{"_id":"pep-solution-page-navigate-v2_1690800752634","context":{"bg":"white","btnList":[{"btnUrl":"https://www.huaweicloud.com/intl/en-us/contact-sales.html","btnText":"Contact Us","btnStyle":"por-btn-primary"}],"moreText":"","actionInfo":{"title":"Identity and Access Management (IAM)","titleUrl":"","actionList":[{"isBlank":false,"actionUrl":"","isChecked":true,"actionName":"Overview","selectMenu":{"selectList":[{"url":"https://www.huaweicloud.com","name":"开发者资源开发者资源开发者资源","isBlank":false},{"url":"https://www.huaweicloud.com","name":"客户案例","isBlank":false},{"url":"https://www.huaweicloud.com","name":"最佳实践","isBlank":false}]},"isShowSelect":false},{"isBlank":true,"actionUrl":"https://support.huaweicloud.com/intl/en-us/function-iam/index.html","isChecked":false,"actionName":"Features","selectMenu":{"selectList":[{"url":"https://www.huaweicloud.com","name":"开发者资源开发者资源开发者资源","isBlank":false},{"url":"https://www.huaweicloud.com","name":"客户案例","isBlank":false},{"url":"https://www.huaweicloud.com","name":"最佳实践","isBlank":false}]},"isShowSelect":false},{"isBlank":false,"actionUrl":"https://www.huaweicloud.com/intl/en-us/product/iam/getting-started.html","isChecked":false,"actionName":"Getting Started","selectMenu":{"selectList":[{"url":"https://www.huaweicloud.com","name":"开发者资源开发者资源开发者资源","isBlank":false},{"url":"https://www.huaweicloud.com","name":"客户案例","isBlank":false},{"url":"https://www.huaweicloud.com","name":"最佳实践","isBlank":false}]},"isShowSelect":false},{"isBlank":true,"actionUrl":"https://support.huaweicloud.com/intl/en-us/iam_faq/iam_01_0020.html","isChecked":false,"actionName":"FAQs","selectMenu":{"selectList":[{"url":"","name":"","isBlank":false},{"url":"","name":"","isBlank":false}]},"isShowSelect":false}],"mobileSelectText":""},"columnNumberMB":"2"},"advancedInfo":{"isShowBtn":true,"isShowTitle":true}}

Identity and Access Management (IAM)

Authenticate identities and securely manage access to your services and resources

Fine-grained Permissions Management

Set fine-grained access control for your cloud resources and grant least privilege

Hosted Cloud Resources

Delegate other Huawei Cloud accounts or services to manage cloud resources on your behalf

Security Management

Configure multiple security policies for identities and credentials

Identity Federation

Why Huawei Cloud IAM?

Multi-Factor Authentication for Critical Operations

Use two-factor authentication (2FA) and virtual MFA devices to authenticate logins of Huawei Cloud accounts and IAM users (both have their own credentials)
Use temporary security credentials with customizable durations to secure access to Huawei Cloud resources
Enable operation protection to prevent high-risk operations from being performed by mistake

Refined Access Control

Grant granular access for specific users and groups
Grant access to resources at a region or enterprise project level
Create custom policies for fine-grained permissions management

Resource Access Delegation

Delegate access to Huawei Cloud accounts for professional, efficient O&M
Delegate cloud services to access resources on your behalf

Identity Federation and Custom Identity Brokers

Federate your enterprise IdP with Huawei Cloud via SAML or OIDC
Create a custom identity broker to enable your enterprise staff to sign in to Huawei Cloud after being authenticated

Fine-Grained, Secure Access to Your Cloud Services and Resources

User Access Management
Cross-Account Access Delegation
Identity Federation

User Access Management

Create user groups for different departments, add enterprise staff as IAM users to groups, and assign permissions to groups based on job functions

Advantages

Independent Credentials

Huawei Cloud accounts and IAM users use their own credentials to access Huawei Cloud. There is no need to share passwords.

Granular Control

You can grant least privilege access at the service or resource level for specific projects.

Account Security Policies

User information and system data are protected by a range of security policies such as critical operation protection and ACL.

Cross-Account Access Delegation

Delegate resource access to trusted accounts for professional, efficient resource management

Advantages

Independent Credentials

You do not have to share passwords with the delegated accounts.

Easy Delegation

You can create, modify, or cancel a trust relationship to suit your business needs.

Secure Access

Delegated accounts can access resources based on the assigned permissions. The delegation will not compromise the security of your account, data, and resources.

Flexible Access

Delegated accounts can authorize their own IAM users to manage resources on behalf of you.

Identity Federation

Enable your enterprise staff with direct, secure access to Huawei Cloud, eliminating the need to maintain separate identities across multiple platforms

Advantages

Efficient User Management

You do not need to create additional accounts for your enterprise staff. They can use their accounts in the enterprise IdP to access Huawei Cloud.

Simple User Login

Enterprise staff can access Huawei Cloud easily from the enterprise management system.

Various Ways for SSO

SAML, OIDC, and custom identity broker are supported for single sign-on (SSO).

Documentation

Start Your Journey

to Manage Access to Your Cloud Resources

Try Free

More Services

Config

Track global resource configurations and changes

Organizations

Govern multiple accounts within your organization

Application Operations Management (AOM)

A one-stop O&M platform for cloud resources and applications

Identity and Access Management (IAM)