ovh · gbarideau · May 22, 2025 · May 27, 2025 · May 28, 2025 · May 28, 2025
diff --git a/links/bare-metal/vps-lz b/links/bare-metal/vps-lz
@@ -0,0 +1,16 @@
+- [de-de](https://www.ovhcloud.com/de/vps/vps-lz/)
+- [en-asia](https://www.ovhcloud.com/asia/vps/vps-lz/)
+- [en-au](https://www.ovhcloud.com/en-au/vps/vps-lz/)
+- [en-ca](https://www.ovhcloud.com/en-ca/vps/vps-lz/)
+- [en-gb](https://www.ovhcloud.com/en-gb/vps/vps-lz/)
+- [en-ie](https://www.ovhcloud.com/en-ie/vps/vps-lz/)
+- [en-in](https://www.ovhcloud.com/en-in/vps/vps-lz/)
+- [en-sg](https://www.ovhcloud.com/en-sg/vps/vps-lz/)
+- [en-us](https://www.ovhcloud.com/en/vps/vps-lz/)
+- [es-es](https://www.ovhcloud.com/es-es/vps/vps-lz/)
+- [es-us](https://www.ovhcloud.com/es/vps/vps-lz/)
+- [fr-ca](https://www.ovhcloud.com/fr-ca/vps/vps-lz/)
+- [fr-fr](https://www.ovhcloud.com/fr/vps/vps-lz/)
+- [it-it](https://www.ovhcloud.com/it/vps/vps-lz/)
+- [pl-pl](https://www.ovhcloud.com/pl/vps/vps-lz/)
+- [pt-pt](https://www.ovhcloud.com/pt/vps/vps-lz/)
diff --git a/links/web/email-pro b/links/web/email-pro
@@ -2,6 +2,7 @@
 - [en-gb](https://www.ovhcloud.com/en-gb/emails/email-pro/)
 - [en-ie](https://www.ovhcloud.com/en-ie/emails/email-pro/)
 - [es-es](https://www.ovhcloud.com/es-es/emails/email-pro/)
+- [es-us](https://www.ovhcloud.com/es/emails/)
 - [fr-fr](https://www.ovhcloud.com/fr/emails/email-pro/)
 - [it-it](https://www.ovhcloud.com/it/emails/email-pro/)
 - [pl-pl](https://www.ovhcloud.com/pl/emails/email-pro/)

diff --git a/links/web/emails b/links/web/emails
@@ -4,6 +4,7 @@
 - [en-ca](https://www.ovhcloud.com/en-ca/emails/)
 - [en-gb](https://www.ovhcloud.com/en-gb/emails/)
 - [en-ie](https://www.ovhcloud.com/en-ie/emails/)
+- [en-in](https://www.ovhcloud.com/en-in/web-cloud/)
 - [en-sg](https://www.ovhcloud.com/en-sg/emails/)
 - [en-us](https://www.ovhcloud.com/en/emails/)
 - [es-es](https://www.ovhcloud.com/es-es/emails/)

diff --git a/links/web/emails-hosted-exchange b/links/web/emails-hosted-exchange
@@ -4,6 +4,7 @@
 - [en-ca](https://www.ovhcloud.com/en-ca/emails/hosted-exchange/)
 - [en-gb](https://www.ovhcloud.com/en-gb/emails/hosted-exchange/)
 - [en-ie](https://www.ovhcloud.com/en-ie/emails/hosted-exchange/)
+- [en-in](https://www.ovhcloud.com/en-in/web-cloud/)
 - [en-sg](https://www.ovhcloud.com/en-sg/emails/hosted-exchange/)
 - [en-us](https://www.ovhcloud.com/en/emails/hosted-exchange/)
 - [es-es](https://www.ovhcloud.com/es-es/emails/hosted-exchange/)

diff --git a/links/web/ms365 b/links/web/ms365
@@ -2,6 +2,7 @@
 - [en-gb](https://www.ovhcloud.com/en-gb/collaborative-tools/microsoft-365/)
 - [en-ie](https://www.ovhcloud.com/en-ie/collaborative-tools/microsoft-365/)
 - [es-es](https://www.ovhcloud.com/es-es/collaborative-tools/microsoft-365/)
+- [es-us](https://www.ovhcloud.com/es/)
 - [fr-fr](https://www.ovhcloud.com/fr/collaborative-tools/microsoft-365/)
 - [it-it](https://www.ovhcloud.com/it/collaborative-tools/microsoft-365/)
 - [pl-pl](https://www.ovhcloud.com/pl/collaborative-tools/microsoft-365/)

diff --git a/...ount_and_service_management/account_information/iam-policies-api/guide.de-de.md b/...ount_and_service_management/account_information/iam-policies-api/guide.de-de.md
@@ -1,7 +1,7 @@
 ---
 title: Verwendung von IAM-Richtlinien mit der OVHcloud API (EN)
 excerpt: "Find out how to give specific access rights to users from an OVHcloud account"
-updated: 2024-08-21
+updated: 2025-08-18
 ---
 
