="iam_01_0016__b7192032145116">Project-level services</strong>.</p>
 <div class="note" id="iam_01_0016__note8675138861"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0016__p2067512815610">A custom policy can contain actions of multiple services that are globally accessible or accessible through region-specific projects. To define permissions required to access both global and project-level services, create two custom policies and specify the scope as <strong id="iam_01_0016__b498333912713">Global services</strong> and <strong id="iam_01_0016__b1698913394274">Project-level services</strong>.</p>
 </div></div>
 </p></li><li id="iam_01_0016__li499013117715"><span>Select <strong id="iam_01_0016__b13900115615276">Visual editor</strong>.</span></li><li id="iam_01_0016__li11144122232119"><span>Set the policy content.</span><p><ol type="a" id="iam_01_0016__ol67011432182116"><li id="iam_01_0016__li161466351218">Select <strong id="iam_01_0016__b720815292812">Allow</strong> or <strong id="iam_01_0016__b8213821283">Deny</strong>.</li><li id="iam_01_0016__li1684612437215">Select a cloud service.<div class="note" id="iam_01_0016__note9255142512522"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0016__p1625582510529">Only one cloud service can be selected for each permission block. To configure permissions for multiple cloud services, click <strong id="iam_01_0016__b273715172817">Add Permissions</strong> or switch to the JSON view.</p>
 </div></div>
 </li><li id="iam_01_0016__li195205468218">Select actions.</li><li id="iam_01_0016__li16567649112113">Select all resources, or select specific resources by specifying their paths.</li><li id="iam_01_0016__li127011432162115">(Optional) Add request conditions by specifying condition keys, operators, and values.
-<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_01_0016__table42344414207" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Condition parameters</caption><thead align="left"><tr id="iam_01_0016__row5234843202"><th align="left" class="cellrowborder" valign="top" width="16.07%" id="mcps1.3.2.2.5.2.1.5.1.2.3.1.1"><p id="iam_01_0016__p1723412452010">Name</p>
+<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_01_0016__table42344414207" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Condition parameters</caption><thead align="left"><tr id="iam_01_0016__row5234843202"><th align="left" class="cellrowborder" valign="top" width="16.07%" id="mcps1.3.2.2.4.2.1.5.1.2.3.1.1"><p id="iam_01_0016__p1723412452010">Name</p>
 </th>
-<th align="left" class="cellrowborder" valign="top" width="83.93%" id="mcps1.3.2.2.5.2.1.5.1.2.3.1.2"><p id="iam_01_0016__p1123516462012">Description</p>
+<th align="left" class="cellrowborder" valign="top" width="83.93%" id="mcps1.3.2.2.4.2.1.5.1.2.3.1.2"><p id="iam_01_0016__p1123516462012">Description</p>
 </th>
 </tr>
 </thead>
-<tbody><tr id="iam_01_0016__row1023512410207"><td class="cellrowborder" valign="top" width="16.07%" headers="mcps1.3.2.2.5.2.1.5.1.2.3.1.1 "><p id="iam_01_0016__p1123514412016">Condition Key</p>
+<tbody><tr id="iam_01_0016__row1023512410207"><td class="cellrowborder" valign="top" width="16.07%" headers="mcps1.3.2.2.4.2.1.5.1.2.3.1.1 "><p id="iam_01_0016__p1123514412016">Condition Key</p>
 </td>
-<td class="cellrowborder" valign="top" width="83.93%" headers="mcps1.3.2.2.5.2.1.5.1.2.3.1.2 "><p id="iam_01_0016__p1235184122019">A key in the <strong id="iam_01_0016__b684427105311">Condition</strong> element of a statement. There are global and service-level condition keys. Global condition keys (starting with <strong id="iam_01_0016__b47103763010">g:</strong>) are available for operations of all services, while service-level condition keys (starting with a service abbreviation name such as <strong id="iam_01_0016__b987914143305">obs:</strong>) are available only for operations of the corresponding service.</p>
+<td class="cellrowborder" valign="top" width="83.93%" headers="mcps1.3.2.2.4.2.1.5.1.2.3.1.2 "><p id="iam_01_0016__p1235184122019">A key in the <strong id="iam_01_0016__b684427105311">Condition</strong> element of a statement. There are global and service-level condition keys. Global condition keys (starting with <strong id="iam_01_0016__b47103763010">g:</strong>) are available for operations of all services, while service-level condition keys (starting with a service abbreviation name such as <strong id="iam_01_0016__b987914143305">obs:</strong>) are available only for operations of the corresponding service.</p>
 </td>
 </tr>
-<tr id="iam_01_0016__row1123514182018"><td class="cellrowborder" valign="top" width="16.07%" headers="mcps1.3.2.2.5.2.1.5.1.2.3.1.1 "><p id="iam_01_0016__p523518422018">Operator</p>
+<tr id="iam_01_0016__row1123514182018"><td class="cellrowborder" valign="top" width="16.07%" headers="mcps1.3.2.2.4.2.1.5.1.2.3.1.1 "><p id="iam_01_0016__p523518422018">Operator</p>
 </td>
-<td class="cellrowborder" valign="top" width="83.93%" headers="mcps1.3.2.2.5.2.1.5.1.2.3.1.2 "><p id="iam_01_0016__p7235134102010">Used together with a condition key to form a complete condition statement.</p>
+<td class="cellrowborder" valign="top" width="83.93%" headers="mcps1.3.2.2.4.2.1.5.1.2.3.1.2 "><p id="iam_01_0016__p7235134102010">Used together with a condition key to form a complete condition statement.</p>
 </td>
 </tr>
-<tr id="iam_01_0016__row3235134162018"><td class="cellrowborder" valign="top" width="16.07%" headers="mcps1.3.2.2.5.2.1.5.1.2.3.1.1 "><p id="iam_01_0016__p9235846201">Value</p>
+<tr id="iam_01_0016__row3235134162018"><td class="cellrowborder" valign="top" width="16.07%" headers="mcps1.3.2.2.4.2.1.5.1.2.3.1.1 "><p id="iam_01_0016__p9235846201">Value</p>
 </td>
-<td class="cellrowborder" valign="top" width="83.93%" headers="mcps1.3.2.2.5.2.1.5.1.2.3.1.2 "><p id="iam_01_0016__p1323524182010">Used together with a condition key and an operator that requires a keyword, to form a complete condition statement.</p>
+<td class="cellrowborder" valign="top" width="83.93%" headers="mcps1.3.2.2.4.2.1.5.1.2.3.1.2 "><p id="iam_01_0016__p1323524182010">Used together with a condition key and an operator that requires a keyword, to form a complete condition statement.</p>
 </td>
 </tr>
 </tbody>
@ -38,11 +34,7 @@
 </div></div>
 </p></li><li id="iam_01_0016__li9754244913"><span>(Optional) To add another permission block for the policy, click <strong id="iam_01_0016__b1053158143012">Add Permissions</strong>. Alternatively, click the plus (+) icon on the right of an existing permission block to clone its permissions.</span></li><li id="iam_01_0016__li148711411476"><span>(Optional) Enter a brief description for the policy.</span></li><li id="iam_01_0016__li435416457312"><span>Click <strong id="iam_01_0016__b1914192083117">OK</strong>.</span></li><li id="iam_01_0016__li14344102511819"><span>Attach the policy to a user group. Users in the group then inherit the permissions defined in the policy.</span></li></ol>
 </div>
-<div class="section" id="iam_01_0016__section199855814265"><h4 class="sectiontitle">Creating a Custom Policy in JSON View</h4><ol id="iam_01_0016__ol06251565191"><li id="iam_01_0016__li1116202310310"><span>On the IAM console, choose <span class="uicontrol" id="iam_01_0016__uicontrol133681436153116"><b>Policies</b></span> in the navigation pane, and click <span class="uicontrol" id="iam_01_0016__uicontrol337493673110"><b>Create Custom Policy</b></span>.</span></li><li id="iam_01_0016__li7625105616193"><span>Enter a policy name.</span></li><li id="iam_01_0016__li18626656161912"><span>Select a scope based on the type of services related to this policy.</span><p><ul id="iam_01_0016__ul1343810211968"><li id="iam_01_0016__li1987713580105"><strong id="iam_01_0016__b1491218450315">Global services</strong>: Select this option if the services to which the policy is related must be deployed in the Global region. When creating custom policies for globally deployed services, specify the scope as <strong id="iam_01_0016__b137261847183110">Global services</strong>. Custom policies of this scope must be attached to user groups for the global service project.</li><li id="iam_01_0016__li21871151191112"><strong id="iam_01_0016__b2165105493114">Project-level services</strong>: Select this option if the services to which the policy is related must be deployed in specific regions. When creating custom policies for regionally deployed services, specify the scope as <strong id="iam_01_0016__b1811805613317">Project-level services</strong>. Custom policies of this scope must be attached to user groups for specific projects except the global service project.</li></ul>
+<div class="section" id="iam_01_0016__section199855814265"><h4 class="sectiontitle">Creating a Custom Policy in JSON View</h4><ol id="iam_01_0016__ol06251565191"><li id="iam_01_0016__li1116202310310"><span>On the IAM console, choose <span class="uicontrol" id="iam_01_0016__uicontrol133681436153116"><b>Policies</b></span> in the navigation pane, and click <span class="uicontrol" id="iam_01_0016__uicontrol337493673110"><b>Create Custom Policy</b></span>.</span></li><li id="iam_01_0016__li7625105616193"><span>Enter a policy name.</span></li><li id="iam_01_0016__li1993914919215"><span>Select <strong id="iam_01_0016__b1766716616327">JSON</strong>.</span></li><li id="iam_01_0016__li1862615614192"><span>(Optional) Click <strong id="iam_01_0016__b845691218322">Select Existing Policy</strong>, and select a policy to use it as a template, such as <span class="parmvalue" id="iam_01_0016__parmvalue246331253211"><b>VPC Admin</b></span>.</span></li><li id="iam_01_0016__li462625651918"><span>Click <strong id="iam_01_0016__b1967120463323">OK</strong>.</span></li><li id="iam_01_0016__li12626556101911"><span>Modify the statement in the template.</span><p><ul id="iam_01_0016__ul1962675611912"><li id="iam_01_0016__li8626156181918"><strong id="iam_01_0016__b1321618355552">Effect</strong>: Set it to <strong id="iam_01_0016__b18222335185517">Allow</strong> or <strong id="iam_01_0016__b2222193517555">Deny</strong>.</li><li id="iam_01_0016__li15627156151917"><strong id="iam_01_0016__b728719582329">Action</strong>: Enter the actions provided in the API actions table of the EVS service, for example, <strong id="iam_01_0016__b12293958153214">evs:volumes:create</strong>.<div class="note" id="iam_01_0016__note46271956111920"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0016__ul14627185611910"><li id="iam_01_0016__li1862717561195">The version of each custom policy is fixed at <strong id="iam_01_0016__b19951318173319">1.1</strong>.</li></ul>
 <p id="iam_01_0016__p1143812117615">For example, when creating a custom policy containing the action <strong id="iam_01_0016__b827087175512">evs:volumes:create</strong> for EVS, specify the scope as <strong id="iam_01_0016__b1427620710556">Project-level services</strong>.</p>
 <div class="note" id="iam_01_0016__note64381521166"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0016__p14438721361">A custom policy can contain actions of multiple services that are globally accessible or accessible through region-specific projects. To define permissions required to access both global and project-level services, create two custom policies and specify the scope as <strong id="iam_01_0016__b5680145143217">Global services</strong> and <strong id="iam_01_0016__b14682857329">Project-level services</strong>.</p>
 </div></div>
 </p></li><li id="iam_01_0016__li1993914919215"><span>Select <strong id="iam_01_0016__b1766716616327">JSON</strong>.</span></li><li id="iam_01_0016__li1862615614192"><span>(Optional) Click <strong id="iam_01_0016__b845691218322">Select Existing Policy</strong>, and select a policy to use it as a template, such as <span class="parmvalue" id="iam_01_0016__parmvalue246331253211"><b>VPC Admin</b></span>.</span></li><li id="iam_01_0016__li462625651918"><span>Click <strong id="iam_01_0016__b1967120463323">OK</strong>.</span></li><li id="iam_01_0016__li12626556101911"><span>Modify the statement in the template.</span><p><ul id="iam_01_0016__ul1962675611912"><li id="iam_01_0016__li8626156181918"><strong id="iam_01_0016__b1321618355552">Effect</strong>: Set it to <strong id="iam_01_0016__b18222335185517">Allow</strong> or <strong id="iam_01_0016__b2222193517555">Deny</strong>.</li><li id="iam_01_0016__li15627156151917"><strong id="iam_01_0016__b728719582329">Action</strong>: Enter the actions provided in the API actions table of the EVS service, for example, <strong id="iam_01_0016__b12293958153214">evs:volumes:create</strong>.<div class="note" id="iam_01_0016__note46271956111920"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0016__ul14627185611910"><li id="iam_01_0016__li1862717561195">The version of each custom policy is fixed at <strong id="iam_01_0016__b19951318173319">1.1</strong>.</li></ul>
 </div></div>
 </li></ul>
 </p></li><li id="iam_01_0016__li106271756131914"><span>(Optional) Enter a brief description for the policy.</span></li><li id="iam_01_0016__li1162725661910"><span>Click <strong id="iam_01_0016__b163841614349">OK</strong>. If the policy list is displayed, the policy is created successfully.</span></li><li id="iam_01_0016__li4291119181"><span>Attach the policy to a user group. Users in the group then inherit the permissions defined in the policy.</span></li></ol>
--- a/docs/iam/umn/iam_01_0023.html
+++ b/docs/iam/umn/iam_01_0023.html
@ -3,7 +3,7 @@
 <h1 class="topictitle1">Identity Management</h1>
 <div id="body1503913294037"><p id="iam_01_0023__p427028131810">You can manage users in your account and their security credentials. In addition, you can configure identity federation so that users in other systems can access the cloud platform through SSO.</p>
 <div class="section" id="iam_01_0023__section1475194083513"><h4 class="sectiontitle">Domain</h4><p id="iam_01_0023__p26559307143857">A domain, also called an "account", is created upon successful registration with the cloud platform. The domain has full access permissions for its cloud services and resources.</p>
-<p id="iam_01_0023__p1214512437357">For security purposes, create a security administrator and grant them <strong id="iam_01_0023__b842352706194711">Security Administrator</strong> permissions to manage users and their permissions in your account.</p>
+<p id="iam_01_0023__p1214512437357">For security purposes, create a security administrator and grant them <strong id="iam_01_0023__b4691102018252">Security Administrator</strong> permissions to manage users and their permissions in your account.</p>
 <div class="fignone" id="iam_01_0023__fig10960172283211"><span class="figcap"><b>Figure 1 </b>Account management model</span><br><span><img id="iam_01_0023__image131616505186" src="en-us_image_0274187193.png" width="NaN" height="NaN"></span></div>
 </div>
 <div class="section" id="iam_01_0023__section201417411614"><h4 class="sectiontitle">User</h4><p id="iam_01_0023__p49102262144454">You or other administrators can create users for employees, systems, or applications in IAM. The users can log in to the console or access APIs using their own identity credentials (passwords and access keys).</p>
--- a/docs/iam/umn/iam_01_0029.html
+++ b/docs/iam/umn/iam_01_0029.html
--- a/docs/iam/umn/iam_01_0030.html
+++ b/docs/iam/umn/iam_01_0030.html
@ -5,8 +5,9 @@
 <div class="section" id="iam_01_0030__s9fbc728347f3412e9eece3a8bcd322dd"><h4 class="sectiontitle">Procedure</h4><ol id="iam_01_0030__o6ce807f5f5874b1b91d7b259e6c8f7fe"><li id="iam_01_0030__l77e06b3545d94d6ab7947723329a49f4"><span>Choose <span class="menucascade" id="iam_01_0030__menucascade157465065015936"><b><span class="uicontrol" id="iam_01_0030__uicontrol28297739115936">Management &amp; Deployment</span></b> &gt; <b><span class="uicontrol" id="iam_01_0030__uicontrol34212982515942">Identity and Access Management</span></b></span>.</span></li><li id="iam_01_0030__l6bdcc18c65034e5d822c23312ace4d6c"><span>In the navigation pane, choose <strong id="iam_01_0030__b16130451">User Groups</strong>.</span></li><li id="iam_01_0030__lbf179c35bf344bd6880e02f7987e3646"><span>On the <strong id="iam_01_0030__en-us_topic_0046611269_b2385397092151">User Groups</strong> page, click <strong id="iam_01_0030__en-us_topic_0046611269_b362570492353">Create User Group</strong>.</span></li><li id="iam_01_0030__lc5c9922fb20841fab6f29ae09468afcc"><span>Enter a user group name.</span></li><li id="iam_01_0030__l4a950d0c978c49f2ba0552f9ecec9339"><span>(Optional) Enter a description for the user group.</span><p><div class="note" id="iam_01_0030__nb32882fa99194d7f83d971098df068e6"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0030__en-us_topic_0111879498_p348815281144">To enable users to directly view their permissions, set a description for the user group. For example, if you assign the <strong id="iam_01_0030__b13738591249">Security Administrator</strong> role to a user group, you can set any description in the <strong id="iam_01_0030__b6784591447">Description</strong> text box. For example: <strong id="iam_01_0030__b14793596415">Security Administrator: Permissions for creating, deleting, and modifying users as well as granting permissions to users.</strong> For details about the permissions for all cloud services, see <a href="https://docs.otc.t-systems.com/permissions/index.html" target="_blank" rel="noopener noreferrer">Permission Description</a>.</p>
 </div></div>
 </p></li><li id="iam_01_0030__lb24e36a0bdae42dba9d4aecca47a38b6"><span>Click <span class="uicontrol" id="iam_01_0030__uicontrol18639161555814"><b>OK</b></span>.</span><p><p id="iam_01_0030__a9a41309fe18944f7b258dbbc53f7560a">The user group is displayed in the user group list.</p>
-</p></li><li id="iam_01_0030__en-us_topic_0111879498_li2918054318"><span>In the row containing the user group, click <strong id="iam_01_0030__b212411137182">Manage Permissions</strong>.</span></li><li id="iam_01_0030__li47981711141315"><span>On the <strong id="iam_01_0030__b1081025610202">Permissions</strong> tab page, click <strong id="iam_01_0030__b981135615209">Assign Permissions</strong> above the permission list.</span></li><li id="iam_01_0030__li82338188252"><span>Specify the authorization scope. If you select <strong id="iam_01_0030__b1443915142114">Region-specific projects</strong>, select one or more projects in the drop-down list.</span><p><ul id="iam_01_0030__ul127934246522"><li id="iam_01_0030__li779313242525"><strong id="iam_01_0030__b02541147292">Global service project</strong>: Services deployed without specifying physical regions are called global services, such as Object Storage Service (OBS), and Tag Management Service (TMS). Permissions for these services must be assigned in the global service project.</li><li id="iam_01_0030__li334132620527"><strong id="iam_01_0030__b1365885413213">Region-specific projects</strong>: Services deployed in specific regions are called project-level services. Permissions for these services need to be assigned in region-specific projects and take effect only for the corresponding regions. If you want the permissions to take effect for all regions, grant them in all these regions.</li></ul>
+</p></li><li id="iam_01_0030__li171502379585"><span>In the row containing the user group, click <strong id="iam_01_0030__b1271425616378">Authorize</strong> in the <strong id="iam_01_0030__b1371485617375">Operation</strong> column.</span></li><li id="iam_01_0030__li1942195213331"><span>Assign permissions for region-specific projects to the user group.</span><p><ol type="a" id="iam_01_0030__ol944245893318"><li id="iam_01_0030__li1616410471618">Select desired permissions for project-level services and click <strong id="iam_01_0030__b897418242397">Next</strong>.</li><li id="iam_01_0030__li199971357617">Set <strong id="iam_01_0030__b163191033125013">Scope</strong> to <strong id="iam_01_0030__b46761052145013">Regional-specific projects</strong>, select the regional project, and click <strong id="iam_01_0030__b1229315129515">OK</strong>.</li></ol>
-</p></li><li id="iam_01_0030__li1559103315530"><span>Select policies and click <strong id="iam_01_0030__b1952921411221">OK</strong>.</span></li></ol>
+</p></li><li id="iam_01_0030__li2033119663115"><span>Assign permissions for global services to the user group.</span><p><ol type="a" id="iam_01_0030__ol6113201115319"><li id="iam_01_0030__li15207142020165">Select permissions for global services, such as <strong id="iam_01_0030__b1860444585111">OBS OperateAccess</strong>, and click <strong id="iam_01_0030__b26045457517">Next</strong>.</li><li id="iam_01_0030__li12207320171613">Select <strong id="iam_01_0030__b16253622195219">All resources</strong> for <strong id="iam_01_0030__b112531822195214">Scope</strong> and click <strong id="iam_01_0030__b162538228522">OK</strong>.</li></ol>
 </p></li></ol>
 </div>
 </div>
 <div>
--- a/docs/iam/umn/iam_01_0063.html
+++ b/docs/iam/umn/iam_01_0063.html
