Updated on 2024-10-23 GMT+08:00

Creating a User and Granting Permissions

This section describes the fine-grained permissions management provided by IAM for your AOM. With IAM, you can:

  • Create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials for accessing AOM resources.
  • Grant only the permissions required for users to perform a specific task.
  • Entrust an account or a cloud service to perform professional and efficient O&M on your AOM resources.

If your account does not need individual IAM users, then you may skip over this section.

This section describes the procedure for granting permissions (see Figure 1).

Prerequisites

Before assigning permissions to user groups, you should learn about the AOM permissions listed in Permissions Management. For the permissions of other services, see System-defined Permissions.

Process

Figure 1 Process for granting AOM permissions
  1. Create a user group and assign permissions.

    Create a user group on the IAM console, and assign the AOM ReadOnlyAccess policy to the group.

  2. Create a user and add the user to the user group.

    Create a user on the IAM console and add the user to the group created in 1.

  3. Log in as an IAM user and verify permissions.

    Log in to the AOM console as the created user, and verify that it only has read permissions for AOM.