Creating a User and Granting Central Network Permissions

Use IAM to implement fine-grained permissions control for your Cloud Connect resources. With IAM, you can:

Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing Cloud Connect resources.
Grant users only the permissions required to perform a given task based on their job responsibilities.
Entrust an account or cloud service to perform efficient O&M on your Cloud Connect resources.

Skip this part if you do not require individual IAM users for refined permissions management.

Figure 1 shows the process of granting permissions.

Prerequisites

Before you assign permissions to a user group, you need to know the permissions that you can assign to the user group and select permissions based on service requirements. For details about the system permissions, see Permissions. For the system policies of other services, see System Permissions.

Process Flow

Figure 1 Process of granting permissions

Create a user group and assign permissions (the Cross Connect Administrator policy used as an example).
Create an IAM user and add it to a group.
On the IAM console, create a user and add it to the user group created in 1.
Log in and verify permissions.
After logging in to the Cloud Connect console using the user's credentials, verify that the user has all permissions for Cloud Connect resources.
- In the service list, choose Networking > Cloud Connect. In the navigation pane on the left, choose Cloud Connect > Central Networks. Click Create Central Network in the upper right corner. If the creation is successful, the Cross Connect Administrator policy has taken effect.
- Choose any other service in the service list. A message will appear indicating that you have sufficient permissions to access the service.