@ -1,13 +1,13 @@
 <a name="iam_01_0063"></a><a name="iam_01_0063"></a>
 <h1 class="topictitle1">(Optional) Assigning Permissions to an IAM User (by a Delegated Party)</h1>
-<div id="body1484205204048"><p id="iam_01_0063__en-us_topic_0170090700_p1990517262426">When a trust relationship is established between your account and another account, you become a delegated party. By default, only your account and the members of the <strong id="iam_01_0063__en-us_topic_0170090700_b29421830162810">admin</strong> group can manage resources for the delegating party. To authorize IAM users to manage these resources, assign permissions to the users.</p>
+<div id="body1484205204048"><p id="iam_01_0063__en-us_topic_0170090700_p1990517262426">When a trust relationship is established between your account and another account, you become a delegated party. By default, only your account and the members of the <strong id="iam_01_0063__en-us_topic_0170090700_b939911403512">admin</strong> group can manage resources for the delegating party. To authorize IAM users to manage these resources, assign permissions to the users.</p>
 <p id="iam_01_0063__en-us_topic_0170090700_p113724394279">You can authorize an IAM user to manage resources for all delegating parties, or authorize the user to manage resources for a specific delegating party.</p>
 <div class="section" id="iam_01_0063__en-us_topic_0170090700_section8625973163627"><h4 class="sectiontitle">Prerequisites</h4><ul id="iam_01_0063__en-us_topic_0170090700_ul29219768113237"><li id="iam_01_0063__en-us_topic_0170090700_li6222311493312">A trust relationship has been established between your account and another account.</li><li id="iam_01_0063__en-us_topic_0170090700_li55189331113237">You have obtained the name of the delegating account and the name and ID of the created agency.</li></ul>
 </div>
 <div class="section" id="iam_01_0063__en-us_topic_0170090700_section126738501115"><h4 class="sectiontitle">Procedure</h4><ol id="iam_01_0063__en-us_topic_0170090700_ol12911218193512"><li id="iam_01_0063__en-us_topic_0170090700_li135311310144613"><a name="iam_01_0063__en-us_topic_0170090700_li135311310144613"></a><a name="en-us_topic_0170090700_li135311310144613"></a><span>Create a user group and grant permissions to it.</span><p><ol type="a" id="iam_01_0063__en-us_topic_0170090700_ol185478381413"><li id="iam_01_0063__en-us_topic_0170090700_lbf179c35bf344bd6880e02f7987e3646">On the <strong id="iam_01_0063__en-us_topic_0170090700_a77708ffee09d4381b4dfc8f4ee4a58fe">User Groups</strong> page, click <strong id="iam_01_0063__en-us_topic_0170090700_en-us_topic_0046611269_b362570492353">Create User Group</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_lc5c9922fb20841fab6f29ae09468afcc">Enter a user group name.</li><li id="iam_01_0063__en-us_topic_0170090700_lb24e36a0bdae42dba9d4aecca47a38b6">Click <strong id="iam_01_0063__en-us_topic_0170090700_b89714992012">OK</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_en-us_topic_0111879498_li2918054318">In the row containing the user group, click <strong id="iam_01_0063__en-us_topic_0170090700_b25011226518">Authorize</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_li7818855162215">Create a custom policy.<div class="note" id="iam_01_0063__en-us_topic_0170090700_note1936081162414"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0063__en-us_topic_0170090700_p336012115247">This step is used to create a policy containing permissions required to manage resources for a specific agency. If you want to authorize an IAM user to manage resources for all agencies, go to <a href="#iam_01_0063__en-us_topic_0170090700_li027318403345">1.f</a>.</p>
 </div></div>
-<ol class="substepthirdol" id="iam_01_0063__en-us_topic_0170090700_ol441072882414"><li id="iam_01_0063__en-us_topic_0170090700_li541082814245">On the <strong id="iam_01_0063__en-us_topic_0170090700_b15655103525214">Select Policy/Role</strong> page, click <strong id="iam_01_0063__en-us_topic_0170090700_b035264217521">Create Policy</strong> in the upper right corner of the permission list.</li><li id="iam_01_0063__en-us_topic_0170090700_li24106288249">Enter a policy name.</li><li id="iam_01_0063__en-us_topic_0170090700_li10410528122413">Select <strong id="iam_01_0063__en-us_topic_0170090700_b19217161175316">JSON</strong> for <strong id="iam_01_0063__en-us_topic_0170090700_b1121712117538">Policy View</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_li134101228182419">In the <span class="parmname" id="iam_01_0063__en-us_topic_0170090700_parmname1876639848"><b>Policy Content</b></span> area, enter the following content:<pre class="screen" id="iam_01_0063__en-us_topic_0170090700_screen7410102852411">{
+<ol class="substepthirdol" id="iam_01_0063__en-us_topic_0170090700_ol441072882414"><li id="iam_01_0063__en-us_topic_0170090700_li541082814245">On the <strong id="iam_01_0063__en-us_topic_0170090700_b15655103525214">Select Policy/Role</strong> page, click <strong id="iam_01_0063__en-us_topic_0170090700_b035264217521">Create Policy</strong> in the upper right corner of the permission list.</li><li id="iam_01_0063__en-us_topic_0170090700_li24106288249">Enter a policy name.</li><li id="iam_01_0063__en-us_topic_0170090700_li10410528122413">Select <strong id="iam_01_0063__en-us_topic_0170090700_b19217161175316">JSON</strong> for <strong id="iam_01_0063__en-us_topic_0170090700_b1121712117538">Policy View</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_li134101228182419">In the <span class="parmname" id="iam_01_0063__en-us_topic_0170090700_parmname673129492"><b>Policy Content</b></span> area, enter the following content:<pre class="screen" id="iam_01_0063__en-us_topic_0170090700_screen7410102852411">{
        "Version": "1.1",
        "Statement": [
                {
@ -23,12 +23,12 @@
                }
        ]
 }</pre>
-<div class="note" id="iam_01_0063__en-us_topic_0170090700_note14410928162419"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0063__en-us_topic_0170090700_ul1241020281240"><li id="iam_01_0063__en-us_topic_0170090700_li741015282242">Replace <em id="iam_01_0063__en-us_topic_0170090700_i770497262">b36b1258b5dc41a4aa8255508xxx...</em> with the agency ID obtained from a delegating party. Do not make any other changes.</li><li id="iam_01_0063__en-us_topic_0170090700_li15410328112415">For more information about permissions, see <a href="iam_01_0015.html">Permissions</a>.</li></ul>
+<div class="note" id="iam_01_0063__en-us_topic_0170090700_note14410928162419"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0063__en-us_topic_0170090700_ul1241020281240"><li id="iam_01_0063__en-us_topic_0170090700_li741015282242">Replace <em id="iam_01_0063__en-us_topic_0170090700_i452989001">b36b1258b5dc41a4aa8255508xxx...</em> with the agency ID obtained from a delegating party. Do not make any other changes.</li><li id="iam_01_0063__en-us_topic_0170090700_li15410328112415">For more information about permissions, see <a href="iam_01_0015.html">Permissions</a>.</li></ul>
 </div></div>
 </li><li id="iam_01_0063__en-us_topic_0170090700_li44101728132415">Click <strong id="iam_01_0063__en-us_topic_0170090700_b684191413531">Next</strong>.</li></ol>
-</li><li id="iam_01_0063__en-us_topic_0170090700_li027318403345"><a name="iam_01_0063__en-us_topic_0170090700_li027318403345"></a><a name="en-us_topic_0170090700_li027318403345"></a>Select the policy created in the previous step or the <span class="parmvalue" id="iam_01_0063__en-us_topic_0170090700_parmvalue58281727155316"><b>Agent Operator</b></span> role and click <strong id="iam_01_0063__en-us_topic_0170090700_b12369931155519">Next</strong>.<ul id="iam_01_0063__en-us_topic_0170090700_ul420813653713"><li id="iam_01_0063__en-us_topic_0170090700_li14514154073710">Custom policy: Allows a user to manage resources only for a specific agency.</li><li id="iam_01_0063__en-us_topic_0170090700_li451415401377"><strong id="iam_01_0063__en-us_topic_0170090700_b73021448105510">Agent Operator</strong> role: Allows a user to manage resources for all agencies.</li></ul>
+</li><li id="iam_01_0063__en-us_topic_0170090700_li027318403345"><a name="iam_01_0063__en-us_topic_0170090700_li027318403345"></a><a name="en-us_topic_0170090700_li027318403345"></a>Select the policy created in the previous step or the <span class="parmvalue" id="iam_01_0063__en-us_topic_0170090700_parmvalue58281727155316"><b>Agent Operator</b></span> role and click <strong id="iam_01_0063__en-us_topic_0170090700_b12369931155519">Next</strong>.<ul id="iam_01_0063__en-us_topic_0170090700_ul420813653713"><li id="iam_01_0063__en-us_topic_0170090700_li14514154073710">Custom policy: Allows a user to manage resources only for an agency identified by a specific ID.</li><li id="iam_01_0063__en-us_topic_0170090700_li451415401377"><strong id="iam_01_0063__en-us_topic_0170090700_b73021448105510">Agent Operator</strong> role: Allows a user to manage resources for all agencies.</li></ul>
 </li><li id="iam_01_0063__en-us_topic_0170090700_li2784645193516">Specify the authorization scope.</li><li id="iam_01_0063__en-us_topic_0170090700_lf9efb0c8fbcf4319876dfb166db82d93">Click <strong id="iam_01_0063__en-us_topic_0170090700_b1736119357239">OK</strong>.</li></ol>
-</p></li><li id="iam_01_0063__en-us_topic_0170090700_li695863494610"><span>Create an IAM user and add the user to the user group.</span><p><ol type="a" id="iam_01_0063__en-us_topic_0170090700_ol1973131318477"><li id="iam_01_0063__en-us_topic_0170090700_en-us_topic_0046611303_li19845579">On the <strong id="iam_01_0063__en-us_topic_0170090700_a806108f280b94df388a55abcd07ffd75">Users</strong> page, click <strong id="iam_01_0063__en-us_topic_0170090700_a5e6c8cf39bbc4493a122994663de10ea">Create User</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_leff3e1e7fed4402aa331ea7848149a5d">On the <strong id="iam_01_0063__en-us_topic_0170090700_b16514132925511">Create User</strong> page, enter a username.</li><li id="iam_01_0063__en-us_topic_0170090700_l325822f9287240eb9847d7175bcc7196">For the access type, select <strong id="iam_01_0063__en-us_topic_0170090700_b1236755731016">Management console access</strong> and <strong id="iam_01_0063__en-us_topic_0170090700_b132081954191018">Set by user</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_li179817611281">Enable login protection and click <strong id="iam_01_0063__en-us_topic_0170090700_b82544931311">Next</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_lae070020d47a4845b25fd84d72d5e582">Select the user group created in <a href="#iam_01_0063__en-us_topic_0170090700_li135311310144613">1</a> and click <strong id="iam_01_0063__en-us_topic_0170090700_b41421028165815">Create</strong>.<div class="note" id="iam_01_0063__en-us_topic_0170090700_note6447104555618"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0063__en-us_topic_0170090700_p171308275572">After the authorization is complete, the IAM user can switch to the account of the delegating party and manage specific resources under the account.</p>
+</p></li><li id="iam_01_0063__en-us_topic_0170090700_li695863494610"><span>Create an IAM user and add the user to the user group.</span><p><ol type="a" id="iam_01_0063__en-us_topic_0170090700_ol1973131318477"><li id="iam_01_0063__en-us_topic_0170090700_en-us_topic_0046611303_li19845579">On the <strong id="iam_01_0063__en-us_topic_0170090700_a806108f280b94df388a55abcd07ffd75">Users</strong> page, click <strong id="iam_01_0063__en-us_topic_0170090700_a5e6c8cf39bbc4493a122994663de10ea">Create User</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_leff3e1e7fed4402aa331ea7848149a5d">On the <strong id="iam_01_0063__en-us_topic_0170090700_b16514132925511">Create User</strong> page, enter a username.</li><li id="iam_01_0063__en-us_topic_0170090700_l325822f9287240eb9847d7175bcc7196">Select <strong id="iam_01_0063__en-us_topic_0170090700_b1236755731016">Management console access</strong> for <strong id="iam_01_0063__en-us_topic_0170090700_b01597117574">Access Type</strong> and then select <strong id="iam_01_0063__en-us_topic_0170090700_b132081954191018">Set by user</strong> for <strong id="iam_01_0063__en-us_topic_0170090700_b136131148165610">Credential Type</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_li179817611281">Enable login protection and click <strong id="iam_01_0063__en-us_topic_0170090700_b82544931311">Next</strong>.</li><li id="iam_01_0063__en-us_topic_0170090700_lae070020d47a4845b25fd84d72d5e582">Select the user group created in <a href="#iam_01_0063__en-us_topic_0170090700_li135311310144613">1</a> and click <strong id="iam_01_0063__en-us_topic_0170090700_b41421028165815">Create</strong>.<div class="note" id="iam_01_0063__en-us_topic_0170090700_note6447104555618"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0063__en-us_topic_0170090700_p171308275572">After the authorization is complete, the IAM user can switch to the account of the delegating party and manage specific resources under the account.</p>
 </div></div>
 </li></ol>
 </p></li></ol>
--- a/docs/iam/umn/iam_01_0430.html
+++ b/docs/iam/umn/iam_01_0430.html
@ -3,12 +3,12 @@
-<h1 class="topictitle1">Deleting a User Group</h1>
+<h1 class="topictitle1">Deleting User Groups</h1>
 <div id="body0000001474724360"><div class="section" id="iam_01_0430__en-us_topic_0000001280434532_section73474101524"><h4 class="sectiontitle">Procedure</h4><p id="iam_01_0430__en-us_topic_0000001280434532_p17218137521">To delete a user group, do the following:</p>
 </div>
-<ol id="iam_01_0430__en-us_topic_0000001280434532_ol1771074165311"><li id="iam_01_0430__en-us_topic_0000001280434532_li771064165312"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_01_0430__en-us_topic_0000001280434532_b49416816266">User Groups</strong>.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li123855243548"><span>In the user group list, click <strong id="iam_01_0430__en-us_topic_0000001280434532_b98701484424843">Delete</strong> in the row that contains the user group to be deleted.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li12439230310"><span>In the displayed dialog box, click <strong id="iam_01_0430__en-us_topic_0000001280434532_b176037717438">Yes</strong>.</span></li></ol>
+<ol id="iam_01_0430__en-us_topic_0000001280434532_ol1771074165311"><li id="iam_01_0430__en-us_topic_0000001280434532_li771064165312"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_01_0430__en-us_topic_0000001280434532_b98431314165112">User Groups</strong>.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li123855243548"><span>In the user group list, click <strong id="iam_01_0430__en-us_topic_0000001280434532_b98701484424843">Delete</strong> in the row that contains the user group to be deleted.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li12439230310"><span>In the displayed dialog box, click <strong id="iam_01_0430__en-us_topic_0000001280434532_b176037717438">Yes</strong>.</span></li></ol>
 <div class="section" id="iam_01_0430__en-us_topic_0000001280434532_section2924729124712"><h4 class="sectiontitle">Batch Deleting User Groups</h4><p id="iam_01_0430__en-us_topic_0000001280434532_p1971532144717">To delete multiple user groups at a time, do the following:</p>
-<ol id="iam_01_0430__en-us_topic_0000001280434532_ol15628332641"><li id="iam_01_0430__en-us_topic_0000001280434532_li26285329413"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_01_0430__en-us_topic_0000001280434532_b181723589283">User Groups</strong>.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li102171242143"><span>In the user group list, select the user groups to be deleted and click <strong id="iam_01_0430__en-us_topic_0000001280434532_b13135859195316">Delete</strong> above the list.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li074717495264"><span>In the displayed dialog box, click <strong id="iam_01_0430__en-us_topic_0000001280434532_b183184214543">Yes</strong>.</span></li></ol>
+<ol id="iam_01_0430__en-us_topic_0000001280434532_ol15628332641"><li id="iam_01_0430__en-us_topic_0000001280434532_li26285329413"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_01_0430__en-us_topic_0000001280434532_b1755922914513">User Groups</strong>.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li102171242143"><span>In the user group list, select the user groups to be deleted and click <strong id="iam_01_0430__en-us_topic_0000001280434532_b13135859195316">Delete</strong> above the list.</span></li><li id="iam_01_0430__en-us_topic_0000001280434532_li074717495264"><span>In the displayed dialog box, click <strong id="iam_01_0430__en-us_topic_0000001280434532_b183184214543">Yes</strong>.</span></li></ol>
 </div>
 </div>
 <div>
--- a/docs/iam/umn/iam_01_0607.html
+++ b/docs/iam/umn/iam_01_0607.html
@ -8,7 +8,7 @@
 <p id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_p1187015426389">Only the <a href="iam_01_0023.html#iam_01_0023__section1475194083513">administrator</a> can configure the password policy, and IAM users can only view the configurations. If an IAM user needs to modify the configurations, the user can request the administrator to perform the modification or grant the required permissions.</p>
 <p id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_p4241234114613">You can configure the password policy to ensure that IAM users create strong passwords and rotate them periodically. In the password policy, you can define password requirements, such as minimum password length, whether to allow consecutive identical characters in a password, and whether to allow previously used passwords.</p>
 <div class="section" id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_section222481512916"><a name="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_section222481512916"></a><a name="en-us_topic_0177717041_en-us_topic_0176803439_section222481512916"></a><h4 class="sectiontitle">Password Composition &amp; Reuse</h4><ul id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_ul92484013198"><li id="iam_01_0607__en-us_topic_0177717041_li57238117312">Ensure that the password contains 2 to 4 of the following character types: uppercase letters, lowercase letters, digits, and special characters. By default, the password must contain at least 2 of these character types.</li><li id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_li4249409199">Set the minimum number of characters that a password must contain. The default value is 6 and the value range is from 6 to 32.</li><li id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_li32751235102154">(Optional) Enable the <strong id="iam_01_0607__en-us_topic_0177717041_b658972713200">Restrict consecutive identical characters</strong> option and set the maximum number of times that a character is allowed to be consecutively present in a password. For example, value <strong id="iam_01_0607__en-us_topic_0177717041_b14807101114320">1</strong> indicates that consecutive identical characters are not allowed in a password.</li><li id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_li6392046810225">(Optional) Enable the <strong id="iam_01_0607__en-us_topic_0177717041_b10478544202010">Disallow previously used passwords</strong> option and set the number of previously used passwords that are not allowed. For example, value <strong id="iam_01_0607__en-us_topic_0177717041_b129741751152014">3</strong> indicates that the user cannot set the last three passwords that the user has previously used when setting a new password.</li></ul>
-<p id="iam_01_0607__en-us_topic_0177717041_p1915794210538">Changes to the password policy take effect the next time you or your IAM users change passwords. IAM users created later will also adhere to the updated password policy.</p>
+<p id="iam_01_0607__en-us_topic_0177717041_p1915794210538">Changes to the password policy take effect the next time you or your IAM users change passwords. The new password policy will also apply to IAM users created later.</p>
 </div>
 <div class="section" id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_section104571219917"><a name="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_section104571219917"></a><a name="en-us_topic_0177717041_en-us_topic_0176803439_section104571219917"></a><h4 class="sectiontitle">Password Expiration</h4><p id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_p69405108576">Set a validity period for passwords so that users need to change their passwords periodically. The users will be prompted to change their passwords 15 days before password expiration. Expired passwords cannot be used to log in to the cloud platform.</p>
 <p id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_p142851226101717">This option is disabled by default. The validity period ranges from 1 to 180 days.</p>
@ -17,7 +17,7 @@