 ## Objective
@@ -126,6 +126,7 @@ The URNs and actions can end with a `*` wildcard character. This allows referrin
   - **deny**: Array of actions explicitely denied for the identities regarding the resources. A denied action will be prevent no matter what others policies could allow
   - **except**: Extension of the **allow** parameter. Array of actions not to allow even though they are included in the **allow** actions. For instance, this is useful when there is a wildcard allow action but it is necessary to exclude a specific action that otherwise would be included in the wildcard. Contrary to **deny**, **except** is limited to the current policy scope.
 - **permissionsGroups**: List of [permissions groups](/pages/account_and_service_management/account_information/iam-permission-groups) applied to this policy.
+- **conditions**: List conditions applied to the policy
 - **expiredAt**: Date after which the policy will be disabled.
 - **createdAt**: Creation date of the policy.
 - **updateAt**: Last update date of the policy.
@@ -288,6 +289,84 @@ Check it via `GET /iam/policy`:
 
 The policies have been created successfully. Now, "***user1***" can **carry out reboots and create snapshots** on the VPS "***urn:v1:eu:resource:vps:vps-5b48d78b.vps.ovh.net***". "***user2***" can **execute any vps action except for the deletion of snapshots** on the VPS "***urn:v1:eu:resource:vps:vps-5b48d78b.vps.ovh.net***".
 
+#### Conditions
+
+It is possible to add conditions to policies. The policy will only be valid if the conditions are met.
+Conditions are added to an access policy in the following form:
+
+```json
+{
+  "operator": "AND",
+  "conditions": [
+    {
+        "operator": "MATCH",
+        "values": {
+            "resource.Tag(environment)": "prod",
+            "resource.Type": "dnsZone"
+      }
+    },
+    {
+      "operator": "NOT",
+      "conditions": [
+        {
+            "operator": "MATCH",
+            "values": {
+                "date(Europe/Paris).WeekDay.IN": "Saturday,Sunday"
+          }
+        }
+      ]
+    }
+  ]
+}
+```
+
+For example, a policy with this condition is valid if the targeted resources are of type **dnsZone** with the tag **"environment:prod"**, except on **Saturday and Sunday** in the Paris time zone.
+
+The operator field specifies how the conditions will be evaluated:
+
+- **AND**: All conditions must be validated
+- **NOT**: None of the conditions must be validated
+- **OR**: At least one condition must be validated
+- **MATCH**: Condition evaluation operator
+
+The available conditions are:
+
+|       Condition        |                         Operator                          | Data Type |            Description             |                   Example                   |
+| :--------------------: | :--------------------------------------------------------: | :--------: | :--------------------------------: | :-----------------------------------------: |
+|  date(location).Date   |               EQ <br>BEFORE <br>AFTER <br>IN               |  YYYY-MM-DD  |  Filter on calendar days   | "date.Date(America/New_York)": "2024-12-25" |
+|  date(location).Hour   | EQ <br>BEFORE <br>AFTER <br>GE <br>LE <br>GT <br>LT <br>IN |     int      |       Filter on hours        |   "date(Europe/Paris).Hour.IN" : "7,8,9"    |
+| date(location).WeekDay | EQ <br>BEFORE <br>AFTER <br>GE <br>LE <br>GT <br>LT <br>IN |    string    | Filter on days of the week | "date(Europe/Berlin).WeekDay.AFTER": "monday" |
+| resource.Tag(tag_key)  |              EQ <br>STARTS_WITH <br>ENDS_WITH              |    string    |        Filter on tags         |      "resource.Tag(environment): "dev"      |
+|     resource.Name      |          EQ <br>IN <br>STARTS_WITH <br>ENDS_WITH           |    string    | Filter on resource names  |     "resource.Name.Start_with": "vps-"      |
+|     resource.Type      |          EQ <br>IN <br>STARTS_WITH <br>ENDS_WITH           |    string    |  Filter on resource types  |      "resource.Type.In": "dnsZone,vps"      |
+|       request.IP       |                   EQ <br>IN <br>IN_RANGE                   |    IP v4     |  Filter on client source IP  |    "request.IP.IN_RANGE": "10.23.0.0/16"    |
+
+Dates use time zones based on [IANA database names](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If not specified, the date will be evaluated in UTC time zone.
+
+The available operators for condition types are:
+
+- **EQ**: The value must exactly match the specified value
+- **BEFORE** or **LT** (less than): The value must be strictly less than
+- **AFTER** or **GE** (greater or equal): The value must be equal to or greater than
+- **GT** (greater than): The value must be strictly greater than
+- **LE** (less or equal): The value must be equal to or less than
+- **IN**: The value must be included in the list
+- **START_WITH**: The value must start with the specified value
+- **END_WITH**: The value must end with the specified value
+- **IN_RANGE**: The value must be in the specified IP subnet
+
+If not specified, the default operator is **EQ**.
+
+#### Policies targeting other OVHcloud customer accounts
+
+Access policies can target other OVHcloud customer accounts.  
+The targeted account of this policy will be able to manage the rights received that way on its own policies, but will never be able to override the rights set on the access policy.
+
+For example, an account **xx1111-ovh** gives rights on `vps:apiovh:ips/*` to account **xx2222-ovh**:  
+Account **xx2222-ovh** will be able to give the right `vps:apiovh:ips/delete` to its own users, but will never be able to grant the right `vps:apiovh:reboot`.
+
+Access to the support will still be reserved to the owner of the resource.
+
 ### Identities
 
