MarketplaceCommunityDEENDEENProductsCloud ServicesRoadmapRelease NotesService descriptionCertifications and attestationsManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderBusiness NavigatorPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorMarketplaceSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesRadio OTCMarketplaceCommunity

0800 3304477Call 24 hours a day, seven days a week

Write an E-mail E-Mail

Book now and claim starting credit of EUR 250
Cloud ServicesManaged ServicesBenefitsBusiness Navigator
Pricing modelsPrice calculator
IndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferences
CIRCLE PartnerTECH PartnerBecome a partner
Training & certificationsCommunityLibraryBusiness Navigator
Marketplace
Support from expertsHelp toolsTechnical documentation
BlogFairs & eventsTrade pressPress inquiriesRadio OTC
  • 0800 3304477Call24 hours a day, seven days a week
  • Write an E-mail E-Mail
Book now and claim starting credit of EUR 250
HomeSupportRelease NotesIdentity and Accessmanagement (IAM) Version 2.6 Release

Identity and Accessmanagement (IAM) Version 2.6 Release

We are happy to announce the coming upgrade of IAM to a newer version including the following changes.

New features:

  • Operation protection: Introduction of the functionality of multi-factor authentication (MFA) for critical actions
    • For critical actions, such as deleting an ECS, administrators can now enable the feature operation protection to require MFA for executing the critical action.
    • This can be enabled for the executing user or for a different user to achieve four-eyes-principle compliance.
  • Authorization Records: Introduction of a new view to quickly view authorizations for users
    • On the new page, authorization records are displayed and can be searched by e.g. username to display assigned policies/roles to the searched user.
  • IAM Batch Operations: Introduction of batch operations for multiple users, including,
    • User Deletion and
    • User Modification (Status (Enabled/Disabled), Verification Method (Programmatic/Management Console), Verification Method (SMS/Email/Virtual MFA Device/Disabled)).
  • New SSO User Type:  Introduction of SSO User Types “Virtual User” and “IAM User”
    • Virtual User: After a user logs in to OTC through an identity provider, the system automatically creates a virtual identity for the user. Multiple identity providers of the virtual user SSO type can be created under an account.
    • IAM User: After a user logs in to OTC through an identity provider, the system maps the user to an IAM user based on the configured identity conversion rules. Only one identity provider of the IAM user SSO type can be created under an account. If you select this type, ensure that you have created an IAM user and set the external identity ID.
  • Access Key Management
    • By default, this option is disabled, and all the users under your account can manage (create, enable, disable, and delete) their own access keys. If you enable this option, only the administrator can manage access keys of users.
  • Information Self-Management
    • By default, this option is enabled, and all IAM users under your account can modify their own basic information (mobile number, email address, and password). If you disable this option, only the administrator can modify IAM user information.

Changes:

  • Enhancing soft quota of user groups to 500.
  • While creating or updating IAM users a message is displayed indicating that the mailbox has been used and which user is using the mailbox.
  • Identity Provider Modification Screen
    • Removing the preconfigured metadata section for Identity Provider settings. Customers can upload metadata XML or manually configure the metadata.
  • Account Settings / Security Settings Screen
    • Renaming of Account Settings to Security Settings with new Layout with Sections „Basic Information”, “Critical Operations”, “Login Authentication Policy”, “Password Policy” and “ACL”.
  • Custom Policy Screen
    • Policy scope must not be set anymore in the selection screen and will be picked automatically by the system.
    • A custom policy can only contain permissions for either global or project-level services.

Bugfixes:

  • MFA Device Administration: Allows an IAM administrator to unbind a MFA Device from Users (e.g. in case of lost devices)
  • 1password plugin incompability

More details can be found in the related community techblog.

Back to overview Release Notes 
 

Do you have questions?

We answer your questions about testing, booking and use – free of charge and individually. Try it! 
Hotline: 24 hours a day, 7 days a week
0800 3304477 from Germany / 00800 33044770 from abroad

Write an E-mail
Identity and Access Management
CommunityFree Expert HotlineE-MailAI Search

The Open Telekom Cloud Community

close

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

close

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

close

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant Cloudia

Our AI-powered search helps with your cloud needs.

MaximizeMinimizeClose

In order to use our AI-powered seach you must first accept the cookies for services by other companies.

Accept the cookies for services by other companies

Cookies and similar technologies

We use cookies and similar technologies on our website to save, read out and process information on your device. In doing so, we enhance your experience, analyze site traffic, and show you content and ads that interest you. User profiles are created across websites and devices for this purpose. Our partners use these technologies as well.


By selecting “Only Required”, you only accept cookies that make our website function properly. “Accept All” means that you allow access to information on your device and the use of all cookies for analytics and marketing purposes by Telekom Deutschland GmbH and our partners. Your data might then be transferred to countries outside the European Union where we cannot ensure the same level of data protection as in the EU (see Art. 49 (1) a GDPR). Under “Settings”, you can specify everything in detail and change your consent at any time.


Find more information in the Privacy Policy and Partner List.