Updated on 2023-11-28 GMT+08:00

Creating a User and Granting Permissions

This section describes the fine-grained permissions management provided by IAM for your Automation. With IAM, you can:

  • Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials for accessing Automation resources.
  • Grant only the permissions required for users to perform a specific task.
  • Entrust an account or a cloud service to perform professional and efficient O&M on your Automation resources.

If your account does not need individual IAM users, then you may skip over this section.

This section describes the procedure for granting permissions (see Figure 1).

Prerequisites

Before assigning permissions to user groups, you should learn about Automation policies and select the policies based on service requirements. For the system permissions of other services, see System Permissions.

Process

Figure 1 Process for granting Automation permissions
  1. Creating a User Group and Assigning Permissions

    Create a user group on the IAM console, and assign the CMS ReadOnlyAccess policy to the group.

  2. Creating a User and Adding the User to a User Group

    Create a user on the IAM console and add the user to the group created in 1.

  3. Logging In as a User and Verifying Permissions

    Log in to the console as the created user, and verify that it only has read permissions for Automation.