 <div class="note" id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_note48203233014"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0607__en-us_topic_0177717041_p1651012446616">After the password expires, users need to set a new password through the URL sent by email. The new password must be different from the old password.</p>
 </div></div>
 <div class="section" id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_section86671628898"><a name="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_section86671628898"></a><a name="en-us_topic_0177717041_en-us_topic_0176803439_section86671628898"></a><h4 class="sectiontitle">Minimum Password Age</h4><p id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_p107381353125710">To prevent password loss due to frequent password changes, you can set a minimum period after which users are allowed to make a password change.</p>
-<p id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_p103951122162619">This option is disabled by default. If you enable this option, you can set a period from 0 to 1440 minutes.</p>
+<p id="iam_01_0607__en-us_topic_0177717041_en-us_topic_0176803439_p103951122162619">This option is disabled by default. The validity period ranges from 0 to 1,440 minutes.</p>
 <p id="iam_01_0607__en-us_topic_0177717041_p176525413714">The changes will take effect immediately for your account and all IAM users under your account.</p>
 </div>
 </div>
--- a/docs/iam/umn/iam_01_0653.html
+++ b/docs/iam/umn/iam_01_0653.html
@ -8,7 +8,7 @@
 <p id="iam_01_0653__en-us_topic_0170814265_p13926203012228">To reset the login password of an IAM user, click <strong id="iam_01_0653__en-us_topic_0170814265_b125616249400">Security Settings</strong> in the row containing the user, click <span><img id="iam_01_0653__en-us_topic_0170814265_image18997559037" src="en-us_image_0000001207368543.png"></span> next to <strong id="iam_01_0653__en-us_topic_0170814265_b14682202454111">Login Password</strong> in the <strong id="iam_01_0653__en-us_topic_0170814265_b9931526174117">Login Credentials</strong> area, and select a password type.</p>
 <div class="note" id="iam_01_0653__en-us_topic_0170814265_note15818143613917"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0653__en-us_topic_0170814265_ul078232195515"><li id="iam_01_0653__en-us_topic_0170814265_li1563414589314">You can reset the password of an IAM user on the <strong id="iam_01_0653__en-us_topic_0170814265_b145682919401">Security Settings</strong> page.</li><li id="iam_01_0653__en-us_topic_0170814265_li1178173225510">IAM users can change their passwords on the <a href="iam_01_0703.html#iam_01_0703">Basic Information</a> tab. </li></ul>
 </div></div>
-<ul id="iam_01_0653__en-us_topic_0170814265_ul6247112615108"><li id="iam_01_0653__en-us_topic_0170814265_li11221732105017"><strong id="iam_01_0653__en-us_topic_0170814265_b1949464275210">Set by user</strong>: A one-time login URL will be emailed to the user. The user can then click on the link to set a password.</li><li id="iam_01_0653__en-us_topic_0170814265_li29689429508"><strong id="iam_01_0653__en-us_topic_0170814265_b178589547547">Automatically generated</strong>: A password will be automatically generated and then sent to the user by email.</li><li id="iam_01_0653__en-us_topic_0170814265_li542152441015"><strong id="iam_01_0653__en-us_topic_0170814265_b20191249125214">Set now</strong>: You set a new password and send the new password to the user.</li></ul>
+<ul id="iam_01_0653__en-us_topic_0170814265_ul6247112615108"><li id="iam_01_0653__en-us_topic_0170814265_li11221732105017"><strong id="iam_01_0653__en-us_topic_0170814265_b88021941581">Set by user</strong>: A one-time login URL will be emailed to the user. The user can then click on the link to set a password.</li><li id="iam_01_0653__en-us_topic_0170814265_li29689429508"><strong id="iam_01_0653__en-us_topic_0170814265_b178589547547">Automatically generated</strong>: A password will be automatically generated and then sent to the user by email.</li><li id="iam_01_0653__en-us_topic_0170814265_li542152441015"><strong id="iam_01_0653__en-us_topic_0170814265_b20191249125214">Set now</strong>: You set a new password and send the new password to the user.</li></ul>
 </div>
 <div>
 <div class="familylinks">
--- a/docs/iam/umn/iam_01_0655.html
+++ b/docs/iam/umn/iam_01_0655.html
@ -1,18 +1,15 @@
 <a name="iam_01_0655"></a><a name="iam_01_0655"></a>
-
+<h1 class="topictitle1">User Groups and Authorization</h1>
-  <h1 class="topictitle1">User Groups and Authorization</h1>
+<div id="body0000001474244896"><p id="iam_01_0655__p8060118"></p>
  <div id="body0000001474244896"><p id="iam_01_0655__p8060118"></p>
 </div>
 <div>
 <ul class="ullinks">
 <li class="ulchildlink"><strong><a href="en-us_topic_0046611269.html">Creating a User Group and Assigning Permissions</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="iam_03_0002.html">Adding Users to or Removing Users from a User Group</a></strong><br>
 </li>
-<li class="ulchildlink"><strong><a href="iam_01_0430.html">Deleting a User Group</a></strong><br>
+<li class="ulchildlink"><strong><a href="iam_01_0430.html">Deleting User Groups</a></strong><br>
 </li>
 <li class="ulchildlink"><strong><a href="en-us_topic_0085605493.html">Viewing and Modifying User Group Information</a></strong><br>
 </li>
--- a/docs/iam/umn/iam_01_0703.html
+++ b/docs/iam/umn/iam_01_0703.html
@ -5,7 +5,7 @@
 <h1 class="topictitle1">Basic Information</h1>
 <div id="body0000001473972962"><p id="iam_01_0703__en-us_topic_0179264309_p4661102101615">As an account administrator, both you and your IAM users can manage basic information on this page.</p>
-<div class="note" id="iam_01_0703__en-us_topic_0179264309_n5363690dd1f34032ba888da46d1a906a"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0703__en-us_topic_0179264309_u25fb87e7c7324b358ecc5c210befc515"><li id="iam_01_0703__en-us_topic_0179264309_en-us_topic_0178592858_li83130194914">A mobile number or an email address can be bound only to one account or IAM user.</li><li id="iam_01_0703__en-us_topic_0179264309_li957865014446">Only one mobile number, email address, and virtual MFA can be bound to an account or IAM user.</li></ul>
+<div class="note" id="iam_01_0703__en-us_topic_0179264309_n5363690dd1f34032ba888da46d1a906a"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_01_0703__en-us_topic_0179264309_u25fb87e7c7324b358ecc5c210befc515"><li id="iam_01_0703__en-us_topic_0179264309_en-us_topic_0178592858_li83130194914">A mobile number or an email address can be bound only to one account or IAM user.</li><li id="iam_01_0703__en-us_topic_0179264309_li957865014446">Only one mobile number, email address, and virtual MFA device can be bound to an account or IAM user.</li></ul>
 </div></div>
 <div class="section" id="iam_01_0703__en-us_topic_0179264309_section16155105164810"><h4 class="sectiontitle">Changing the Login Password, Mobile Number, Virtual MFA Device, or Email Address</h4><p id="iam_01_0703__en-us_topic_0179264309_a6415252298e1421881e7cc4b27670453">The methods for changing the login password, mobile number, virtual MFA device, and email address are similar. To change the login password, do as follows:</p>
 <ol id="iam_01_0703__en-us_topic_0179264309_o3c49b535fcfa44a489b6f68bd3ae506a"><li id="iam_01_0703__en-us_topic_0179264309_lfbc469dbb160443780333ce72d6ee0e4"><span>Go to the <a href="iam_07_0001.html#iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section113256158575">Security Settings</a> page.</span></li><li id="iam_01_0703__en-us_topic_0179264309_en-us_topic_0178592858_li12967141516"><span>Click the <strong id="iam_01_0703__en-us_topic_0179264309_b1853014131876">Basic Information</strong> tab, and click <strong id="iam_01_0703__en-us_topic_0179264309_b1553116131670">Change</strong> in the <strong id="iam_01_0703__en-us_topic_0179264309_b1253212132715">Login Password</strong> row.</span></li><li id="iam_01_0703__en-us_topic_0179264309_en-us_topic_0178592858_li9961414619"><span>(Optional) Select email address or mobile number verification, and enter the verification code.</span><p><div class="note" id="iam_01_0703__en-us_topic_0179264309_n6895d2b11d7545678f1bd5d3a67fcdcb"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_01_0703__en-us_topic_0179264309_en-us_topic_0178592858_p11529755351">If neither email address nor mobile number is bound, no verification is required.</p>
--- a/docs/iam/umn/iam_01_0704.html
+++ b/docs/iam/umn/iam_01_0704.html
@ -4,7 +4,7 @@
 <h1 class="topictitle1">Login Authentication Policy</h1>
-<div id="body0000001524812925"><p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p13197174193518">The <strong id="iam_01_0704__en-us_topic_0177717040_b1640931714618">Login Authentication Policy</strong> tab of the <a href="iam_07_0001.html#iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section113256158575">Security Settings</a> page provides the <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section10968105732412">Session Timeout</a>, <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section13189358">Account Lockout</a>, <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section446533912253">Recent Login Information</a>, <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section446533912253">Recent Login Information</a>, and <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section733474592515">Custom Information</a> settings. These settings take effect for both your account and the IAM users created using the account.</p>
+<div id="body0000001524812925"><p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p13197174193518">The <strong id="iam_01_0704__en-us_topic_0177717040_b14411121033312">Login Authentication Policy</strong> tab of the <a href="iam_07_0001.html#iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section113256158575">Security Settings</a> page provides the <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section10968105732412">Session Timeout</a>, <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section13189358">Account Lockout</a>, <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section1694311288250">Account Disabling</a>, <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section446533912253">Recent Login Information</a>, and <a href="#iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section733474592515">Custom Information</a> settings. These settings take effect for both your account and the IAM users created using the account.</p>
 <p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p105601183416">Only the <a href="iam_01_0023.html#iam_01_0023__section1475194083513">administrator</a> can configure the login authentication policy, and IAM users can only view the configurations. If an IAM user needs to modify the configurations, the user can request the administrator to perform the modification or grant the required permissions.</p>
 <div class="section" id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section10968105732412"><a name="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section10968105732412"></a><a name="en-us_topic_0177717040_en-us_topic_0176803438_section10968105732412"></a><h4 class="sectiontitle">Session Timeout</h4><p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p6421105303315">Set the session timeout that will apply if you or users created using your account do not perform any operations within a specific period.</p>
 <div class="fignone" id="iam_01_0704__en-us_topic_0177717040_fig05911116538"><span class="figcap"><b>Figure 1 </b>Session Timeout</span><br><span><img id="iam_01_0704__en-us_topic_0177717040_image8818151220313" src="en-us_image_0000001209613221.png" width="NaN" height="NaN"></span></div>
@ -23,7 +23,7 @@
 <p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p15608153223318">This option is disabled by default and can be enabled by the administrator.</p>
 </div>
 <div class="section" id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section733474592515"><a name="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_section733474592515"></a><a name="en-us_topic_0177717040_en-us_topic_0176803438_section733474592515"></a><h4 class="sectiontitle">Custom Information</h4><p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p413618192585">Set custom information that will be displayed upon successful login. For example, enter the word <strong id="iam_01_0704__en-us_topic_0177717040_b22955268166">Welcome</strong>.</p>
-<p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p1677710305343">No information is displayed by default, and the administrator can set custom information that will be displayed.</p>
+<p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p1677710305343">This option is disabled by default and can be enabled by the administrator.</p>
 <p id="iam_01_0704__en-us_topic_0177717040_en-us_topic_0176803438_p019411513147">You and all the IAM users created using your account will see the same information upon successful login.</p>
 </div>
 </div>
--- a/docs/iam/umn/iam_03_0002.html
+++ b/docs/iam/umn/iam_03_0002.html
@ -4,10 +4,10 @@
 <h1 class="topictitle1">Adding Users to or Removing Users from a User Group</h1>
-<div id="body0000001524764821"><p id="iam_03_0002__en-us_topic_0170098790_p7142104210285">A user inherits permissions from the groups to which the user belongs. To change the permissions of a user, add the user to a new group or remove the user from an existing group.</p>
+<div id="body0000001524764821"><p id="iam_03_0002__en-us_topic_0170098790_p7142104210285">A user inherits permissions from the groups which the user belongs to. To change the permissions of a user, add the user to a new group or remove the user from an existing group.</p>
 <div class="section" id="iam_03_0002__en-us_topic_0170098790_section13174442163212"><h4 class="sectiontitle">Adding Users to a User Group</h4><ol id="iam_03_0002__en-us_topic_0170098790_ol726227133520"><li id="iam_03_0002__en-us_topic_0170098790_li132628793515"><span>In the user group list, click <strong id="iam_03_0002__en-us_topic_0170098790_b5584173820305">Manage User</strong> in the row containing the target user group.</span></li><li id="iam_03_0002__en-us_topic_0170098790_li9127219153716"><span>In the <strong id="iam_03_0002__en-us_topic_0170098790_b179471038163516">Manage User</strong> dialog box, select the usernames to be added.</span></li><li id="iam_03_0002__en-us_topic_0170098790_li477916308379"><span>Click <strong id="iam_03_0002__en-us_topic_0170098790_b74761426163110">OK</strong>.</span></li></ol>
 </div>
-<div class="section" id="iam_03_0002__en-us_topic_0170098790_section651117322241"><h4 class="sectiontitle">Removing Users from a User Group</h4><ol id="iam_03_0002__en-us_topic_0170098790_ol4847105416246"><li id="iam_03_0002__en-us_topic_0170098790_li1446218571244"><span>In the user group list, click <strong id="iam_03_0002__en-us_topic_0170098790_b613063983010">Manage User</strong> in the row containing the target user group.</span></li><li id="iam_03_0002__en-us_topic_0170098790_li121018223257"><span>In the <strong id="iam_03_0002__en-us_topic_0170098790_b14901358124918">Selected Users</strong> area, click <strong id="iam_03_0002__en-us_topic_0170098790_b1621964825012">x</strong> in the row containing the usernames to be removed and click <strong id="iam_03_0002__en-us_topic_0170098790_b1570333195110">OK</strong>.</span></li></ol>
+<div class="section" id="iam_03_0002__en-us_topic_0170098790_section651117322241"><h4 class="sectiontitle">Removing Users from a User Group</h4><ol id="iam_03_0002__en-us_topic_0170098790_ol4847105416246"><li id="iam_03_0002__en-us_topic_0170098790_li1446218571244"><span>In the user group list, click <strong id="iam_03_0002__en-us_topic_0170098790_b1168634435016">Manage User</strong> in the row containing the target user group.</span></li><li id="iam_03_0002__en-us_topic_0170098790_li121018223257"><span>In the <strong id="iam_03_0002__en-us_topic_0170098790_b134711919163915">Selected Users</strong> area, locate the user to be removed and click the <strong id="iam_03_0002__en-us_topic_0170098790_b104712198392">×</strong>. Then, click <strong id="iam_03_0002__en-us_topic_0170098790_b2471101963915">OK</strong>.</span></li></ol>
 </div>
 </div>
 <div>
--- a/docs/iam/umn/iam_03_0004.html
+++ b/docs/iam/umn/iam_03_0004.html
@ -6,9 +6,9 @@
 <h1 class="topictitle1">Revoking Permissions of a User Group</h1>
 <div id="body0000001525364333"><div class="section" id="iam_03_0004__en-us_topic_0239602209_section161534461565"><h4 class="sectiontitle">Procedure</h4><p id="iam_03_0004__en-us_topic_0239602209_p14498145514562">To revoke a policy or role attached to a user group, do the following:</p>
 </div>
-<ol id="iam_03_0004__en-us_topic_0239602209_ol416792912434"><li id="iam_03_0004__en-us_topic_0239602209_li116711299435"><span>Log in to the . In the navigation pane, choose <strong id="iam_03_0004__en-us_topic_0239602209_b10619122419">User Groups</strong>.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li131671716174412"><span>Click the name of the user group to go to the group details page.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li17663174174414"><span>On the <strong id="iam_03_0004__en-us_topic_0239602209_b538717423473">Permissions</strong> tab, click <strong id="iam_03_0004__en-us_topic_0239602209_b1701185616476">Delete</strong> in the row that contains the role or policy you want to delete.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li2593851114717"><span>In the displayed dialog box, click <strong id="iam_03_0004__en-us_topic_0239602209_b31171725103913">Yes</strong>.</span></li></ol>
+<ol id="iam_03_0004__en-us_topic_0239602209_ol416792912434"><li id="iam_03_0004__en-us_topic_0239602209_li116711299435"><span>Log in to the . In the navigation pane, choose <strong id="iam_03_0004__en-us_topic_0239602209_b1542713153213">User Groups</strong>.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li131671716174412"><span>Click the name of the user group to go to the group details page.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li17663174174414"><span>On the <strong id="iam_03_0004__en-us_topic_0239602209_b538717423473">Permissions</strong> tab, click <strong id="iam_03_0004__en-us_topic_0239602209_b1701185616476">Delete</strong> in the row that contains the role or policy you want to delete.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li2593851114717"><span>In the displayed dialog box, click <strong id="iam_03_0004__en-us_topic_0239602209_b31171725103913">Yes</strong>.</span></li></ol>
 <div class="section" id="iam_03_0004__en-us_topic_0239602209_section1744519371053"><h4 class="sectiontitle">Batch Revoking Permissions of a User Group</h4><p id="iam_03_0004__en-us_topic_0239602209_p194421939250">To revoke multiple policies or roles attached to a user group, do as follows:</p>
-<ol id="iam_03_0004__en-us_topic_0239602209_ol5742626718"><li id="iam_03_0004__en-us_topic_0239602209_li27431725711"><span>Log in to the . In the navigation pane, choose <strong id="iam_03_0004__en-us_topic_0239602209_b88642410417">User Groups</strong>.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li1574314213714"><span>Click the name of the user group to go to the group details page.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li474414212715"><span>On the <strong id="iam_03_0004__en-us_topic_0239602209_b191415471709">Permissions</strong> page, select the roles or policies you want to delete and click <strong id="iam_03_0004__en-us_topic_0239602209_b439713251128">Delete</strong> above the list.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li17441721971"><span>In the displayed dialog box, click <strong id="iam_03_0004__en-us_topic_0239602209_b626407962">Yes</strong>.</span></li></ol>
+<ol id="iam_03_0004__en-us_topic_0239602209_ol5742626718"><li id="iam_03_0004__en-us_topic_0239602209_li27431725711"><span>Log in to the . In the navigation pane, choose <strong id="iam_03_0004__en-us_topic_0239602209_b1921312306212">User Groups</strong>.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li1574314213714"><span>Click the name of the user group to go to the group details page.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li474414212715"><span>On the <strong id="iam_03_0004__en-us_topic_0239602209_b191415471709">Permissions</strong> page, select the roles or policies you want to delete and click <strong id="iam_03_0004__en-us_topic_0239602209_b439713251128">Delete</strong> above the list.</span></li><li id="iam_03_0004__en-us_topic_0239602209_li17441721971"><span>In the displayed dialog box, click <strong id="iam_03_0004__en-us_topic_0239602209_b1825386208">Yes</strong>.</span></li></ol>
 </div>
 </div>
 <div>
--- a/docs/iam/umn/iam_06_0001.html
+++ b/docs/iam/umn/iam_06_0001.html
@ -4,12 +4,12 @@
 <div id="body1536567226740"><p id="iam_06_0001__en-us_topic_0175851542_p419452619206">The agency function enables you to delegate another account to implement O&amp;M on your resources based on assigned permissions.</p>
