CommunityDEENDEENProductsCore ServicesRoadmapRelease NotesService descriptionCertifications and attestationsPrivate CloudManaged ServicesBenefitsSecurity/DSGVOSustainabilityOpenStackMarket leaderPricesPricing modelsComputing & ContainersStorageNetworkDatabase & AnalysisSecurityManagement & ApplicationsPrice calculatorSolutionsIndustriesHealthcarePublic SectorScience and researchAutomotiveMedia and broadcastingRetailUse CasesArtificial intelligenceHigh Performance ComputingBig data and analyticsInternet of ThingsDisaster RecoveryData StorageTurnkey solutionsTelekom cloud solutionsPartner cloud solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsEssentials trainingFundamentals training coursePractitioner online self-trainingArchitect training courseCertificationsCommunityCommunity blogsCommunity eventsLibraryStudies and whitepaperWebinarsBusiness NavigatorSupportSupport from expertsAI chatbotShared ResponsibilityGuidelines for Security Testing (Penetration Tests)Mobile AppHelp toolsFirst stepsTutorialStatus DashboardFAQTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiriesCommunity

0800 3304477 24 hours a day, seven days a week

Write an E-mail 

Book now and claim starting credit of EUR 250
ProductsCore ServicesPrivate CloudManaged ServicesBenefitsPricesPricing modelsPrice calculatorSolutionsIndustriesUse CasesTurnkey solutionsSwiss Open Telekom CloudReferencesPartnerCIRCLE PartnerTECH PartnerBecome a partnerAcademyTraining & certificationsCommunityLibraryBusiness NavigatorSupportSupport from expertsHelp toolsTechnical documentationNewsBlogFairs & eventsTrade pressPress inquiries
  • 0800 330447724 hours a day, seven days a week
  • Write an E-mail 
Book now and claim starting credit of EUR 250

Identity and Accessmanagement (IAM) Version 2.6 Release

We are happy to announce the coming upgrade of IAM to a newer version including the following changes.

New features:

  • Operation protection: Introduction of the functionality of multi-factor authentication (MFA) for critical actions
    • For critical actions, such as deleting an ECS, administrators can now enable the feature operation protection to require MFA for executing the critical action.
    • This can be enabled for the executing user or for a different user to achieve four-eyes-principle compliance.
  • Authorization Records: Introduction of a new view to quickly view authorizations for users
    • On the new page, authorization records are displayed and can be searched by e.g. username to display assigned policies/roles to the searched user.
  • IAM Batch Operations: Introduction of batch operations for multiple users, including,
    • User Deletion and
    • User Modification (Status (Enabled/Disabled), Verification Method (Programmatic/Management Console), Verification Method (SMS/Email/Virtual MFA Device/Disabled)).
  • New SSO User Type:  Introduction of SSO User Types “Virtual User” and “IAM User”
    • Virtual User: After a user logs in to OTC through an identity provider, the system automatically creates a virtual identity for the user. Multiple identity providers of the virtual user SSO type can be created under an account.
    • IAM User: After a user logs in to OTC through an identity provider, the system maps the user to an IAM user based on the configured identity conversion rules. Only one identity provider of the IAM user SSO type can be created under an account. If you select this type, ensure that you have created an IAM user and set the external identity ID.
  • Access Key Management
    • By default, this option is disabled, and all the users under your account can manage (create, enable, disable, and delete) their own access keys. If you enable this option, only the administrator can manage access keys of users.
  • Information Self-Management
    • By default, this option is enabled, and all IAM users under your account can modify their own basic information (mobile number, email address, and password). If you disable this option, only the administrator can modify IAM user information.

Changes:

  • Enhancing soft quota of user groups to 500.
  • While creating or updating IAM users a message is displayed indicating that the mailbox has been used and which user is using the mailbox.
  • Identity Provider Modification Screen
    • Removing the preconfigured metadata section for Identity Provider settings. Customers can upload metadata XML or manually configure the metadata.
  • Account Settings / Security Settings Screen
    • Renaming of Account Settings to Security Settings with new Layout with Sections „Basic Information”, “Critical Operations”, “Login Authentication Policy”, “Password Policy” and “ACL”.
  • Custom Policy Screen
    • Policy scope must not be set anymore in the selection screen and will be picked automatically by the system.
    • A custom policy can only contain permissions for either global or project-level services.

Bugfixes:

  • MFA Device Administration: Allows an IAM administrator to unbind a MFA Device from Users (e.g. in case of lost devices)
  • 1password plugin incompability

More details can be found in the related community techblog.

Back to overview Release Notes 
 

Do you have questions?

We answer your questions about testing, booking and use – free of charge and individually. Try it! 
Hotline: 24 hours a day, 7 days a week
0800 3304477 from Germany / 00800 33044770 from abroad

Write an E-mail

The Open Telekom Cloud Community

This is where users, developers and product owners meet to help each other, share knowledge and discuss.

Discover now

Free expert hotline

Our certified cloud experts provide you with personal service free of charge.

 0800 3304477 (from Germany)

 +800 33044770 (from abroad)

 24 hours a day, seven days a week

Write an E-Mail

Our customer service is available free of charge via E-Mail

Write an E-Mail

AIssistant

Our AI-powered search helps with your cloud needs.