Help Center/
Identity and Access Management/
User Guide/
IAM User Management/
Managing Permissions Assigned to IAM Users
Updated on 2026-02-06 GMT+08:00
Managing Permissions Assigned to IAM Users
As an administrator, you can view or delete permissions assigned to IAM users on the Permissions tab of the IAM console.
Constraints
- If the principal type of the authorization record is a user group, deleting the permissions will affect all users in the group. To remove the assigned permissions, go to the user group details page.
- Deleting the permissions of an IAM user will also delete the permissions assigned to the group that the user belongs to. All users in the group will no longer have the permissions. Exercise caution when performing this operation.
Procedure
- Managing Role/Policy-based Authorization
- Log in to the IAM console as the administrator.
- Click a username to go to the user details page.
- Click the Permissions tab to view the permissions assigned to the IAM user. You can assign, delete, and export permissions for the user on this page.
Figure 1 Permissions assigned to an IAM user
- Managing Identity Policy-based Authorization
To view the identity policy-based authorization on the new console, perform the following operations:
- Log in to the IAM console as the administrator.
- Click a username to go to the user details page.
- In the Permissions tab, click Check identity policy-based authorization records. You can assign and delete export permissions for the user here.
After you click Authorize in the displayed pane on the left, you will go to the new console. You can assign permissions to the user using identity policies.
Related Operations
To view all authorization records under your account, see Authorization Records.
Parent topic: IAM User Management
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
The system is busy. Please try again later.