 <div class="note" id="iam_06_0001__en-us_topic_0175851542_note16465165619914"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_06_0001__en-us_topic_0175851542_p5441123874315">You can delegate resource access only to accounts. The accounts can then delegate access to IAM users under them.</p>
 </div></div>
-<p id="iam_06_0001__en-us_topic_0175851542_p14503234175719">The following is the procedure for delegating access to resources in one account to another account. Account A is the delegating party and account B is the delegated party.</p>
+<p id="iam_06_0001__en-us_topic_0175851542_p14503234175719">The following is the procedure for delegating resource access to another account. Account A is the delegating party and account B is the delegated party.</p>
 <ol id="iam_06_0001__en-us_topic_0175851542_ol93719291583"><li id="iam_06_0001__en-us_topic_0175851542_li7973436460"><span>Account A creates an agency in IAM to delegate resource access to account B.</span><p><div class="fignone" id="iam_06_0001__en-us_topic_0175851542_fig19451183916"><span class="figcap"><b>Figure 1 </b>(Account A) Creating an agency</span><br><span><img id="iam_06_0001__en-us_topic_0175851542_image1897310310466" src="en-us_image_0000001146708849.png" width="465.5" height="253.53856500000003" title="Click to enlarge" class="imgResize"></span></div>
 <p id="iam_06_0001__en-us_topic_0175851542_p79731315465"></p>
 </p></li><li id="iam_06_0001__en-us_topic_0175851542_li39403418580"><span>(Optional) Account B assigns permissions to an IAM user to manage specific resources for account A.</span><p><ol type="a" id="iam_06_0001__en-us_topic_0175851542_ol163021621138"><li id="iam_06_0001__en-us_topic_0175851542_li43022213316">Create a user group, and grant it permissions required to manage account A's resources.</li><li id="iam_06_0001__en-us_topic_0175851542_li185871121039">Create a user and add the user to the user group.</li></ol>
 <div class="fignone" id="iam_06_0001__en-us_topic_0175851542_fig13920195251916"><span class="figcap"><b>Figure 2 </b>(Account B) Authorizing an IAM user to manage delegated resources</span><br><span><img id="iam_06_0001__en-us_topic_0175851542_image132761059148" src="en-us_image_0000001100309480.png" width="464.33625" height="107.38686000000001" title="Click to enlarge" class="imgResize"></span></div>
-</p></li><li id="iam_06_0001__en-us_topic_0175851542_li1955916295913"><span>Account B or the authorized user manages account A's resources.</span><p><ol type="a" id="iam_06_0001__en-us_topic_0175851542_ol141821624908"><li id="iam_06_0001__en-us_topic_0175851542_li1018211241004">Log in to account B's account and switch the role to account A.</li><li id="iam_06_0001__en-us_topic_0175851542_li456168133010">Switch to region A and manage account A's resources in this region.</li></ol>
+</p></li><li id="iam_06_0001__en-us_topic_0175851542_li1955916295913"><span>Account B or the authorized user manages account A's resources.</span><p><ol type="a" id="iam_06_0001__en-us_topic_0175851542_ol141821624908"><li id="iam_06_0001__en-us_topic_0175851542_li1018211241004">Use account B to log in and switch the role to account A.</li><li id="iam_06_0001__en-us_topic_0175851542_li456168133010">Switch to region A and manage account A's resources in this region.</li></ol>
 <div class="fignone" id="iam_06_0001__en-us_topic_0175851542_fig192209187205"><span class="figcap"><b>Figure 3 </b>(Account B) Switching the role</span><br><span><img id="iam_06_0001__en-us_topic_0175851542_image3259945181410" src="en-us_image_0000001146589991.png" width="239.4" height="307.41088" title="Click to enlarge" class="imgResize"></span></div>
 </p></li></ol>
 </div>
--- a/docs/iam/umn/iam_06_0004.html
+++ b/docs/iam/umn/iam_06_0004.html
@ -3,10 +3,10 @@
-<h1 class="topictitle1">Cloud Service Delegation</h1>
+<h1 class="topictitle1">Cloud Service Agency</h1>
 <div id="body0000001508162049"><p id="iam_06_0004__en-us_topic_0175653574_p1042135223415">Services on the cloud platform interwork with each other, and some cloud services are dependent on other services. To delegate a cloud service to access other services and perform resource O&amp;M, create an agency for the service.</p>
 <p id="iam_06_0004__en-us_topic_0175653574_p678627165114">IAM provides two methods to create a cloud service agency:</p>
-<ol id="iam_06_0004__en-us_topic_0175653574_ol86339161512"><li id="iam_06_0004__en-us_topic_0175653574_li10633516195119"><a href="#iam_06_0004__en-us_topic_0175653574_section930952513442">Creating a cloud service agency on the IAM console</a><p id="iam_06_0004__en-us_topic_0175653574_p1989320316257">Take an OBS agency as an example. The agency allows OBS to call cloud services, for example, to read monitoring data from AOM.</p>
+<ol id="iam_06_0004__en-us_topic_0175653574_ol86339161512"><li id="iam_06_0004__en-us_topic_0175653574_li10633516195119"><a href="#iam_06_0004__en-us_topic_0175653574_section930952513442">Creating a cloud service agency on the IAM console</a><p id="iam_06_0004__en-us_topic_0175653574_p1989320316257">For example, create an agency for OBS and grant it permissions to read monitoring data from AOM.</p>
 </li><li id="iam_06_0004__en-us_topic_0175653574_li158086177523">Automatically creating a cloud service agency to use certain resources<p id="iam_06_0004__en-us_topic_0175653574_p12955434175212"><a name="iam_06_0004__en-us_topic_0175653574_li158086177523"></a><a name="en-us_topic_0175653574_li158086177523"></a>The following takes Scalable File Service (SFS) as an example to describe the procedure for automatically creating a cloud service agency:</p>
 <ol type="a" id="iam_06_0004__en-us_topic_0175653574_ol5494624194317"><li id="iam_06_0004__en-us_topic_0175653574_li124941244437">Go to the SFS console.</li><li id="iam_06_0004__en-us_topic_0175653574_li974319910443">On the <strong id="iam_06_0004__en-us_topic_0175653574_b1659811274313">Create File System</strong> page, enable static data encryption.</li><li id="iam_06_0004__en-us_topic_0175653574_li17760343134418">A dialog box is displayed requesting you to confirm the creation of an SFS agency. After you click <strong id="iam_06_0004__en-us_topic_0175653574_b66161733194510">OK</strong>, the system automatically creates an SFS agency with <strong id="iam_06_0004__en-us_topic_0175653574_b38971050102011">KMS CMKFullAccess</strong> permissions for the current project. With the agency, SFS can obtain KMS keys for encrypting or decrypting file systems.</li><li id="iam_06_0004__en-us_topic_0175653574_li97291277468">You can view the agency in the agency list on the IAM console.</li></ol>
 </li></ol>
--- a/docs/iam/umn/iam_07_0001.html
+++ b/docs/iam/umn/iam_07_0001.html
@ -5,7 +5,7 @@
 <h1 class="topictitle1">Security Settings Overview</h1>
 <div id="body0000001473812946"><p id="iam_07_0001__en-us_topic_0179264308_p1542553217328">You can configure the account settings, critical operation protection, login authentication policy, password policy, and access control list (ACL) on the <strong id="iam_07_0001__en-us_topic_0179264308_b718918141720">Security Settings</strong> page. For details, see <a href="iam_01_0703.html#iam_01_0703">Basic Information</a>, <a href="iam_01_0029.html#iam_01_0029">Critical Operation Protection</a>, <a href="iam_01_0704.html#iam_01_0704">Login Authentication Policy</a>, <a href="iam_01_0607.html#iam_01_0607">Password Policy</a>, and <a href="iam_07_0003.html#iam_07_0003">ACL</a>. This chapter describes how to access the <strong id="iam_07_0001__en-us_topic_0179264308_b013616592065">Security Settings</strong> page and who is the intended audience.</p>
-<div class="section" id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section18538110152210"><h4 class="sectiontitle">Intended Audience</h4><p id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_p1269135614617"><a href="#iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_table9148216234">Table 1</a> lists the intended audience of different functions provided on the <strong id="iam_07_0001__en-us_topic_0179264308_b12648135995112">Security Settings</strong> page and their access permissions for the functions.</p>
+<div class="section" id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section18538110152210"><h4 class="sectiontitle">Intended Audience</h4><p id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_p1269135614617"><a href="#iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_table9148216234">Table 1</a> lists the intended audience of different functions provided on the <strong id="iam_07_0001__en-us_topic_0179264308_b67691654125511">Security Settings</strong> page and their access permissions for the functions.</p>
 <div class="tablenoborder"><a name="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_table9148216234"></a><a name="en-us_topic_0179264308_en-us_topic_0179263545_table9148216234"></a><table cellpadding="4" cellspacing="0" summary="" id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_table9148216234" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Intended audience</caption><thead align="left"><tr id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_row181582192316"><th align="left" class="cellrowborder" valign="top" width="15.73%" id="mcps1.3.2.3.2.3.1.1"><p id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_p11511219234">Function</p>
 </th>
@ -42,7 +42,7 @@
 </table>
 </div>
 </div>
-<div class="section" id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section113256158575"><h4 class="sectiontitle">Accessing the Security Settings Page</h4><ol id="iam_07_0001__en-us_topic_0179264308_ol156481123285"><li id="iam_07_0001__en-us_topic_0179264308_li1687531542812"><span>Log in to the IAM console as an <a href="iam_01_0023.html#iam_01_0023__section1475194083513">administrator</a>.</span></li><li id="iam_07_0001__en-us_topic_0179264308_li46486124286"><span>In the left navigation pane, choose <strong id="iam_07_0001__en-us_topic_0179264308_b14228101282514"></strong><strong id="iam_07_0001__en-us_topic_0179264308_b112281512132518">Security Settings</strong>.</span></li></ol>
+<div class="section" id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section113256158575"><h4 class="sectiontitle">Accessing the Security Settings Page</h4><ol id="iam_07_0001__en-us_topic_0179264308_ol156481123285"><li id="iam_07_0001__en-us_topic_0179264308_li1687531542812"><span>Log in to the IAM console as an <a href="iam_01_0023.html#iam_01_0023__section1475194083513">administrator</a>.</span></li><li id="iam_07_0001__en-us_topic_0179264308_li46486124286"><span>In the left navigation pane, choose <strong id="iam_07_0001__en-us_topic_0179264308_b169901817711"></strong><strong id="iam_07_0001__en-us_topic_0179264308_b49901517812">Security Settings</strong>.</span></li></ol>
 <ul id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_ul070471365910"><li id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_li1670411310595">You and all IAM users created using your account can access the <strong id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_b65333793612">Security Settings</strong> page from the management console.<ol id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_ol11398238191517"><li id="iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_li3398238161515">Log in to the IAM console.</li><li id="iam_07_0001__en-us_topic_0179264308_li72201856133718">In the left navigation pane, choose <strong id="iam_07_0001__en-us_topic_0179264308_b4255141914246">Security Settings</strong>.</li></ol>
 </li></ul>
 </div>
--- a/docs/iam/umn/iam_07_0003.html
+++ b/docs/iam/umn/iam_07_0003.html
@ -5,8 +5,8 @@
 <h1 class="topictitle1">ACL</h1>
 <div id="body0000001474132798"><p id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_p65417254398">The <strong id="iam_07_0003__en-us_topic_0177717042_b18185105063414">ACL</strong> tab of the <a href="iam_07_0001.html#iam_07_0001__en-us_topic_0179264308_en-us_topic_0179263545_section113256158575">Security Settings</a> page provides the <a href="#iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_section1659055844011">IP Address Ranges</a>, <a href="#iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_section5282253478">IPv4 CIDR Blocks</a>, and <a href="#iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_section148601027258">VPC Endpoints</a> settings for allowing user access only from specified IP address ranges, IPv4 CIDR blocks, or VPC endpoints.</p>
-<p id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_p20918481397">Only the <a href="iam_01_0023.html#iam_01_0023__section1475194083513">administrator</a> can configure the ACL. If an IAM user needs to configure the ACL, the user can request the administrator to perform the configuration or grant the required permissions.</p>
+<p id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_p20918481397">Only the <a href="iam_01_0034.html">administrator</a> can configure the ACL. If an IAM user needs to configure the ACL, the user can request the administrator to perform the configuration or grant the required permissions.</p>
-<div class="p" id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_p846285314599"><strong id="iam_07_0003__en-us_topic_0177717042_b229335124613">Access type:</strong><ul id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_ul1726218495594"><li id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_li3744103710445"><strong id="iam_07_0003__en-us_topic_0177717042_b109881144151510">Console Access</strong> (recommended): The ACL takes effect only for IAM users who are created using your account and have access to the console. </li><li id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_li1426274995910"><strong id="iam_07_0003__en-us_topic_0177717042_b1831433873118">API Access</strong>: The ACL controls users' API access through API Gateway and takes effect only for IAM users two hours after you complete the configuration.</li></ul>
+<div class="p" id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_p846285314599"><strong id="iam_07_0003__en-us_topic_0177717042_b229335124613">Access type:</strong><ul id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_ul1726218495594"><li id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_li3744103710445"><strong id="iam_07_0003__en-us_topic_0177717042_b591961115314">Console Access</strong> (recommended): The ACL takes effect only for IAM users who are created using your account and have access to the console.</li><li id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_li1426274995910"><strong id="iam_07_0003__en-us_topic_0177717042_b8790232135312">API Access</strong>: The ACL controls users' API access through API Gateway and takes effect only for IAM users two hours after you complete the configuration.</li></ul>
 </div>
 <div class="note" id="iam_07_0003__en-us_topic_0177717042_en-us_topic_0176803440_note143415794617"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_07_0003__en-us_topic_0177717042_ul166011785449"><li id="iam_07_0003__en-us_topic_0177717042_li46016884411">You can configure a maximum of 200 access control items.</li></ul>
 </div></div>
--- a/docs/iam/umn/iam_08_0003.html
+++ b/docs/iam/umn/iam_08_0003.html
@ -10,7 +10,7 @@
 </p></li><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li19378125420417"><span>Upload the metadata file to the enterprise IdP server. For details, see the help documentation of the enterprise IdP.</span></li><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li17371448151420"><span>Obtain the metadata file of the enterprise IdP. For details, see the help documentation of the enterprise IdP.</span></li></ol>
 </div>
 <div class="section" id="iam_08_0003__en-us_topic_0272447057_section1725417499229"><h4 class="sectiontitle">Creating an IdP Entity on the Cloud Platform</h4><p id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_p14271944725">To create an IdP entity on the IAM console, do as follows:</p>
-<ol id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_ol21644229"><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li7670737"><span>Log in to the IAM console, choose <strong id="iam_08_0003__en-us_topic_0272447057_b1938015403">Identity Providers</strong> from the navigation pane, and click <strong id="iam_08_0003__en-us_topic_0272447057_b493811113409">Create Identity Provider</strong> in the upper right corner.</span><p><div class="fignone" id="iam_08_0003__en-us_topic_0272447057_fig2842101120617"><span class="figcap"><b>Figure 1 </b>Creating an IdP entity</span><br><span><img id="iam_08_0003__en-us_topic_0272447057_image10842911668" src="en-us_image_0000001607217960.png" height="138.263475" width="456.855" title="Click to enlarge" class="imgResize"></span></div>
+<ol id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_ol21644229"><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li7670737"><span>Log in to the IAM console, choose <strong id="iam_08_0003__en-us_topic_0272447057_b411914512287">Identity Providers</strong> from the navigation pane, and click <strong id="iam_08_0003__en-us_topic_0272447057_b19119124517284">Create Identity Provider</strong> in the upper right corner.</span><p><div class="fignone" id="iam_08_0003__en-us_topic_0272447057_fig2842101120617"><span class="figcap"><b>Figure 1 </b>Creating an IdP entity</span><br><span><img id="iam_08_0003__en-us_topic_0272447057_image10842911668" src="en-us_image_0000001607217960.png" height="138.263475" width="456.855" title="Click to enlarge" class="imgResize"></span></div>
 </p></li><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li202871146194"><span>Specify the name, protocol, SSO type, status, and description of the IdP entity.</span><p><div class="fignone" id="iam_08_0003__en-us_topic_0272447057_fig8619797713"><span class="figcap"><b>Figure 2 </b>Setting IdP parameters</span><br><span><img id="iam_08_0003__en-us_topic_0272447057_image66201891276" src="en-us_image_0000001656578205.png" width="397.005" height="364.887495" title="Click to enlarge" class="imgResize"></span></div>
 <div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_08_0003__en-us_topic_0272447057_table13359917121514" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Basic parameters of an IdP</caption><thead align="left"><tr id="iam_08_0003__en-us_topic_0272447057_row15360181711151"><th align="left" class="cellrowborder" valign="top" width="16.79%" id="mcps1.3.4.3.2.2.2.2.3.1.1"><p id="iam_08_0003__en-us_topic_0272447057_p1036014179156">Parameter</p>
@ -124,11 +124,11 @@
 </li></ul>
 </div>
 </div>
-<div class="section" id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_section251463513316"><h4 class="sectiontitle">Related Operations</h4><ul id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_ul4296945016821"><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li3998488416821">Viewing IdP information: In the IdP list, click <strong id="iam_08_0003__en-us_topic_0272447057_b38461712175">View</strong> in the row containing the IdP, and view its basic information, metadata, and identity conversion rules.<div class="note" id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_note1768310816844"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_p2493024416844">To modify the configuration of an IdP, click <strong id="iam_08_0003__en-us_topic_0272447057_b7611722191713">Modify</strong> at the bottom of the details page.</p>
+<div class="section" id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_section251463513316"><h4 class="sectiontitle">Related Operations</h4><ul id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_ul4296945016821"><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li3998488416821">Viewing IdP information: In the IdP list, click <strong id="iam_08_0003__en-us_topic_0272447057_b38461712175">View</strong> in the row containing the IdP, and view its basic information, metadata configuration, and identity conversion rules.<div class="note" id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_note1768310816844"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_p2493024416844">To modify the configuration of an IdP, click <strong id="iam_08_0003__en-us_topic_0272447057_b7611722191713">Modify</strong> at the bottom of the details page.</p>
 </div></div>
 </li><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li1227968616821">Modifying an IdP: In the IdP list, click <strong id="iam_08_0003__en-us_topic_0272447057_b63521155131414">Modify</strong> in the row containing the IdP, and then change its status or modify the description, metadata, or identity conversion rules.</li><li id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_li5904713316821">Deleting an IdP: In the IdP list, click <strong id="iam_08_0003__en-us_topic_0272447057_b19497449171710">Delete</strong> in the row containing the IdP, and click <strong id="iam_08_0003__en-us_topic_0272447057_b849817493172">Yes</strong> in the displayed dialog box.</li></ul>
