Help Center/ IAM Identity Center/ User Guide/ Multi-Account Permissions Management/ Accounts/ Associating Accounts with Users/Groups and Permission Sets
Updated on 2024-02-21 GMT+08:00

Associating Accounts with Users/Groups and Permission Sets

After IAM Identity Center users/groups and permission sets are created, you can associate one or more member accounts in your organization with the created users/groups and permission sets. This way, the IAM Identity Center users can access resources under the associated accounts after logging in to the system, and permissions included in the associated permission set can be granted to the resources.

Currently, you can only associate IAM Identity Center users/groups and permission sets with member accounts in your organization, rather than organizational units (OUs) or the whole organization.

The accounts can be either the management account or member accounts of your organization. You can manage them on the Organizations console.

Procedure

  1. Log in to the Huawei Cloud console.
  2. Click in the upper left corner of the page and choose Management & Governance > IAM Identity Center.
  3. In the navigation pane on the left, choose Multi-Account Permissions > Accounts.

    By default, accounts are displayed in an organizational hierarchy structure. You can click to switch to the list view.

    Figure 1 Account view

  4. Select one or more accounts from the account list and click Assign User/Group in the upper left corner.

    Alternatively, locate a target account and click Assign User/Group in the Operation column.

    Figure 2 Selecting accounts

  5. In the Select User/Group step on the displayed page, select one or more users/groups and click Next.

    Figure 3 Selecting one or more users/groups

  6. In the Select Permission Set step, select one or more permission sets and click Next.

    Figure 4 Selecting one or more permission sets

  7. In the Confirm step, confirm the configurations and click OK.

    Figure 5 Confirming configurations