 Policies apply to users, which can be accounts, users or user groups.
@@ -654,4 +733,4 @@ Here is a part of the output:
 
 ## Go further
 
-Join our [community of users](/links/community).
+Join our [community of users](/links/community).
diff --git a/...nt_and_service_management/account_information/iam-policies-api/guide.en-asia.md b/...nt_and_service_management/account_information/iam-policies-api/guide.en-asia.md
@@ -1,7 +1,7 @@
 ---
 title: How to use IAM policies using the OVHcloud API
 excerpt: "Find out how to give specific access rights to users from an OVHcloud account"
-updated: 2024-08-21
+updated: 2025-08-18
 ---
 
 ## Objective
@@ -42,7 +42,7 @@ Resources, resource groups and actions needed to create a policy will be describ
 
 #### API definition
 
-<https://ca.api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/policy>
+<https://api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/policy>
 
 |**Method**|**Path**|**Description**|
 | :-: | :-: | :-: |
@@ -126,6 +126,7 @@ The URNs and actions can end with a `*` wildcard character. This allows referrin
   - **deny**: Array of actions explicitely denied for the identities regarding the resources. A denied action will be prevent no matter what others policies could allow
   - **except**: Extension of the **allow** parameter. Array of actions not to allow even though they are included in the **allow** actions. For instance, this is useful when there is a wildcard allow action but it is necessary to exclude a specific action that otherwise would be included in the wildcard. Contrary to **deny**, **except** is limited to the current policy scope.
 - **permissionsGroups**: List of [permissions groups](/pages/account_and_service_management/account_information/iam-permission-groups) applied to this policy.
+- **conditions**: List conditions applied to the policy
 - **expiredAt**: Date after which the policy will be disabled.
 - **createdAt**: Creation date of the policy.
 - **updateAt**: Last update date of the policy.
@@ -288,6 +289,84 @@ Check it via `GET /iam/policy`:
 
 The policies have been created successfully. Now, "***user1***" can **carry out reboots and create snapshots** on the VPS "***urn:v1:eu:resource:vps:vps-5b48d78b.vps.ovh.net***". "***user2***" can **execute any vps action except for the deletion of snapshots** on the VPS "***urn:v1:eu:resource:vps:vps-5b48d78b.vps.ovh.net***".
 