 </div>
-<div class="section" id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_section39638585"><h4 class="sectiontitle">Follow-Up Procedure</h4><ul id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_ul11792191715210"><li id="iam_08_0003__en-us_topic_0272447057_li1256523019563">Configure the enterprise IdP: Configure enterprise IdP parameters to determine what information can be sent to the cloud platform.</li><li id="iam_08_0003__en-us_topic_0272447057_li25282052115619">Configure identity conversion rules: In the <strong id="iam_08_0003__en-us_topic_0272447057_b2811125619190">Identity Conversion Rules</strong> area, configure identity conversion rules to establish a mapping between enterprise users and IAM user groups. In this way, enterprise users can obtain the corresponding permissions in the cloud platform. For details, see <a href="iam_08_0004.html#iam_08_0004">Step 3: Configure Identity Conversion Rules</a>.</li><li id="iam_08_0003__en-us_topic_0272447057_li53241455165615">Verify the federated login: Check whether the enterprise user can log in to the cloud platform through SSO. For details, see <a href="iam_08_0025.html#iam_08_0025">Step 4: Verify the Federated Login</a>.</li></ul>
+<div class="section" id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_section39638585"><h4 class="sectiontitle">Follow-Up Procedure</h4><ul id="iam_08_0003__en-us_topic_0272447057_en-us_topic_0175818704_ul11792191715210"><li id="iam_08_0003__en-us_topic_0272447057_li1256523019563">Configure the enterprise IdP: Configure enterprise IdP parameters to determine what information can be sent to the cloud platform.</li><li id="iam_08_0003__en-us_topic_0272447057_li25282052115619">Configure identity conversion rules: In the <strong id="iam_08_0003__en-us_topic_0272447057_b1615301313388">Identity Conversion Rules</strong> area, configure identity conversion rules to establish a mapping between enterprise users and IAM user groups. In this way, enterprise users can obtain the corresponding permissions in the cloud platform. For details, see <a href="iam_08_0004.html#iam_08_0004">Step 3: Configure Identity Conversion Rules</a>.</li><li id="iam_08_0003__en-us_topic_0272447057_li53241455165615">Verify the federated login: Check whether the enterprise user can log in to the cloud platform through SSO. For details, see <a href="iam_08_0025.html#iam_08_0025">Step 4: Verify the Federated Login</a>.</li></ul>
 </div>
 </div>
 <div>
--- a/docs/iam/umn/iam_08_0004.html
+++ b/docs/iam/umn/iam_08_0004.html
@ -1,15 +1,15 @@
 <a name="iam_08_0004"></a><a name="iam_08_0004"></a>
 <h1 class="topictitle1">Step 3: Configure Identity Conversion Rules</h1>
-<div id="body1598524160363"><p id="iam_08_0004__en-us_topic_0272447058_p1581711464615">After an enterprise IdP user logs in to the cloud platform, the cloud platform authenticates the identity and assigns permissions to the user based on the identity conversion rules. You can customize identity conversion rules based on your service requirements. If you do not configure identity conversion rules, the username of the federated user on the cloud platform is <strong id="iam_08_0004__en-us_topic_0272447058_b12497113518215">FederationUser</strong> by default, and the federated user can only access the cloud platform by default.</p>
+<div id="body1598524160363"><p id="iam_08_0004__en-us_topic_0272447058_p1581711464615">After an enterprise IdP user logs in to the cloud platform, the cloud platform authenticates the identity and assigns permissions to the user based on the identity conversion rules. You can customize identity conversion rules based on your service requirements. If you do not configure identity conversion rules, the username of the federated user on the cloud platform is <strong id="iam_08_0004__en-us_topic_0272447058_b12705203819914">FederationUser</strong> by default, and the federated user can only access the cloud platform by default.</p>
 <p id="iam_08_0004__en-us_topic_0272447058_p18153451373">You can configure the following parameters for federated users:</p>
 <ul id="iam_08_0004__en-us_topic_0272447058_ul186419101875"><li id="iam_08_0004__en-us_topic_0272447058_li1964101013719">Username: Usernames of federated users in the cloud platform.</li><li id="iam_08_0004__en-us_topic_0272447058_li96418101372">User permissions: Permissions assigned to federated users in the cloud platform. You need to map the federated users to IAM user groups. In this way, the federated users can obtain the permissions of the user groups to use cloud resources. Ensure that user groups have been created. For details about how to create a user group, see <a href="en-us_topic_0046611269.html">Creating a User Group and Assigning Permissions</a>.</li></ul>
-<div class="note" id="iam_08_0004__en-us_topic_0272447058_note1948818531918"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_08_0004__en-us_topic_0272447058_ul13451511218"><li id="iam_08_0004__en-us_topic_0272447058_li1945151328">Modifications to identity conversion rules will take effect the next time federated users log in.</li><li id="iam_08_0004__en-us_topic_0272447058_li194511711521">To modify the permissions of a user, modify the permissions of the user group to which the user belongs. Then restart the enterprise IdP for the modifications to take effect.</li></ul>
+<div class="note" id="iam_08_0004__en-us_topic_0272447058_note1948818531918"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_08_0004__en-us_topic_0272447058_ul13451511218"><li id="iam_08_0004__en-us_topic_0272447058_li1945151328">Modifications to identity conversion rules will take effect the next time federated users log in.</li><li id="iam_08_0004__en-us_topic_0272447058_li194511711521">To modify the permissions of a user, modify the permissions of the user group which the user belongs to. Then restart the enterprise IdP for the modifications to take effect.</li></ul>
 </div></div>
 <div class="section" id="iam_08_0004__en-us_topic_0272447058_section52965331"><h4 class="sectiontitle">Prerequisites</h4><ul id="iam_08_0004__en-us_topic_0272447058_ul71351054188"><li id="iam_08_0004__en-us_topic_0272447058_li71351054585">The enterprise administrator has created an account in the cloud platform, and has created user groups and assigned permissions to the group in IAM. For details, see <a href="en-us_topic_0046611269.html">Creating a User Group and Assigning Permissions</a>.</li><li id="iam_08_0004__en-us_topic_0272447058_li11356541486">An IdP has been created in the cloud platform. For details, see <a href="iam_08_0003.html#iam_08_0003">Step 1: Create an IdP Entity</a>.</li></ul>
 </div>
 <div class="section" id="iam_08_0004__en-us_topic_0272447058_en-us_topic_0175818756_section49143529"><h4 class="sectiontitle">Procedure</h4><p id="iam_08_0004__en-us_topic_0272447058_en-us_topic_0175818756_p176995795319">If you configure identity conversion rules by clicking <strong id="iam_08_0004__en-us_topic_0272447058_b59921448112113">Create Rule</strong>, IAM will convert your specified parameters to the JSON format. Alternatively, you can click <strong id="iam_08_0004__en-us_topic_0272447058_b16993134802114">Edit Rule</strong> to directly configure rules in JSON format. For details, see <a href="en-us_topic_0079620340.html">Syntax of Identity Conversion Rules</a>.</p>
-<ul id="iam_08_0004__en-us_topic_0272447058_ul13542143916305"><li id="iam_08_0004__en-us_topic_0272447058_li0542239143020"><strong id="iam_08_0004__en-us_topic_0272447058_b19399501920">Creating Rules</strong><ol id="iam_08_0004__en-us_topic_0272447058_ol14917184617414"><li id="iam_08_0004__en-us_topic_0272447058_li10914546144114">Log in to the IAM console as the administrator. In the navigation pane, choose <strong id="iam_08_0004__en-us_topic_0272447058_b65190298177">Identity Providers</strong>.</li><li id="iam_08_0004__en-us_topic_0272447058_li8914046174111">In the IdP list, click <strong id="iam_08_0004__en-us_topic_0272447058_b24132712277">Modify</strong> in the row containing the IdP.</li><li id="iam_08_0004__en-us_topic_0272447058_li9917104619415">In the <strong id="iam_08_0004__en-us_topic_0272447058_b8550101092318">Identity Conversion Rules</strong> area, click <strong id="iam_08_0004__en-us_topic_0272447058_b13550181062310">Create Rule</strong>. Then, configure the rules in the <strong id="iam_08_0004__en-us_topic_0272447058_b17550151019231">Create Rule</strong> dialog box.<div class="p" id="iam_08_0004__en-us_topic_0272447058_p1757145612143">
+<ul id="iam_08_0004__en-us_topic_0272447058_ul13542143916305"><li id="iam_08_0004__en-us_topic_0272447058_li0542239143020"><strong id="iam_08_0004__en-us_topic_0272447058_b19399501920">Creating Rules</strong><ol id="iam_08_0004__en-us_topic_0272447058_ol14917184617414"><li id="iam_08_0004__en-us_topic_0272447058_li10914546144114">Log in to the IAM console as the administrator. In the navigation pane, choose <strong id="iam_08_0004__en-us_topic_0272447058_b1845044201214">Identity Providers</strong>.</li><li id="iam_08_0004__en-us_topic_0272447058_li8914046174111">In the IdP list, click <strong id="iam_08_0004__en-us_topic_0272447058_b24132712277">Modify</strong> in the row containing the IdP.</li><li id="iam_08_0004__en-us_topic_0272447058_li9917104619415">In the <strong id="iam_08_0004__en-us_topic_0272447058_b8550101092318">Identity Conversion Rules</strong> area, click <strong id="iam_08_0004__en-us_topic_0272447058_b13550181062310">Create Rule</strong>. Then, configure the rules in the <strong id="iam_08_0004__en-us_topic_0272447058_b17550151019231">Create Rule</strong> dialog box.<div class="p" id="iam_08_0004__en-us_topic_0272447058_p1757145612143">
 <div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_08_0004__en-us_topic_0272447058_table14452194925816" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameter description</caption><thead align="left"><tr id="iam_08_0004__en-us_topic_0272447058_row1545012496582"><th align="left" class="cellrowborder" valign="top" width="14.34%" id="mcps1.3.6.3.1.2.3.4.1.2.4.1.1"><p id="iam_08_0004__en-us_topic_0272447058_p12450249115814">Parameter</p>
 </th>
 <th align="left" class="cellrowborder" valign="top" width="21.97%" id="mcps1.3.6.3.1.2.3.4.1.2.4.1.2"><p id="iam_08_0004__en-us_topic_0272447058_p6450174913580">Description</p>
@ -39,7 +39,7 @@
 <td class="cellrowborder" valign="top" width="21.97%" headers="mcps1.3.6.3.1.2.3.4.1.2.4.1.2 "><p id="iam_08_0004__en-us_topic_0272447058_p545134965810">Conditions that a federated user must meet to obtain permissions from the selected user groups.</p>
 </td>
 <td class="cellrowborder" valign="top" width="63.690000000000005%" headers="mcps1.3.6.3.1.2.3.4.1.2.4.1.3 "><p id="iam_08_0004__en-us_topic_0272447058_p13451649165819">Federated users who do not meet these conditions cannot access the cloud platform. You can create a maximum of 10 conditions for an identity conversion rule.</p>
-<p id="iam_08_0004__en-us_topic_0272447058_p4451104995813">The <strong id="iam_08_0004__en-us_topic_0272447058_b6660658132512">Attribute</strong> and <strong id="iam_08_0004__en-us_topic_0272447058_b20665258122517">Value</strong> parameters are used for the enterprise IdP to transfer user information to the cloud platform through SAML assertions. The <strong id="iam_08_0004__en-us_topic_0272447058_b3666115842515">Condition</strong> parameter can be set to <strong id="iam_08_0004__en-us_topic_0272447058_b9666145815253">empty</strong>, <strong id="iam_08_0004__en-us_topic_0272447058_b566615581253">any_one_of</strong>, or <strong id="iam_08_0004__en-us_topic_0272447058_b166617587250">not_any_of</strong>. For details about these parameters, see <a href="en-us_topic_0079620340.html">Syntax of Identity Conversion Rules</a>.</p>
+<p id="iam_08_0004__en-us_topic_0272447058_p4451104995813">The <strong id="iam_08_0004__en-us_topic_0272447058_b137644901214">Attribute</strong> and <strong id="iam_08_0004__en-us_topic_0272447058_b6376184991219">Value</strong> parameters are used for the enterprise IdP to transfer user information to the cloud platform through SAML assertions. The <strong id="iam_08_0004__en-us_topic_0272447058_b20377649121213">Condition</strong> parameter can be set to <strong id="iam_08_0004__en-us_topic_0272447058_b1637712491127">empty</strong>, <strong id="iam_08_0004__en-us_topic_0272447058_b1137834931210">any_one_of</strong>, or <strong id="iam_08_0004__en-us_topic_0272447058_b237814951216">not_any_of</strong>. For details about these parameters, see <a href="en-us_topic_0079620340.html">Syntax of Identity Conversion Rules</a>.</p>
 <div class="note" id="iam_08_0004__en-us_topic_0272447058_note3452124915582"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="iam_08_0004__en-us_topic_0272447058_ul545254912585"><li id="iam_08_0004__en-us_topic_0272447058_li84521049185817">An identity conversion rule can have multiple conditions. It takes effect only if all of the conditions are met.</li><li id="iam_08_0004__en-us_topic_0272447058_li1745234985812">An IdP can have multiple identity conversion rules. If a federated user does not meet any of the conditions, the user will be denied to access the cloud platform.</li></ul>
 </div></div>
 </td>
--- a/docs/iam/umn/iam_08_0005.html
+++ b/docs/iam/umn/iam_08_0005.html
@ -5,7 +5,7 @@
 <div class="section" id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_section101261732122720"><h4 class="sectiontitle">Prerequisites</h4><ul id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_ul861722713292"><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li161712712295">An IdP entity has been created on the cloud platform. For details about how to create an IdP entity, see <a href="iam_08_0003.html#iam_08_0003">Step 1: Create an IdP Entity</a>.</li><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li18261122972912">The login entry for logging in to the cloud platform has been configured in the enterprise management system.</li></ul>
 </div>
 <div class="section" id="iam_08_0005__en-us_topic_0272447059_section5458311242"><h4 class="sectiontitle">Procedure</h4><ol id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_ol14850112215417"><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li2195162413293"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_08_0005__en-us_topic_0272447059_b968414175411">Identity Providers</strong>.</span></li><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li46555223151553"><span>Click <strong id="iam_08_0005__en-us_topic_0272447059_b1067784145414">View</strong> in the row containing the IdP.</span><p><div class="fignone" id="iam_08_0005__en-us_topic_0272447059_fig92711056131216"><span class="figcap"><b>Figure 1 </b>Viewing IdP details</span><br><span><img id="iam_08_0005__en-us_topic_0272447059_image32716560125" src="en-us_image_0000001607219512.png" height="124.97079" width="463.83750000000003" title="Click to enlarge" class="imgResize"></span></div>
-</p></li><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li1967991814556"><span>Copy the login link by clicking <span><img id="iam_08_0005__en-us_topic_0272447059_image1230813175415" src="en-us_image_0000001646367745.png"></span> in the <strong id="iam_08_0005__en-us_topic_0272447059_b123131311547">Login link</strong> row.</span><p><div class="fignone" id="iam_08_0005__en-us_topic_0272447059_fig042712713127"><span class="figcap"><b>Figure 2 </b>Copying the login link</span><br><span><img id="iam_08_0005__en-us_topic_0272447059_image542807171218" src="en-us_image_0000001607259280.png" height="226.40563400000002" width="474.81" title="Click to enlarge" class="imgResize"></span></div>
+</p></li><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li1967991814556"><span>Copy the login link by clicking <span><img id="iam_08_0005__en-us_topic_0272447059_image1230813175415" src="en-us_image_0000001646367745.png"></span> in the <strong id="iam_08_0005__en-us_topic_0272447059_b123131311547">Login Link</strong> row.</span><p><div class="fignone" id="iam_08_0005__en-us_topic_0272447059_fig042712713127"><span class="figcap"><b>Figure 2 </b>Copying the login link</span><br><span><img id="iam_08_0005__en-us_topic_0272447059_image542807171218" src="en-us_image_0000001607259280.png" height="226.40563400000002" width="474.81" title="Click to enlarge" class="imgResize"></span></div>
 </p></li><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li15844132155518"><span>Add the following statement to the page file of the enterprise management system:</span><p><pre class="screen" id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_screen64715579">&lt;a href="&lt;<em id="iam_08_0005__en-us_topic_0272447059_i61012056155412">Login link</em>&gt;"&gt; Cloud platform login entry &lt;/a&gt;</pre>
 </p></li><li id="iam_08_0005__en-us_topic_0272447059_en-us_topic_0176296742_li1494375833114"><span>Log in to the enterprise management system using your enterprise account, and click the configured login link to access the cloud platform.</span></li></ol>
 </div>
--- a/docs/iam/umn/iam_08_0007.html
+++ b/docs/iam/umn/iam_08_0007.html
@ -5,7 +5,7 @@
 <div class="section" id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_section101261732122720"><h4 class="sectiontitle">Prerequisites</h4><ul id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_ul861722713292"><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li161712712295">An IdP entity has been created on the cloud platform. For details about how to create an IdP entity, see <a href="iam_08_0003.html#iam_08_0003">Step 1: Create an IdP Entity</a>.</li><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li18261122972912">The login entry for logging in to the cloud platform has been configured in the enterprise management system.</li></ul>
 </div>
 <div class="section" id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_section5458311242"><h4 class="sectiontitle">Procedure</h4><ol id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_ol14850112215417"><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li2195162413293"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_b968414175411">Identity Providers</strong>.</span></li><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li46555223151553"><span>Click <strong id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_b1067784145414">View</strong> in the row containing the IdP.</span><p><div class="fignone" id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_fig92711056131216"><span class="figcap"><b>Figure 1 </b>Viewing IdP details</span><br><span><img id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_image32716560125" src="en-us_image_0000001607219512.png" height="124.97079" width="463.83750000000003" title="Click to enlarge" class="imgResize"></span></div>
-</p></li><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li1967991814556"><span>Copy the login link by clicking <span><img id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_image1230813175415" src="en-us_image_0000001646367745.png"></span> in the <strong id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_b123131311547">Login link</strong> row.</span><p><div class="fignone" id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_fig042712713127"><span class="figcap"><b>Figure 2 </b>Copying the login link</span><br><span><img id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_image542807171218" src="en-us_image_0000001607259280.png" height="226.40563400000002" width="474.81" title="Click to enlarge" class="imgResize"></span></div>
+</p></li><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li1967991814556"><span>Copy the login link by clicking <span><img id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_image1230813175415" src="en-us_image_0000001646367745.png"></span> in the <strong id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_b123131311547">Login Link</strong> row.</span><p><div class="fignone" id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_fig042712713127"><span class="figcap"><b>Figure 2 </b>Copying the login link</span><br><span><img id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_image542807171218" src="en-us_image_0000001607259280.png" height="226.40563400000002" width="474.81" title="Click to enlarge" class="imgResize"></span></div>
 </p></li><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li15844132155518"><span>Add the following statement to the page file of the enterprise management system:</span><p><pre class="screen" id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_screen64715579">&lt;a href="&lt;<em id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_i61012056155412">Login link</em>&gt;"&gt; Cloud platform login entry &lt;/a&gt;</pre>
