Help Center> Resource Access Manager> User Guide> Permissions Management> Creating a User and Granting RAM Permissions
Updated on 2024-03-15 GMT+08:00
View PDF

Creating a User and Granting RAM Permissions

You can use Identity and Access Management (IAM) to implement fine-grained permissions control for your RAM resources. With IAM, you can:

  • Create IAM users for personnel based on your enterprise's organizational structure. Each IAM user has their own identity credentials for accessing RAM resources.
  • Grant users only the permissions required to perform a given task based on their job responsibilities.
  • Entrust a Huawei Cloud account or a cloud service to perform professional and efficient O&M on your RAM resources.

If your Huawei Cloud account meets your permissions requirements, you can skip this section.

Figure 1 the process flow of user authorization.

Prerequisites

Before granting permissions to user groups, learn about the system-defined permissions for RAM described in Table 1. To grant permissions for other services, learn about allSystem-defined Permissions supported by IAM.

Table 1 System-defined permissions for RAM

Permission

Description

RAM FullAccess

Full permissions for RAM.

RAM ReadOnlyAccess

Read-only permissions for RAM.

RAM ResourceShareParticipantAccess

Permissions for accepting or reject a resource sharing invitation.

Process Flow

Figure 1 Process of granting RAM permissions
  1. Create a user group and assign permissions.

    Create a user group on the IAM console, and assign the RAM FullAccess permission to the group.

  2. Create an IAM user and add it to the user group.

    Create users on the IAM console and add them to the user group created in 1.

  3. Log in and verify permissions.

    Log in to the RAM console as each of the created users, and verify that they each have the RAM FullAccess permission.

Parent topic: Permissions Management