Before You Start

Prerequisites

You already have an account. If you do not have an account, create one.

Example Scenario

A website development company has three functional teams in Hong Kong (China). With IAM, the company's administrator only needs to create one account and use it to create IAM users for other personnel and assign permissions based on their job responsibilities. For the definitions of an account and IAM user, see Basic Concepts.

The following uses the company as an example to show how to use IAM to manage permissions.

Organizational Structure

• Management team that maps to the admin group in Figure 1 for company's personnel and resource management. Users in this group include James and Alice and are responsible for permissions and resource allocation.
• R&D team that maps to the Developers group in Figure 1 for websites development. The team members include Charlie and Jackson.
• Test team that maps to the Testers group in Figure 1 for website tests. The team members include Jackson and Emily. Jackson develops and tests websites, so he needs to join both the Developers and Testers groups to obtain the required permissions.

Figure 1 User management model

User Groups and Required Resources

• admin group: manages user permissions using IAM.
• Developers group: develops websites using Elastic Cloud Server (ECS), Elastic Load Balance (ELB), Virtual Private Cloud (VPC), Relational Database Service (RDS), Elastic Volume Service (EVS), and Object Storage Service (OBS).
• Testers group: performs functional and performance testing on websites by using the Cloud Eye service.

User Management Process

1. The company's administrator logs in to Huawei Cloud, creates user groups developers and testers, and grants them permissions. For details, see Creating a User Group and Assigning Permissions.
2. The administrator creates IAM users for members of the three functional teams. The members then log in to Huawei Cloud as IAM users. For details, see Creating IAM Users and Logging In.