 </p></li><li id="iam_08_0007__en-us_topic_0272487696_en-us_topic_0272447059_en-us_topic_0176296742_li1494375833114"><span>Log in to the enterprise management system using your enterprise account, and click the configured login link to access the cloud platform.</span></li></ol>
 </div>
--- a/docs/iam/umn/iam_08_0008.html
+++ b/docs/iam/umn/iam_08_0008.html
@ -1,44 +1,43 @@
 <a name="iam_08_0008"></a><a name="iam_08_0008"></a>
 <h1 class="topictitle1">Step 2: Configure Identity Conversion Rules</h1>
-<div id="body1598524160363"><p id="iam_08_0008__en-us_topic_0272668140_p41845487216">Federated users are named <strong id="iam_08_0008__en-us_topic_0272668140_b43751964517">FederationUser</strong> by default in the cloud platform. These users can only log in to the cloud platform and they do not have any other permissions. You can configure identity conversion rules on the IAM console to achieve the following:</p>
+<div id="body1598524160363"><p id="iam_08_0008__en-us_topic_0272668140_p41845487216">Federated users are named <strong id="iam_08_0008__en-us_topic_0272668140_b7154144212384">FederationUser</strong> by default in the cloud platform. These users can only log in to the cloud platform and they do not have any other permissions. You can configure identity conversion rules on the IAM console to achieve the following:</p>
 <ul id="iam_08_0008__en-us_topic_0272668140_ul418464817219"><li id="iam_08_0008__en-us_topic_0272668140_li11184114802114">Display enterprise users with different names in the cloud platform.</li><li id="iam_08_0008__en-us_topic_0272668140_li98061347112212">Assign permissions to enterprise users to use the cloud platform resources by mapping these users to IAM user groups. Ensure that you have created the required user groups. For details, see <a href="en-us_topic_0046611269.html">Creating a User Group and Assigning Permissions</a>.</li></ul>
-<div class="note" id="iam_08_0008__en-us_topic_0272668140_note1948818531918"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_08_0008__en-us_topic_0272668140_ul13451511218"><li id="iam_08_0008__en-us_topic_0272668140_li1945151328">Modifications to identity conversion rules will take effect only after the federated users log in again.</li><li id="iam_08_0008__en-us_topic_0272668140_li194511711521">To modify the permissions of a user, modify the permissions of the user group to which the user belongs. Then restart the enterprise IdP for the modifications to take effect.</li></ul>
+<div class="note" id="iam_08_0008__en-us_topic_0272668140_note1948818531918"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="iam_08_0008__en-us_topic_0272668140_ul13451511218"><li id="iam_08_0008__en-us_topic_0272668140_li1945151328">Modifications to identity conversion rules will take effect the next time federated users log in.</li><li id="iam_08_0008__en-us_topic_0272668140_li194511711521">To modify the permissions of a user, modify the permissions of the user group which the user belongs to. Then restart the enterprise IdP for the modifications to take effect.</li></ul>
 </div></div>
 <div class="section" id="iam_08_0008__en-us_topic_0272668140_section52965331"><h4 class="sectiontitle">Prerequisites</h4><p id="iam_08_0008__en-us_topic_0272668140_p788583051816">An IdP entity has been created, and the login link of the IdP is accessible. (For details about how to create and verify an IdP entity, see <a href="iam_08_0009.html#iam_08_0009">Step 1: Create an IdP Entity</a>.)</p>
 </div>
 <div class="section" id="iam_08_0008__en-us_topic_0272668140_en-us_topic_0175818756_section49143529"><h4 class="sectiontitle">Procedure</h4><p id="iam_08_0008__en-us_topic_0272668140_en-us_topic_0175818756_p176995795319">If you configure identity conversion rules by clicking <strong id="iam_08_0008__en-us_topic_0272668140_b772817219113">Create Rule</strong>, IAM converts the rule parameters to the JSON format. Alternatively, you can click <strong id="iam_08_0008__en-us_topic_0272668140_b1873492111114">Edit Rule</strong> to configure rules in JSON format. For details, see <a href="en-us_topic_0079620340.html">Syntax of Identity Conversion Rules</a>.</p>
-<ul id="iam_08_0008__en-us_topic_0272668140_ul13542143916305"><li id="iam_08_0008__en-us_topic_0272668140_li0542239143020"><strong id="iam_08_0008__en-us_topic_0272668140_b19495192191220">Creating Rules</strong><ol id="iam_08_0008__en-us_topic_0272668140_ol14917184617414"><li id="iam_08_0008__en-us_topic_0272668140_li10914546144114">Log in to the IAM console as the administrator. In the navigation pane, choose <strong id="iam_08_0008__en-us_topic_0272668140_b1192531511515">Identity Providers</strong>.</li><li id="iam_08_0008__en-us_topic_0272668140_li8914046174111">In the IdP list, click <strong id="iam_08_0008__en-us_topic_0272668140_b083214199510">Modify</strong> in the row containing the IdP.</li><li id="iam_08_0008__en-us_topic_0272668140_li9917104619415">In the <strong id="iam_08_0008__en-us_topic_0272668140_b675592216515">Identity Conversion Rules</strong> area, click <strong id="iam_08_0008__en-us_topic_0272668140_b675520220513">Create Rule</strong>. Then, configure the rules in the <strong id="iam_08_0008__en-us_topic_0272668140_b1756182225120">Create Rule</strong> dialog box.<div class="fignone" id="iam_08_0008__en-us_topic_0272668140_fig119361628122210"><span class="figcap"><b>Figure 1 </b>Setting parameters</span><br><span><img id="iam_08_0008__en-us_topic_0272668140_image29361728102218" src="en-us_image_0289500726.png" height="243.83328900000004" width="465.5" title="Click to enlarge" class="imgResize"></span></div>
+<ul id="iam_08_0008__en-us_topic_0272668140_ul13542143916305"><li id="iam_08_0008__en-us_topic_0272668140_li0542239143020"><strong id="iam_08_0008__en-us_topic_0272668140_b19495192191220">Creating Rules</strong><ol id="iam_08_0008__en-us_topic_0272668140_ol14917184617414"><li id="iam_08_0008__en-us_topic_0272668140_li10914546144114">Log in to the IAM console as the administrator. In the navigation pane, choose <strong id="iam_08_0008__en-us_topic_0272668140_b1192531511515">Identity Providers</strong>.</li><li id="iam_08_0008__en-us_topic_0272668140_li8914046174111">In the IdP list, click <strong id="iam_08_0008__en-us_topic_0272668140_b083214199510">Modify</strong> in the row containing the IdP.</li><li id="iam_08_0008__en-us_topic_0272668140_li9917104619415">In the <strong id="iam_08_0008__en-us_topic_0272668140_b675592216515">Identity Conversion Rules</strong> area, click <strong id="iam_08_0008__en-us_topic_0272668140_b675520220513">Create Rule</strong>. Then, configure the rules in the <strong id="iam_08_0008__en-us_topic_0272668140_b1756182225120">Create Rule</strong> dialog box.<div class="p" id="iam_08_0008__en-us_topic_0272668140_p693203613205">
-<div class="p" id="iam_08_0008__en-us_topic_0272668140_p693203613205">
+<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_08_0008__en-us_topic_0272668140_table89316364208" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameter description</caption><thead align="left"><tr id="iam_08_0008__en-us_topic_0272668140_row2093153612208"><th align="left" class="cellrowborder" valign="top" width="14.34%" id="mcps1.3.5.3.1.2.3.4.1.2.4.1.1"><p id="iam_08_0008__en-us_topic_0272668140_p6931236182020">Parameter</p>
 <div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_08_0008__en-us_topic_0272668140_table89316364208" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameter description</caption><thead align="left"><tr id="iam_08_0008__en-us_topic_0272668140_row2093153612208"><th align="left" class="cellrowborder" valign="top" width="14.34%" id="mcps1.3.5.3.1.2.3.5.1.2.4.1.1"><p id="iam_08_0008__en-us_topic_0272668140_p6931236182020">Parameter</p>
 </th>
-<th align="left" class="cellrowborder" valign="top" width="21.97%" id="mcps1.3.5.3.1.2.3.5.1.2.4.1.2"><p id="iam_08_0008__en-us_topic_0272668140_p293143672016">Description</p>
+<th align="left" class="cellrowborder" valign="top" width="21.97%" id="mcps1.3.5.3.1.2.3.4.1.2.4.1.2"><p id="iam_08_0008__en-us_topic_0272668140_p293143672016">Description</p>
 </th>
-<th align="left" class="cellrowborder" valign="top" width="63.690000000000005%" id="mcps1.3.5.3.1.2.3.5.1.2.4.1.3"><p id="iam_08_0008__en-us_topic_0272668140_p393153613203">Remarks</p>
+<th align="left" class="cellrowborder" valign="top" width="63.690000000000005%" id="mcps1.3.5.3.1.2.3.4.1.2.4.1.3"><p id="iam_08_0008__en-us_topic_0272668140_p393153613203">Remarks</p>
 </th>
 </tr>
 </thead>
-<tbody><tr id="iam_08_0008__en-us_topic_0272668140_row19313642015"><td class="cellrowborder" valign="top" width="14.34%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.1 "><p id="iam_08_0008__en-us_topic_0272668140_p39353612018">Username</p>
+<tbody><tr id="iam_08_0008__en-us_topic_0272668140_row19313642015"><td class="cellrowborder" valign="top" width="14.34%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.1 "><p id="iam_08_0008__en-us_topic_0272668140_p39353612018">Username</p>
 </td>
-<td class="cellrowborder" valign="top" width="21.97%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.2 "><p id="iam_08_0008__en-us_topic_0272668140_p179333616201">Username of federated users in the cloud platform.</p>
+<td class="cellrowborder" valign="top" width="21.97%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.2 "><p id="iam_08_0008__en-us_topic_0272668140_p179333616201">Username of federated users in the cloud platform.</p>
 </td>
-<td class="cellrowborder" valign="top" width="63.690000000000005%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.3 "><p id="iam_08_0008__en-us_topic_0272668140_p79310365201">To distinguish federated users from users in the cloud platform, it is recommended that you set the username to <strong id="iam_08_0008__en-us_topic_0272668140_b523071513397">FederationUser-</strong><em id="iam_08_0008__en-us_topic_0272668140_i16232171517391">IdP</em><strong id="iam_08_0008__en-us_topic_0272668140_b18233131593920">_</strong><em id="iam_08_0008__en-us_topic_0272668140_i723411157399">XXX</em>. <em id="iam_08_0008__en-us_topic_0272668140_i13427104114516">IdP</em> indicates an IdP name, for example, AD FS or Shibboleth. <em id="iam_08_0008__en-us_topic_0272668140_i8428104145113">XXX</em> indicates a custom name.</p>
+<td class="cellrowborder" valign="top" width="63.690000000000005%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.3 "><p id="iam_08_0008__en-us_topic_0272668140_p79310365201">To distinguish federated users from users in the cloud platform, it is recommended that you set the username to <strong id="iam_08_0008__en-us_topic_0272668140_b92153713399">FederationUser-</strong><em id="iam_08_0008__en-us_topic_0272668140_i1921937193914">IdP</em><strong id="iam_08_0008__en-us_topic_0272668140_b62213719397">_</strong><em id="iam_08_0008__en-us_topic_0272668140_i1622143733914">XXX</em>. <em id="iam_08_0008__en-us_topic_0272668140_i13427104114516">IdP</em> indicates an IdP name, for example, AD FS or Shibboleth. <em id="iam_08_0008__en-us_topic_0272668140_i8428104145113">XXX</em> indicates a custom name.</p>
 <div class="notice" id="iam_08_0008__en-us_topic_0272668140_note09317367206"><span class="noticetitle"> NOTICE: </span><div class="noticebody"><ul id="iam_08_0008__en-us_topic_0272668140_ul898419111598"><li id="iam_08_0008__en-us_topic_0272668140_li97371147195916">The username of each federated user must be unique in the same IdP. Federated users with the same usernames in the same IdP will be mapped to the same IAM user in the cloud platform.</li><li id="iam_08_0008__en-us_topic_0272668140_li257592617112">The username can only contain letters, digits, spaces, hyphens (-), underscores (_), and periods (.). It cannot start with a digit and cannot contain the following special characters: ", \", \\, \n, \r</li></ul>
 </div></div>
 </td>
 </tr>
-<tr id="iam_08_0008__en-us_topic_0272668140_row2093103632016"><td class="cellrowborder" valign="top" width="14.34%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.1 "><p id="iam_08_0008__en-us_topic_0272668140_p1893183610205">User Groups</p>
+<tr id="iam_08_0008__en-us_topic_0272668140_row2093103632016"><td class="cellrowborder" valign="top" width="14.34%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.1 "><p id="iam_08_0008__en-us_topic_0272668140_p1893183610205">User Groups</p>
 </td>
-<td class="cellrowborder" valign="top" width="21.97%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.2 "><p id="iam_08_0008__en-us_topic_0272668140_p189303682010">User groups which the federated users belong to in the cloud platform.</p>
+<td class="cellrowborder" valign="top" width="21.97%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.2 "><p id="iam_08_0008__en-us_topic_0272668140_p189303682010">User groups which the federated users belong to in the cloud platform.</p>
 </td>
-<td class="cellrowborder" valign="top" width="63.690000000000005%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.3 "><p id="iam_08_0008__en-us_topic_0272668140_p19319360203">The federated users will inherit permissions from their user groups. You can select a user group that has already been created.</p>
+<td class="cellrowborder" valign="top" width="63.690000000000005%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.3 "><p id="iam_08_0008__en-us_topic_0272668140_p19319360203">The federated users will inherit permissions from their user groups. You can select a user group that has already been created.</p>
 </td>
 </tr>
-<tr id="iam_08_0008__en-us_topic_0272668140_row1793143615209"><td class="cellrowborder" valign="top" width="14.34%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.1 "><p id="iam_08_0008__en-us_topic_0272668140_p89363622013">Rule Conditions</p>
+<tr id="iam_08_0008__en-us_topic_0272668140_row1793143615209"><td class="cellrowborder" valign="top" width="14.34%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.1 "><p id="iam_08_0008__en-us_topic_0272668140_p89363622013">Rule Conditions</p>
 </td>
-<td class="cellrowborder" valign="top" width="21.97%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.2 "><p id="iam_08_0008__en-us_topic_0272668140_p79353612203">Conditions that a federated user must meet to obtain permissions from the selected user groups.</p>
+<td class="cellrowborder" valign="top" width="21.97%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.2 "><p id="iam_08_0008__en-us_topic_0272668140_p79353612203">Conditions that a federated user must meet to obtain permissions from the selected user groups.</p>
 </td>
-<td class="cellrowborder" valign="top" width="63.690000000000005%" headers="mcps1.3.5.3.1.2.3.5.1.2.4.1.3 "><p id="iam_08_0008__en-us_topic_0272668140_p18931936142014">Federated users who do not meet these conditions cannot access the cloud platform. You can create a maximum of 10 conditions for an identity conversion rule.</p>
+<td class="cellrowborder" valign="top" width="63.690000000000005%" headers="mcps1.3.5.3.1.2.3.4.1.2.4.1.3 "><p id="iam_08_0008__en-us_topic_0272668140_p18931936142014">Federated users who do not meet these conditions cannot access the cloud platform. You can create a maximum of 10 conditions for an identity conversion rule.</p>
 <div class="note" id="iam_08_0008__en-us_topic_0272668140_note1931536132016"><span class="notetitle"> NOTE: </span><div class="notebody"><ul id="iam_08_0008__en-us_topic_0272668140_ul11932363202"><li id="iam_08_0008__en-us_topic_0272668140_li99353672011">An identity conversion rule can have multiple conditions. It takes effect only if all of the conditions are met.</li><li id="iam_08_0008__en-us_topic_0272668140_li39318367201">An IdP can have multiple identity conversion rules. If a federated user does not meet any of the conditions, the user will be denied to access the cloud platform.</li></ul>
 </div></div>
 </td>
@ -48,10 +47,10 @@
 </div>
 </div>
 <p id="iam_08_0008__en-us_topic_0272668140_p11452749185811">For example, set an identity conversion rule for administrators in the enterprise management system.</p>
-<ul id="iam_08_0008__en-us_topic_0272668140_ul15501254101813"><li id="iam_08_0008__en-us_topic_0272668140_li12452164914583">Username: <strong id="iam_08_0008__en-us_topic_0272668140_b6658124411279">FederationUser-IdP_admin</strong></li><li id="iam_08_0008__en-us_topic_0272668140_li1745217491580">User group: <strong id="iam_08_0008__en-us_topic_0272668140_b138274233612">admin</strong></li><li id="iam_08_0008__en-us_topic_0272668140_li1550135415185">Rule condition: <strong id="iam_08_0008__en-us_topic_0272668140_b145711451132715">_NAMEID_</strong> (attribute), <strong id="iam_08_0008__en-us_topic_0272668140_b85771851142713">any_one_of</strong> (condition), and <strong id="iam_08_0008__en-us_topic_0272668140_b19577135110274">000000001</strong> (value).<p id="iam_08_0008__en-us_topic_0272668140_p85015431810">Only the user with ID 000000001 is mapped to IAM user <strong id="iam_08_0008__en-us_topic_0272668140_b1811613310543">FederationUser-IdP_admin</strong> and inherits permissions from the <strong id="iam_08_0008__en-us_topic_0272668140_b4117123145411">admin</strong> user group.</p>
+<ul id="iam_08_0008__en-us_topic_0272668140_ul15501254101813"><li id="iam_08_0008__en-us_topic_0272668140_li12452164914583">Username: <strong id="iam_08_0008__en-us_topic_0272668140_b6658124411279">FederationUser-IdP_admin</strong></li><li id="iam_08_0008__en-us_topic_0272668140_li1745217491580">User group: <strong id="iam_08_0008__en-us_topic_0272668140_b138274233612">admin</strong></li><li id="iam_08_0008__en-us_topic_0272668140_li1550135415185">Rule condition: <strong id="iam_08_0008__en-us_topic_0272668140_b145711451132715">_NAMEID_</strong> (attribute), <strong id="iam_08_0008__en-us_topic_0272668140_b85771851142713">any_one_of</strong> (condition), and <strong id="iam_08_0008__en-us_topic_0272668140_b19577135110274">000000001</strong> (value).<p id="iam_08_0008__en-us_topic_0272668140_p85015431810">Only the user with ID 000000001 is mapped to IAM user <strong id="iam_08_0008__en-us_topic_0272668140_b03385617405">FederationUser-IdP_admin</strong> and inherits permissions from the <strong id="iam_08_0008__en-us_topic_0272668140_b15338116104018">admin</strong> user group.</p>
 </li></ul>
 </li><li id="iam_08_0008__en-us_topic_0272668140_li10917134614120">In the <strong id="iam_08_0008__en-us_topic_0272668140_b145956236216">Create Rule</strong> dialog box, click <strong id="iam_08_0008__en-us_topic_0272668140_b45951023152112">OK</strong>.</li><li id="iam_08_0008__en-us_topic_0272668140_li1391784674114">On the <strong id="iam_08_0008__en-us_topic_0272668140_b10756152414214">Modify Identity Provider</strong> page, click <strong id="iam_08_0008__en-us_topic_0272668140_b475692416214">OK</strong>.</li></ol>
-</li><li id="iam_08_0008__en-us_topic_0272668140_li35426395309"><strong id="iam_08_0008__en-us_topic_0272668140_b112281550191217">Editing Rules</strong><ol id="iam_08_0008__en-us_topic_0272668140_ol89973613317"><li id="iam_08_0008__en-us_topic_0272668140_li10640142116317">Log in to the IAM console as the administrator. In the navigation pane, choose <strong id="iam_08_0008__en-us_topic_0272668140_b15978311135419">Identity Providers</strong>.</li><li id="iam_08_0008__en-us_topic_0272668140_li04881140121913">In the IdP list, click <strong id="iam_08_0008__en-us_topic_0272668140_b468211512546">Modify</strong> in the row containing the IdP.</li><li id="iam_08_0008__en-us_topic_0272668140_li864032110318">In the <strong id="iam_08_0008__en-us_topic_0272668140_b4312919185415">Identity Conversion Rules</strong> area, click <strong id="iam_08_0008__en-us_topic_0272668140_b731317190543">Edit Rule</strong>.</li><li id="iam_08_0008__en-us_topic_0272668140_li51481932183314">Edit the identity conversion rules in JSON format. For details, see <a href="en-us_topic_0079620340.html">Syntax of Identity Conversion Rules</a>.</li><li id="iam_08_0008__en-us_topic_0272668140_li2042015128518">Click <strong id="iam_08_0008__en-us_topic_0272668140_b13148133352116">Validate</strong> to verify the syntax of the rules.</li><li id="iam_08_0008__en-us_topic_0272668140_li106392307521">If the rule is correct, click <strong id="iam_08_0008__en-us_topic_0272668140_b18786124215393">OK</strong> in the <strong id="iam_08_0008__en-us_topic_0272668140_b17931942123912">Edit Rule</strong> dialog box, and click <strong id="iam_08_0008__en-us_topic_0272668140_b6793124243910">OK</strong> on the <strong id="iam_08_0008__en-us_topic_0272668140_b77951042103912">Modify Identity Provider</strong> page.<p id="iam_08_0008__en-us_topic_0272668140_p1479113445212">If a message indicating that the JSON file is incomplete is displayed, modify the statements or click <strong id="iam_08_0008__en-us_topic_0272668140_b171911335112116">Cancel</strong> to cancel the modifications.</p>
