{"_id":"pep-solution-page-navigate-v2_1690800752634","context":{"bg":"white","btnList":[{"btnUrl":"https://www.huaweicloud.com/intl/en-us/contact-sales.html","btnText":"Contact Us","btnStyle":"por-btn-primary"}],"moreText":"","actionInfo":{"title":"Identity and Access Management (IAM)","titleUrl":"","actionList":[{"isBlank":false,"actionUrl":"https://www.huaweicloud.com/intl/en-us/product/iam.html","isChecked":false,"actionName":"Overview","selectMenu":{"selectList":[{"url":"https://www.huaweicloud.com","name":"开发者资源开发者资源开发者资源","isBlank":false},{"url":"https://www.huaweicloud.com","name":"客户案例","isBlank":false},{"url":"https://www.huaweicloud.com","name":"最佳实践","isBlank":false}]},"isShowSelect":false},{"isBlank":true,"actionUrl":"https://support.huaweicloud.com/intl/en-us/function-iam/index.html","isChecked":false,"actionName":"Features","selectMenu":{"selectList":[{"url":"https://www.huaweicloud.com","name":"开发者资源开发者资源开发者资源","isBlank":false},{"url":"https://www.huaweicloud.com","name":"客户案例","isBlank":false},{"url":"https://www.huaweicloud.com","name":"最佳实践","isBlank":false}]},"isShowSelect":false},{"isBlank":false,"actionUrl":"","isChecked":true,"actionName":"Getting Started","selectMenu":{"selectList":[{"url":"https://www.huaweicloud.com","name":"开发者资源开发者资源开发者资源","isBlank":false},{"url":"https://www.huaweicloud.com","name":"客户案例","isBlank":false},{"url":"https://www.huaweicloud.com","name":"最佳实践","isBlank":false}]},"isShowSelect":false},{"isBlank":true,"actionUrl":"https://support.huaweicloud.com/intl/en-us/iam_faq/iam_01_0020.html","isChecked":false,"actionName":"FAQs","selectMenu":{"selectList":[{"url":"","name":"","isBlank":false},{"url":"","name":"","isBlank":false}]},"isShowSelect":false}],"mobileSelectText":""},"columnNumberMB":"2"},"advancedInfo":{"isShowBtn":true,"isShowTitle":true}}

Authenticate identities and securely manage access to your services and resources

Getting Started with IAM in 2 Steps

Create User Groups and Assign Permissions

Create user groups for different departments in your enterprise and assign permissions to these groups based on job functions. The admin group has all permissions for your cloud resources.

Create IAM Users and Log In

Create IAM users for your enterprise staff and add them to different groups. The users have their own credentials and can perform operations on cloud resources based on the permissions inherited from the groups.

Best Practices

Assigning Permissions to O&M Personnel

If your company has purchased different resources on Huawei Cloud, and has multiple functional teams that need to use one or more types of resources, you can use IAM to assign permissions to different personnel based on their job functions for refined permissions control.

Cross-Account Access Delegation and Resource Management

If you want to delegate another account to manage your cloud resources, you can create an agency in IAM to establish a trust relationship with the other account.

Authorizing IAM Users to Manage Resources of an Account

You can delegate access to another company for professional O&M. The delegated company can assign permissions to its own IAM users for fine-grained permissions management.

Configuring an Agency for an ECS

Huawei Cloud Elastic Cloud Server (ECS) provides secure, scalable, on-demand compute resources. You can delegate permissions to an ECS by creating an agency and then the ECS can obtain a temporary credential of the agency to access other cloud services.