+#### Conditions
+
+It is possible to add conditions to policies. The policy will only be valid if the conditions are met.
+Conditions are added to an access policy in the following form:
+
+```json
+{
+  "operator": "AND",
+  "conditions": [
+    {
+        "operator": "MATCH",
+        "values": {
+            "resource.Tag(environment)": "prod",
+            "resource.Type": "dnsZone"
+      }
+    },
+    {
+      "operator": "NOT",
+      "conditions": [
+        {
+            "operator": "MATCH",
+            "values": {
+                "date(Europe/Paris).WeekDay.IN": "Saturday,Sunday"
+          }
+        }
+      ]
+    }
+  ]
+}
+```
+
+For example, a policy with this condition is valid if the targeted resources are of type **dnsZone** with the tag **"environment:prod"**, except on **Saturday and Sunday** in the Paris time zone.
+
+The operator field specifies how the conditions will be evaluated:
+
+- **AND**: All conditions must be validated
+- **NOT**: None of the conditions must be validated
+- **OR**: At least one condition must be validated
+- **MATCH**: Condition evaluation operator
+
+The available conditions are:
+
+|       Condition        |                         Operator                          | Data Type |            Description             |                   Example                   |
+| :--------------------: | :--------------------------------------------------------: | :--------: | :--------------------------------: | :-----------------------------------------: |
+|  date(location).Date   |               EQ <br>BEFORE <br>AFTER <br>IN               |  YYYY-MM-DD  |  Filter on calendar days   | "date.Date(America/New_York)": "2024-12-25" |
+|  date(location).Hour   | EQ <br>BEFORE <br>AFTER <br>GE <br>LE <br>GT <br>LT <br>IN |     int      |       Filter on hours        |   "date(Europe/Paris).Hour.IN" : "7,8,9"    |
+| date(location).WeekDay | EQ <br>BEFORE <br>AFTER <br>GE <br>LE <br>GT <br>LT <br>IN |    string    | Filter on days of the week | "date(Europe/Berlin).WeekDay.AFTER": "monday" |
+| resource.Tag(tag_key)  |              EQ <br>STARTS_WITH <br>ENDS_WITH              |    string    |        Filter on tags         |      "resource.Tag(environment): "dev"      |
+|     resource.Name      |          EQ <br>IN <br>STARTS_WITH <br>ENDS_WITH           |    string    | Filter on resource names  |     "resource.Name.Start_with": "vps-"      |
+|     resource.Type      |          EQ <br>IN <br>STARTS_WITH <br>ENDS_WITH           |    string    |  Filter on resource types  |      "resource.Type.In": "dnsZone,vps"      |
+|       request.IP       |                   EQ <br>IN <br>IN_RANGE                   |    IP v4     |  Filter on client source IP  |    "request.IP.IN_RANGE": "10.23.0.0/16"    |
+
+Dates use time zones based on [IANA database names](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones). If not specified, the date will be evaluated in UTC time zone.
+
+The available operators for condition types are:
+
+- **EQ**: The value must exactly match the specified value
+- **BEFORE** or **LT** (less than): The value must be strictly less than
+- **AFTER** or **GE** (greater or equal): The value must be equal to or greater than
+- **GT** (greater than): The value must be strictly greater than
+- **LE** (less or equal): The value must be equal to or less than
+- **IN**: The value must be included in the list
+- **START_WITH**: The value must start with the specified value
+- **END_WITH**: The value must end with the specified value
+- **IN_RANGE**: The value must be in the specified IP subnet
+
+If not specified, the default operator is **EQ**.
+
+#### Policies targeting other OVHcloud customer accounts
+
+Access policies can target other OVHcloud customer accounts.  
+The targeted account of this policy will be able to manage the rights received that way on its own policies, but will never be able to override the rights set on the access policy.
+
+For example, an account **xx1111-ovh** gives rights on `vps:apiovh:ips/*` to account **xx2222-ovh**:  
+Account **xx2222-ovh** will be able to give the right `vps:apiovh:ips/delete` to its own users, but will never be able to grant the right `vps:apiovh:reboot`.
+
+Access to the support will still be reserved to the owner of the resource.
+
 ### Identities
 
 Policies apply to users, which can be accounts, users or user groups.
@@ -296,7 +375,7 @@ This section describes how to retrieve or create user for the policy.
 
 #### API definition
 
-<https://ca.api.ovh.com/console-preview/?section=%2Fme&branch=v1#overview>
+<https://api.ovh.com/console-preview/?section=%2Fme&branch=v1#overview>
 
 |**Method**|**Path**|**Description**|
 | :-: | :-: | :-: |
@@ -383,7 +462,7 @@ This section describes how to retrieve resources information to use in a policy.
 
 #### API definition
 
-<https://ca.api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/resource>
+<https://api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/resource>
 
 |**Method**|**Path**|**Description**|
 | :-: | :-: | :-: |
@@ -442,7 +521,7 @@ To ease the policy management for a large number of resources, it is possible to
 
 #### API definition
 
-<https://ca.api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/resourceGroup>
+<https://api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/resourceGroup>
 
 |**Method**|**Path**|**Description**|
 | :-: | :-: | :-: |
@@ -535,7 +614,7 @@ These actions are specific to every product, such as rebooting a database server
 
 #### API definition
 
-<https://ca.api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/reference/action>
+<https://api.ovh.com/console-preview/?section=%2Fiam&branch=v2#get-/iam/reference/action>
 
 |**Method**|**Path**|**Description**|
 | :-: | :-: | :-: |
@@ -654,4 +733,4 @@ Here is a part of the output:
 
 ## Go further
 
-Join our [community of users](/links/community).
+Join our [community of users](/links/community).