How Do I Grant Permissions to an IAM User?
If you want to authorize an IAM user to operate the SecMaster service, you need to use the primary account to grant permissions to the user.
Procedure
- Log in to the console as the administrator.
- Click in the upper left corner of the page and choose Management & Governance > Identity and Access Management.
- Create a user group.
- In the navigation pane on the left, choose User Groups. On the displayed page, click Create User Group in the upper right corner.
- On the Create User Group page, specify user group name and description.
- Name: Set this parameter to SecMaster_ops.
- Description: Enter a description.
- Click OK.
- Create a custom policy.
- In the navigation pane on the left, choose Permissions > Policies/Roles. In the upper right corner of the displayed page, click Create Custom Policy.
- Configure a policy.
- Policy Name: Set this parameter to SecMaster_FullAccess.
- Policy View: Select JSON.
- Policy Content: Copy the following content and paste it in the text box.
{ "Version": "1.1", "Statement": [ { "Action": [ "secmaster:*:*" ], "Effect": "Allow" } ] }
- Click OK.
- In the dialog box displayed, set the policy scope to Global services.
- Click OK.
Figure 1 Creating a policy
- Assign permissions to the created user group.
- In the navigation pane on the left, choose User Groups. On the displayed page, click SecMaster_ops.
- On the Permissions tab page, click Authorize.
Figure 2 Roles
- On the Select Policy/Role page, search for and select the SecMaster_FullAccess policy, and click Next.
- Set the minimum authorization scope. Select All resources for Scope. After the setting is complete, click OK.
- Verify the authorization. The policy will be listed on the page.
Figure 3 Authorized
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.