+</li><li id="iam_08_0008__en-us_topic_0272668140_li35426395309"><strong id="iam_08_0008__en-us_topic_0272668140_b112281550191217">Editing Rules</strong><ol id="iam_08_0008__en-us_topic_0272668140_ol89973613317"><li id="iam_08_0008__en-us_topic_0272668140_li10640142116317">Log in to the IAM console as the administrator. In the navigation pane, choose <strong id="iam_08_0008__en-us_topic_0272668140_b1291715123404">Identity Providers</strong>.</li><li id="iam_08_0008__en-us_topic_0272668140_li04881140121913">In the IdP list, click <strong id="iam_08_0008__en-us_topic_0272668140_b468211512546">Modify</strong> in the row containing the IdP.</li><li id="iam_08_0008__en-us_topic_0272668140_li864032110318">In the <strong id="iam_08_0008__en-us_topic_0272668140_b4312919185415">Identity Conversion Rules</strong> area, click <strong id="iam_08_0008__en-us_topic_0272668140_b731317190543">Edit Rule</strong>.</li><li id="iam_08_0008__en-us_topic_0272668140_li51481932183314">Edit the identity conversion rules in JSON format. For details, see <a href="en-us_topic_0079620340.html">Syntax of Identity Conversion Rules</a>.</li><li id="iam_08_0008__en-us_topic_0272668140_li2042015128518">Click <strong id="iam_08_0008__en-us_topic_0272668140_b13148133352116">Validate</strong> to verify the syntax of the rules.</li><li id="iam_08_0008__en-us_topic_0272668140_li106392307521">If the rule is correct, click <strong id="iam_08_0008__en-us_topic_0272668140_b18786124215393">OK</strong> in the <strong id="iam_08_0008__en-us_topic_0272668140_b17931942123912">Edit Rule</strong> dialog box, and click <strong id="iam_08_0008__en-us_topic_0272668140_b6793124243910">OK</strong> on the <strong id="iam_08_0008__en-us_topic_0272668140_b77951042103912">Modify Identity Provider</strong> page.<p id="iam_08_0008__en-us_topic_0272668140_p1479113445212">If a message indicating that the JSON file is incomplete is displayed, modify the statements or click <strong id="iam_08_0008__en-us_topic_0272668140_b171911335112116">Cancel</strong> to cancel the modifications.</p>
 </li></ol>
 </li></ul>
 </div>
@ -69,10 +68,3 @@
 </div>
 </div>
 <script language="JavaScript">
 <!--
 image_size('.imgResize');
 var msg_imageMax = "view original image";
 var msg_imageClose = "close";
 //--></script>
--- a/docs/iam/umn/iam_08_0009.html
+++ b/docs/iam/umn/iam_08_0009.html
@ -2,12 +2,12 @@
 <h1 class="topictitle1">Step 1: Create an IdP Entity</h1>
 <div id="body1598524160363"><p id="iam_08_0009__en-us_topic_0272448422_p1981195018257">To establish a trust relationship between an enterprise IdP and the cloud platform, set the user redirect URLs and create OAuth 2.0 credentials in the enterprise IdP. On the IAM console, create an IdP entity and configure authorization information.</p>
-<div class="section" id="iam_08_0009__en-us_topic_0272448422_section4804173815234"><h4 class="sectiontitle">Prerequisites</h4><ul id="iam_08_0009__en-us_topic_0272448422_ul1121752275615"><li id="iam_08_0009__en-us_topic_0272448422_li8181341128">The enterprise administrator has created an account in the cloud platform, and has created user groups and assigned them permissions in IAM. For details, see <a href="en-us_topic_0046611269.html">Creating a User Group and Assigning Permissions</a>. The user groups created in IAM will be mapped to federated users so that the federated users can obtain the permissions of the user groups to use cloud resources.</li><li id="iam_08_0009__en-us_topic_0272448422_li198153013819">The enterprise administrator has read the help documentation of the enterprise IdP or has understood how to use the enterprise IdP. Configurations of different enterprise IdPs differ greatly, so they are not described in this document. For details about how to obtain an enterprise IdP's OAuth 2.0 credentials, see the IdP help documentation.</li></ul>
+<div class="section" id="iam_08_0009__en-us_topic_0272448422_section4804173815234"><h4 class="sectiontitle">Prerequisites</h4><ul id="iam_08_0009__en-us_topic_0272448422_ul1121752275615"><li id="iam_08_0009__en-us_topic_0272448422_li8181341128">The enterprise administrator has created an account on the cloud platform, and has created user groups and assigned them permissions in IAM. For details, see <a href="en-us_topic_0046611269.html">Creating a User Group and Assigning Permissions</a>. The user groups created in IAM will be mapped to federated users so that the federated users can obtain the permissions of the user groups to use cloud resources.</li><li id="iam_08_0009__en-us_topic_0272448422_li198153013819">The enterprise administrator has read the help documentation of the enterprise IdP or has understood how to use the enterprise IdP. Configurations of different enterprise IdPs differ greatly, so they are not described in this document. For details about how to obtain an enterprise IdP's OAuth 2.0 credentials, see the IdP help documentation.</li></ul>
 </div>
-<div class="section" id="iam_08_0009__en-us_topic_0272448422_section81252015115012"><a name="iam_08_0009__en-us_topic_0272448422_section81252015115012"></a><a name="en-us_topic_0272448422_section81252015115012"></a><h4 class="sectiontitle">Creating OAuth 2.0 Credentials in the Enterprise IdP</h4><ol id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_ol15379454241"><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_li19378125420417"><span>Set redirect URLs <strong id="iam_08_0009__en-us_topic_0272448422_b8137597507">https://<span id="iam_08_0009__en-us_topic_0272448422_text10120124135111"></span>/authui/oidc/redirect</strong> and <strong id="iam_08_0009__en-us_topic_0272448422_b11142099504">https://<span id="iam_08_0009__en-us_topic_0272448422_text184105445110"></span>/authui/oidc/post</strong> in the enterprise IdP so that users can be redirected to the OpenID Connect IdP in the cloud platform.</span></li><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_li17371448151420"><span>Obtain OAuth 2.0 credentials of the enterprise IdP.</span></li></ol>
+<div class="section" id="iam_08_0009__en-us_topic_0272448422_section81252015115012"><a name="iam_08_0009__en-us_topic_0272448422_section81252015115012"></a><a name="en-us_topic_0272448422_section81252015115012"></a><h4 class="sectiontitle">Creating OAuth 2.0 Credentials in the Enterprise IdP</h4><ol id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_ol15379454241"><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_li19378125420417"><span>Set redirect URIs <strong id="iam_08_0009__en-us_topic_0272448422_b369052293216">https://<span id="iam_08_0009__en-us_topic_0272448422_text1369042283211"></span>/authui/oidc/redirect</strong> and <strong id="iam_08_0009__en-us_topic_0272448422_b569152223217">https://<span id="iam_08_0009__en-us_topic_0272448422_text1269032217321"></span>/authui/oidc/post</strong> in the enterprise IdP so that users can be redirected to the OpenID Connect IdP in the cloud platform.</span></li><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_li17371448151420"><span>Obtain OAuth 2.0 credentials of the enterprise IdP.</span></li></ol>
 </div>
-<div class="section" id="iam_08_0009__en-us_topic_0272448422_section1725417499229"><h4 class="sectiontitle">Creating an IdP Entity on the Cloud Platform</h4><p id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_p14271944725">Create an IdP entity and configure authorization information in IAM to establish a trust relationship between the enterprise IdP and IAM</p>
+<div class="section" id="iam_08_0009__en-us_topic_0272448422_section1725417499229"><h4 class="sectiontitle">Creating an IdP Entity on the Cloud Platform</h4><p id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_p14271944725">Create an IdP entity and configure authorization information in IAM to establish a trust relationship between the enterprise IdP and IAM.</p>
-<ol id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_ol21644229"><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_li7670737"><span>Log in to the IAM console, choose <strong id="iam_08_0009__en-us_topic_0272448422_b19787619364">Identity Providers</strong> from the navigation pane, and click <strong id="iam_08_0009__en-us_topic_0272448422_b119794619363">Create Identity Provider</strong> in the upper right corner.</span><p><div class="fignone" id="iam_08_0009__en-us_topic_0272448422_fig7233641112318"><span class="figcap"><b>Figure 1 </b>Creating an IdP entity</span><br><span><img id="iam_08_0009__en-us_topic_0272448422_image9234144112319" src="en-us_image_0000001656303721.png" height="139.471381" width="460.845" title="Click to enlarge" class="imgResize"></span></div>
+<ol id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_ol21644229"><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_li7670737"><span>Log in to the IAM console, choose <strong id="iam_08_0009__en-us_topic_0272448422_b12567316153714">Identity Providers</strong> from the navigation pane, and click <strong id="iam_08_0009__en-us_topic_0272448422_b1856731683717">Create Identity Provider</strong> in the upper right corner.</span><p><div class="fignone" id="iam_08_0009__en-us_topic_0272448422_fig7233641112318"><span class="figcap"><b>Figure 1 </b>Creating an IdP entity</span><br><span><img id="iam_08_0009__en-us_topic_0272448422_image9234144112319" src="en-us_image_0000001656303721.png" height="139.471381" width="460.845" title="Click to enlarge" class="imgResize"></span></div>
 </p></li><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0175818704_li202871146194"><span>Enter an IdP name, select <strong id="iam_08_0009__en-us_topic_0272448422_b9726640112815">OpenID Connect</strong> and <strong id="iam_08_0009__en-us_topic_0272448422_b19635592917">Enabled</strong>, and click <strong id="iam_08_0009__en-us_topic_0272448422_b84626312299">OK</strong>.</span><p><div class="fignone" id="iam_08_0009__en-us_topic_0272448422_fig546833182412"><span class="figcap"><b>Figure 2 </b>Setting IdP parameters</span><br><span><img id="iam_08_0009__en-us_topic_0272448422_image1247113318240" src="en-us_image_0000001606944408.png" width="337.15500000000003" height="308.86789500000003" title="Click to enlarge" class="imgResize"></span></div>
 <div class="note" id="iam_08_0009__en-us_topic_0272448422_note19380426847"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_08_0009__en-us_topic_0272448422_p14380526247">The IdP name must be unique under your account. You are advised to use the domain name.</p>
 </div></div>
@ -100,7 +100,7 @@
 </div></div>
 </p></li></ol>
 </div>
-<div class="section" id="iam_08_0009__en-us_topic_0272448422_section23811148114613"><h4 class="sectiontitle">Related Operations</h4><ul id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_ul4296945016821"><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_li3998488416821">Viewing IdP information: In the IdP list, click <strong id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_b38461712175">View</strong> in the row containing the IdP, and view its basic information, metadata, and identity conversion rules.<div class="note" id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_note1768310816844"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_p2493024416844">To modify the configuration of an IdP, click <strong id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_b7611722191713">Modify</strong> at the bottom of the details page.</p>
+<div class="section" id="iam_08_0009__en-us_topic_0272448422_section23811148114613"><h4 class="sectiontitle">Related Operations</h4><ul id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_ul4296945016821"><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_li3998488416821">Viewing IdP information: In the IdP list, click <strong id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_b38461712175">View</strong> in the row containing the IdP, and view its basic information, metadata configuration, and identity conversion rules.<div class="note" id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_note1768310816844"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_p2493024416844">To modify the configuration of an IdP, click <strong id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_b7611722191713">Modify</strong> at the bottom of the details page.</p>
 </div></div>
 </li><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_li1227968616821">Modifying an IdP: In the IdP list, click <strong id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_b63521155131414">Modify</strong> in the row containing the IdP, and then change its status or modify the description, metadata, or identity conversion rules.</li><li id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_en-us_topic_0175818704_li5904713316821">Deleting an IdP: In the IdP list, click <strong id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_b19497449171710">Delete</strong> in the row containing the IdP, and click <strong id="iam_08_0009__en-us_topic_0272448422_en-us_topic_0272447057_b849817493172">Yes</strong> in the displayed dialog box.</li></ul>
 </div>
--- a/docs/iam/umn/iam_08_0010.html
+++ b/docs/iam/umn/iam_08_0010.html
@ -6,7 +6,7 @@
 <h1 class="topictitle1">Overview of Virtual User SSO via OpenID Connect</h1>
 <div id="body0000001606409596"><p id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_p184931879469">This section describes how to configure identity federation and how identity federation works.</p>
 <div class="section" id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_section265513151533"><h4 class="sectiontitle">Configuring Identity Federation</h4><p id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_p54841424581">The following describes how to configure your enterprise IdP and the cloud platform to trust each other.</p>
-<ol id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_ol10515154254010"><li id="iam_08_0010__en-us_topic_0272442730_li2295530111220"><a href="iam_08_0009.html#iam_08_0009">Create an IdP entity and establish a trust relationship</a>: Create OAuth 2.0 credentials in the enterprise IdP. In the cloud platform, create an IdP entity and establish a trust relationship between the two systems.</li><li id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_li551564215408"><a href="iam_08_0008.html#iam_08_0008">Configure identity conversion rules</a>: Configure identity conversion rules in the cloud platform to map the users, user groups, and permissions in the enterprise IdP to the cloud platform.</li><li id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_li1051634215408"><a href="iam_08_0007.html#iam_08_0007">Configure a federated login entry</a>: Configure the login link in the enterprise IdP to allow enterprise users to be redirected to the cloud platform from your enterprise management system.</li></ol>
+<ol id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_ol10515154254010"><li id="iam_08_0010__en-us_topic_0272442730_li2295530111220"><a href="iam_08_0009.html#iam_08_0009">Create an IdP entity and establish a trust relationship</a>: Create OAuth 2.0 credentials in the enterprise IdP. On the cloud platform, create an IdP entity and establish a trust relationship between the two systems.</li><li id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_li551564215408"><a href="iam_08_0008.html#iam_08_0008">Configure identity conversion rules</a>: Configure identity conversion rules on the cloud platform to map the users, user groups, and permissions in the enterprise IdP to the cloud platform.</li><li id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_li1051634215408"><a href="iam_08_0007.html#iam_08_0007">Configure a federated login entry</a>: Configure the login link in the enterprise IdP to allow enterprise users to be redirected to the cloud platform from your enterprise management system.</li></ol>
 </div>
 <div class="section" id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_section7468191134310"><h4 class="sectiontitle">How Identity Federation Works</h4><p id="iam_08_0010__en-us_topic_0272442730_en-us_topic_0175818705_p1535006694447"><a href="#iam_08_0010__en-us_topic_0272442730_fig185551935854">Figure 1</a> shows the identity federation process between an enterprise management system and the cloud platform.</p>
 <div class="fignone" id="iam_08_0010__en-us_topic_0272442730_fig185551935854"><a name="iam_08_0010__en-us_topic_0272442730_fig185551935854"></a><a name="en-us_topic_0272442730_fig185551935854"></a><span class="figcap"><b>Figure 1 </b>How identity federation works</span><br><span><img id="iam_08_0010__en-us_topic_0272442730_image55556357517" src="en-us_image_0000001656576929.png" height="278.5552" width="497.42" title="Click to enlarge" class="imgResize"></span></div>
--- a/docs/iam/umn/iam_08_0025.html
+++ b/docs/iam/umn/iam_08_0025.html
@ -5,7 +5,7 @@
 <h1 class="topictitle1">Step 4: Verify the Federated Login</h1>
 <div id="body0000001606409592"><div class="section" id="iam_08_0025__en-us_topic_0000001341816564_section143010173447"><h4 class="sectiontitle">Verifying the Federated Login</h4><p id="iam_08_0025__en-us_topic_0000001341816564_p950772734410">Federated users can initiate a login from the IdP or SP.</p>
-<ul id="iam_08_0025__en-us_topic_0000001341816564_ul191511348134613"><li id="iam_08_0025__en-us_topic_0000001341816564_li1115124816463">Initiating a login from an IdP, for example, Microsoft Active Directory Federation Services (AD FS) or Shibboleth.</li><li id="iam_08_0025__en-us_topic_0000001341816564_li41511488463">Initiating a login from the SP. You can obtain the login link from the IdP details page on the IAM console.</li></ul>
+<ul id="iam_08_0025__en-us_topic_0000001341816564_ul191511348134613"><li id="iam_08_0025__en-us_topic_0000001341816564_li1115124816463">Initiating a login from an IdP, for example, Microsoft Active Directory Federation Services (AD FS) or Shibboleth.</li><li id="iam_08_0025__en-us_topic_0000001341816564_li41511488463">Initiating a login from the SP (<span id="iam_08_0025__en-us_topic_0000001341816564_text375929152014">the cloud platform</span>). You can obtain the login link from the IdP details page on the IAM console.</li></ul>
 <p id="iam_08_0025__en-us_topic_0000001341816564_p211611213719">The IdP-initiated login method depends on the IdP. For details, see the IdP help documentation. This section describes how to initiate a login from the SP.</p>
 <ol id="iam_08_0025__en-us_topic_0000001341816564_en-us_topic_0175818756_ol344684114811"><li id="iam_08_0025__en-us_topic_0000001341816564_en-us_topic_0175818756_li986975013551"><span>Log in as a federated user.</span><p><p id="iam_08_0025__en-us_topic_0000001341816564_en-us_topic_0175818756_p21375325518">On the <strong id="iam_08_0025__en-us_topic_0000001341816564_b1585114139437">Identity Providers</strong> page of the IAM console, click <strong id="iam_08_0025__en-us_topic_0000001341816564_b1385201384319">View</strong> in the row containing the IdP. Click <span><img id="iam_08_0025__en-us_topic_0000001341816564_image1397715241545" src="en-us_image_0000001646287137.png"></span> to copy the login link displayed in the <strong id="iam_08_0025__en-us_topic_0000001341816564_b11852171374311">Basic Information</strong> area, open the link using a browser, and then enter the username and password used in the enterprise management system.</p>
 <p id="iam_08_0025__en-us_topic_0000001341816564_p16773195212449"></p>
--- a/docs/iam/umn/iam_08_0251.html
+++ b/docs/iam/umn/iam_08_0251.html
@ -12,7 +12,7 @@
 </div>
 <ul id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_ul1561713415148"><li id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_li1161815481410">The cloud products you use do not support virtual user SSO.</li><li id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_li861810481419">You do not need virtual user SSO and want to simplify the IdP configuration.</li></ul>
 <div class="section" id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_section14352239133210"><h4 class="sectiontitle">Differences Between Virtual User SSO and IAM User SSO</h4><p id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_p1735418575561">The differences between virtual user SSO and IAM user SSO are described as follows:</p>
-<p id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_p62381449185814">1. Identity conversion: Virtual user SSO uses <a href="en-us_topic_0079620340.html">identity conversion rules</a> while IAM user SSO uses external identity IDs for identity conversion. An IdP user will be mapped to an IAM user if the <strong id="iam_08_0251__en-us_topic_0000001596495670_b36314016268">IAM_SAML_Attributes_xUserId</strong> value of the IdP user is the same as the <a href="en-us_topic_0046661675.html#en-us_topic_0046661675__li13713193419317">external identity ID</a> of the IAM user. When you use IAM user SSO, make sure that you have set <strong id="iam_08_0251__en-us_topic_0000001596495670_b108699579326">IAM_SAML_Attributes_xUserId</strong> in the IdP and <strong id="iam_08_0251__en-us_topic_0000001596495670_b317912733513">External Identity ID</strong> in the SP to the same value.</p>
+<p id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_p62381449185814">1. Identity conversion: Virtual user SSO uses <a href="en-us_topic_0079620340.html">identity conversion rules</a> while IAM user SSO uses external identity IDs for identity conversion. If the <strong id="iam_08_0251__en-us_topic_0000001596495670_b8219914102317">IAM_SAML_Attributes_xUserId</strong> value of one or more IdP users is the same as the <a href="en-us_topic_0046661675.html#en-us_topic_0046661675__li13713193419317">external identity ID</a> of an IAM user, these IdP users will be mapped to the IAM user. When you use IAM user SSO, make sure that you have set <strong id="iam_08_0251__en-us_topic_0000001596495670_b108699579326">IAM_SAML_Attributes_xUserId</strong> in the IdP and <strong id="iam_08_0251__en-us_topic_0000001596495670_b317912733513">External Identity ID</strong> in the SP to the same value.</p>
 <p id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_p122669181306">2. User identity in IAM: In virtual user SSO, the IdP user does not have a corresponding IAM user in the IAM user list. After the IdP user logs in, the system automatically creates a virtual user for it. In IAM user SSO, the IdP user has a IAM user mapped by external identity ID on the IAM console.</p>
 <p id="iam_08_0251__en-us_topic_0000001596495670_en-us_topic_0000001366328288_p07651651141917">3. Permissions assignment in IAM: In virtual user SSO, the permissions of the IdP user are defined by the identity conversion rule. In IAM user SSO, the IdP user inherits the permissions of the user group which the mapped IAM user belongs to.</p>
 </div>
--- a/docs/iam/umn/iam_08_0252.html
+++ b/docs/iam/umn/iam_08_0252.html
@ -18,15 +18,7 @@
 </td>
 <td class="cellrowborder" valign="top" width="34.839999999999996%" headers="mcps1.3.2.2.2.4.1.2 "><p id="iam_08_0252__en-us_topic_0000001596673494_p1871995313715">Target URL which the federated user will be redirected to</p>
 </td>
-<td class="cellrowborder" valign="top" width="47.79%" headers="mcps1.3.2.2.2.4.1.3 "><p id="iam_08_0252__en-us_topic_0000001596673494_p97192533716">During SSO login, the federated user will be redirected to a page on the cloud platform .</p>
+<td class="cellrowborder" valign="top" width="47.79%" headers="mcps1.3.2.2.2.4.1.3 "><p id="iam_08_0252__en-us_topic_0000001596673494_p97192533716">During SSO login, the federated user will be redirected to a page on the cloud platform.</p>
 </td>
 </tr>
 <tr id="iam_08_0252__en-us_topic_0000001596673494_row1483985824913"><td class="cellrowborder" valign="top" width="17.37%" headers="mcps1.3.2.2.2.4.1.1 "><p id="iam_08_0252__en-us_topic_0000001596673494_p135931089916">IAM_SAML_Attributes_xUserId</p>
 </td>
 <td class="cellrowborder" valign="top" width="34.839999999999996%" headers="mcps1.3.2.2.2.4.1.2 "><p id="iam_08_0252__en-us_topic_0000001596673494_p05931584911">ID of an enterprise IdP user (federated user)</p>
 </td>
 <td class="cellrowborder" valign="top" width="47.79%" headers="mcps1.3.2.2.2.4.1.3 "><p id="iam_08_0252__en-us_topic_0000001596673494_p1465181194520">This parameter is mandatory when the SSO type is IAM user.</p>
 <p id="iam_08_0252__en-us_topic_0000001596673494_p1559311810913">Each federated user is mapped to an IAM user. The <strong id="iam_08_0252__en-us_topic_0000001596673494_b112255463712">IAM_SAML_Attributes_xUserId</strong> of the federated user is the same as the external identity ID of the corresponding IAM user.</p>
 </td>
 </tr>
 <tr id="iam_08_0252__en-us_topic_0000001596673494_row5839258194916"><td class="cellrowborder" valign="top" width="17.37%" headers="mcps1.3.2.2.2.4.1.1 "><p id="iam_08_0252__en-us_topic_0000001596673494_p12255189191015">IAM_SAML_Attributes_domain_id</p>
--- a/docs/iam/umn/iam_08_0254.html
+++ b/docs/iam/umn/iam_08_0254.html
@ -11,7 +11,7 @@
 <div class="section" id="iam_08_0254__en-us_topic_0000001596515266_section536217418"><h4 class="sectiontitle">Configuring Identity Federation</h4><p id="iam_08_0254__en-us_topic_0000001596515266_en-us_topic_0000001426325501_en-us_topic_0175818705_p54841424581">The following describes how to configure your enterprise IdP and the cloud platform to trust each other.</p>
 <div class="fignone" id="iam_08_0254__en-us_topic_0000001596515266_fig19114227456"><span class="figcap"><b>Figure 1 </b>Configuration of IAM user SSO via SAML</span><br><span><img id="iam_08_0254__en-us_topic_0000001596515266_image6911172219455" src="en-us_image_0000001656073017.png" height="418.95000000000005" width="523.6875" title="Click to enlarge" class="imgResize"></span></div>
 <ol id="iam_08_0254__en-us_topic_0000001596515266_ol153618184118"><li id="iam_08_0254__en-us_topic_0000001596515266_en-us_topic_0000001426325501_en-us_topic_0175818705_li56079251376"><a href="iam_08_0255.html#iam_08_0255">Create an IdP entity and establish a trust relationship</a>: Create an IdP entity for your enterprise on the cloud platform. Then, upload the cloud platform metadata file to the enterprise IdP, and upload the metadata file of the enterprise IdP to the cloud platform.<div class="fignone" id="iam_08_0254__en-us_topic_0000001596515266_fig2013615363397"><span class="figcap"><b>Figure 2 </b>Exchanging metadata files</span><br><span><img id="iam_08_0254__en-us_topic_0000001596515266_image213643614398" src="en-us_image_0000001656337241.png" height="95.69416500000001" width="497.42" title="Click to enlarge" class="imgResize"></span></div>
-</li><li id="iam_08_0254__en-us_topic_0000001596515266_en-us_topic_0000001426325501_li1721291115188"><a href="iam_08_0256.html#iam_08_0256">Configure the enterprise IdP</a>: Configure enterprise IdP parameters to determine what information can be sent to the cloud platform.</li><li id="iam_08_0254__en-us_topic_0000001596515266_en-us_topic_0000001426325501_en-us_topic_0175818705_li551564215408"><a href="iam_08_0257.html#iam_08_0257">Configure an external identity ID on IAM</a>: Establish a mapping between an IAM user and an enterprise user. When your enterprise IdP establishes SSO access to the cloud platform, the enterprise user can log in to the cloud platform as the IAM user with the specified external identity ID. For example, if an enterprise user <strong id="iam_08_0254__en-us_topic_0000001596515266_b88213504584">IdP_Test_User</strong> is mapped to the IAM user <strong id="iam_08_0254__en-us_topic_0000001596515266_b9801727593">Alice</strong>, the enterprise user <strong id="iam_08_0254__en-us_topic_0000001596515266_b15324014155914">IdP_Test_User</strong> will log in to the cloud platform as the IAM user <strong id="iam_08_0254__en-us_topic_0000001596515266_b38401135125918">Alice</strong>.<div class="fignone" id="iam_08_0254__en-us_topic_0000001596515266_fig13338133811437"><span class="figcap"><b>Figure 3 </b>Mapping external identities to IAM users</span><br><span><img id="iam_08_0254__en-us_topic_0000001596515266_image163385388436" src="en-us_image_0000001607216988.png" height="406.98" width="465.5" title="Click to enlarge" class="imgResize"></span></div>
+</li><li id="iam_08_0254__en-us_topic_0000001596515266_en-us_topic_0000001426325501_li1721291115188"><a href="iam_08_0256.html#iam_08_0256">Configure the enterprise IdP</a>: Configure enterprise IdP parameters to determine what information can be sent to the cloud platform.</li><li id="iam_08_0254__en-us_topic_0000001596515266_en-us_topic_0000001426325501_en-us_topic_0175818705_li551564215408"><a href="iam_08_0257.html#iam_08_0257">Configure an external identity ID</a>: Establish a mapping between an IAM user and an enterprise user. When your enterprise IdP establishes SSO access to the cloud platform, the enterprise user can log in to the cloud platform as the IAM user with the specified external identity ID. For example, if an enterprise user <strong id="iam_08_0254__en-us_topic_0000001596515266_b663561585513">IdP_Test_User</strong> is mapped to the IAM user <strong id="iam_08_0254__en-us_topic_0000001596515266_b163571519557">Alice</strong>, the enterprise user <strong id="iam_08_0254__en-us_topic_0000001596515266_b4636215175517">IdP_Test_User</strong> will log in to the cloud platform as the IAM user <strong id="iam_08_0254__en-us_topic_0000001596515266_b1463631512555">Alice</strong>.<div class="fignone" id="iam_08_0254__en-us_topic_0000001596515266_fig13338133811437"><span class="figcap"><b>Figure 3 </b>Mapping external identities to IAM users</span><br><span><img id="iam_08_0254__en-us_topic_0000001596515266_image163385388436" src="en-us_image_0000001607216988.png" height="406.98" width="465.5" title="Click to enlarge" class="imgResize"></span></div>
 </li><li id="iam_08_0254__en-us_topic_0000001596515266_en-us_topic_0000001426325501_li777015161321"><a href="iam_08_0258.html#iam_08_0258">Verify the federated login</a>: Check whether the enterprise user can log in to the cloud platform through SSO.</li><li id="iam_08_0254__en-us_topic_0000001596515266_li14361164113"><a href="iam_08_0259.html#iam_08_0259">(Optional) Configure a federated login entry</a>: Configure the login link (see <a href="#iam_08_0254__en-us_topic_0000001596515266_fig183392056164512">Figure 4</a>) in the enterprise IdP to allow enterprise users to be redirected to the cloud platform from your enterprise management system.<div class="fignone" id="iam_08_0254__en-us_topic_0000001596515266_fig183392056164512"><a name="iam_08_0254__en-us_topic_0000001596515266_fig183392056164512"></a><a name="en-us_topic_0000001596515266_fig183392056164512"></a><span class="figcap"><b>Figure 4 </b>SSO login model</span><br><span><img id="iam_08_0254__en-us_topic_0000001596515266_image11339256184519" src="en-us_image_0000001607256960.png" height="173.786711" width="465.5" title="Click to enlarge" class="imgResize"></span></div>
 </li></ol>
 </div>
--- a/docs/iam/umn/iam_08_0255.html
+++ b/docs/iam/umn/iam_08_0255.html
@ -11,7 +11,7 @@
 </p></li><li id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_li19378125420417"><span>Upload the metadata file to the enterprise IdP server. For details, see the help documentation of the enterprise IdP.</span></li><li id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_li17371448151420"><span>Obtain the metadata file of the enterprise IdP. For details, see the help documentation of the enterprise IdP.</span></li></ol>
 </div>
 <div class="section" id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_section172611833111"><h4 class="sectiontitle">Creating an IdP Entity on the Cloud Platform</h4><p id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_p14271944725">To create an IdP entity on the IAM console, do as follows:</p>
-<ol id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_ol21644229"><li id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_li7670737"><span>Log in to the IAM console, choose <strong id="iam_08_0255__en-us_topic_0000001596833222_b98547817242314">Identity Providers</strong> from the navigation pane, and click <strong id="iam_08_0255__en-us_topic_0000001596833222_b208591297942314">Create Identity Provider</strong> in the upper right corner.</span><p><div class="fignone" id="iam_08_0255__en-us_topic_0000001596833222_fig547719531515"><span class="figcap"><b>Figure 1 </b>Creating an IdP entity</span><br><span><img id="iam_08_0255__en-us_topic_0000001596833222_image3477351150" src="en-us_image_0000001656300001.png" height="149.735656" width="494.76000000000005" title="Click to enlarge" class="imgResize"></span></div>
+<ol id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_ol21644229"><li id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_li7670737"><span>Log in to the IAM console, choose <strong id="iam_08_0255__en-us_topic_0000001596833222_b1375712153243">Identity Providers</strong> from the navigation pane, and click <strong id="iam_08_0255__en-us_topic_0000001596833222_b3757101511241">Create Identity Provider</strong> in the upper right corner.</span><p><div class="fignone" id="iam_08_0255__en-us_topic_0000001596833222_fig547719531515"><span class="figcap"><b>Figure 1 </b>Creating an IdP entity</span><br><span><img id="iam_08_0255__en-us_topic_0000001596833222_image3477351150" src="en-us_image_0000001656300001.png" height="149.735656" width="494.76000000000005" title="Click to enlarge" class="imgResize"></span></div>
 </p></li><li id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_en-us_topic_0175818704_li202871146194"><span>Specify the name, protocol, SSO type, status, and description of the IdP entity.</span><p><div class="fignone" id="iam_08_0255__en-us_topic_0000001596833222_fig56212498153"><span class="figcap"><b>Figure 2 </b>Setting IdP parameters</span><br><span><img id="iam_08_0255__en-us_topic_0000001596833222_image17633492155" src="en-us_image_0000001656340545.png" width="349.125" height="324.749026" title="Click to enlarge" class="imgResize"></span></div>
 <div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_table13359917121514" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Basic parameters of an IdP</caption><thead align="left"><tr id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_row15360181711151"><th align="left" class="cellrowborder" valign="top" width="16.79%" id="mcps1.3.3.3.2.2.2.2.3.1.1"><p id="iam_08_0255__en-us_topic_0000001596833222_en-us_topic_0000001375874998_p1036014179156">Parameter</p>
--- a/docs/iam/umn/iam_08_0256.html
+++ b/docs/iam/umn/iam_08_0256.html
@ -21,7 +21,7 @@
 <td class="cellrowborder" valign="top" width="34.839999999999996%" headers="mcps1.3.3.2.2.4.1.2 "><p id="iam_08_0256__en-us_topic_0000001646353397_en-us_topic_0000001378199566_p05931584911">ID of an enterprise IdP user (federated user)</p>
 </td>
 <td class="cellrowborder" valign="top" width="47.79%" headers="mcps1.3.3.2.2.4.1.3 "><p id="iam_08_0256__en-us_topic_0000001646353397_en-us_topic_0000001378199566_p1465181194520">This parameter is mandatory when the SSO type is IAM user.</p>
-<p id="iam_08_0256__en-us_topic_0000001646353397_en-us_topic_0000001378199566_p1559311810913">Each federated user is mapped to an IAM user. The <strong id="iam_08_0256__en-us_topic_0000001646353397_b20109155155316">IAM_SAML_Attributes_xUserId</strong> of the federated user is the same as the external identity ID of the corresponding IAM user.</p>
+<p id="iam_08_0256__en-us_topic_0000001646353397_en-us_topic_0000001378199566_p1559311810913">Each federated user is mapped to an IAM user. The <strong id="iam_08_0256__en-us_topic_0000001646353397_b42131570262">IAM_SAML_Attributes_xUserId</strong> of the federated user is the same as the external identity ID of the corresponding IAM user.</p>
 </td>
 </tr>
 <tr id="iam_08_0256__en-us_topic_0000001646353397_en-us_topic_0000001378199566_row98391758184911"><td class="cellrowborder" valign="top" width="17.37%" headers="mcps1.3.3.2.2.4.1.1 "><p id="iam_08_0256__en-us_topic_0000001646353397_en-us_topic_0000001378199566_p117195531679">IAM_SAML_Attributes_redirect_url</p>
--- a/docs/iam/umn/iam_08_0259.html
+++ b/docs/iam/umn/iam_08_0259.html
@ -7,9 +7,9 @@
 <div id="body0000001606569596"><p id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_p1645381214272">Configure a federated login entry in the enterprise IdP so that enterprise users can use the login link to access the cloud platform.</p>
 <div class="section" id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_section101261732122720"><h4 class="sectiontitle">Prerequisites</h4><ul id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_ul861722713292"><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li161712712295">An IdP entity has been created on the cloud platform, and the login link for the IdP is available. For details, see <a href="iam_08_0255.html#iam_08_0255">Step 1: Create an IdP Entity</a>.</li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li18261122972912">The login entry for logging in to the cloud platform has been configured in the enterprise management system.</li></ul>
 </div>
-<div class="section" id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_section122251194213"><h4 class="sectiontitle">Procedure</h4><ol id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_ol14850112215417"><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li2195162413293"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_08_0259__en-us_topic_0000001646170669_b1545920199494">Identity Providers</strong>.</span></li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li46555223151553"><span>Click <strong id="iam_08_0259__en-us_topic_0000001646170669_b7524212542258">View</strong> in the row containing the IdP.</span><p><div class="fignone" id="iam_08_0259__en-us_topic_0000001646170669_fig45131610152318"><span class="figcap"><b>Figure 1 </b>Viewing IdP details</span><br><span><img id="iam_08_0259__en-us_topic_0000001646170669_image1451391017239" src="en-us_image_0000001656303477.png" height="131.47555400000002" width="465.83250000000004" title="Click to enlarge" class="imgResize"></span></div>
+<div class="section" id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_section122251194213"><h4 class="sectiontitle">Procedure</h4><ol id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_ol14850112215417"><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li2195162413293"><span>Log in to the IAM console. In the navigation pane, choose <strong id="iam_08_0259__en-us_topic_0000001646170669_b11776410152718">Identity Providers</strong>.</span></li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li46555223151553"><span>Click <strong id="iam_08_0259__en-us_topic_0000001646170669_b7524212542258">View</strong> in the row containing the IdP.</span><p><div class="fignone" id="iam_08_0259__en-us_topic_0000001646170669_fig45131610152318"><span class="figcap"><b>Figure 1 </b>Viewing IdP details</span><br><span><img id="iam_08_0259__en-us_topic_0000001646170669_image1451391017239" src="en-us_image_0000001656303477.png" height="131.47555400000002" width="465.83250000000004" title="Click to enlarge" class="imgResize"></span></div>
-</p></li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li1967991814556"><span>Copy the login link by clicking <span><img id="iam_08_0259__en-us_topic_0000001646170669_image91456015514" src="en-us_image_0000001646542753.png"></span> in the <strong id="iam_08_0259__en-us_topic_0000001646170669_b8414932195516">Login link</strong> row.</span><p><div class="fignone" id="iam_08_0259__en-us_topic_0000001646170669_fig69418234228"><span class="figcap"><b>Figure 2 </b>Copying the login link</span><br><span><img id="iam_08_0259__en-us_topic_0000001646170669_image694523202212" src="en-us_image_0000001606783928.png" height="188.5275" width="523.6875" title="Click to enlarge" class="imgResize"></span></div>
+</p></li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li1967991814556"><span>Copy the login link by clicking <span><img id="iam_08_0259__en-us_topic_0000001646170669_image91456015514" src="en-us_image_0000001646542753.png"></span> in the <strong id="iam_08_0259__en-us_topic_0000001646170669_b8414932195516">Login Link</strong> row.</span><p><div class="fignone" id="iam_08_0259__en-us_topic_0000001646170669_fig69418234228"><span class="figcap"><b>Figure 2 </b>Copying the login link</span><br><span><img id="iam_08_0259__en-us_topic_0000001646170669_image694523202212" src="en-us_image_0000001606783928.png" height="188.5275" width="523.6875" title="Click to enlarge" class="imgResize"></span></div>
-</p></li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li15844132155518"><span>Add the following statement to the page file of the enterprise management system:</span><p><pre class="screen" id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_screen64715579">&lt;a href="&lt;<em id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_i111454131956">Login link</em>&gt;"&gt; Cloud platform login entry &lt;/a&gt;</pre>
+</p></li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li15844132155518"><span>Add the following statement to the page file of the enterprise management system:</span><p><pre class="screen" id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_screen64715579">&lt;a href="&lt;<em id="iam_08_0259__en-us_topic_0000001646170669_i1275771512718">Login link</em>&gt;"&gt; Cloud platform login entry &lt;/a&gt;</pre>
 </p></li><li id="iam_08_0259__en-us_topic_0000001646170669_en-us_topic_0000001428678529_en-us_topic_0176296742_li1494375833114"><span>Log in to the enterprise management system using your enterprise account, and click the configured login link to access the cloud platform.</span></li></ol>
 </div>
 </div>