Updated on 2024-11-14 GMT+08:00

Creating and Authorizing a User

You can use Identity and Access Management (IAM) to implement fine-grained permissions control for your CodeArts console. With IAM, you can:

  • Use your account to create IAM users for employees based on the organizational structure of your enterprise. Each IAM user has their own security credentials for accessing CodeArts resources.
  • Assign only the permissions required for users to perform a specific task.

If your account does not require individual IAM users, skip this section.

This section describes the procedure for granting permissions (see Figure 1).

Prerequisites

Learn about the permissions supported by CodeArts and choose permissions according to your requirements. For the permissions of other services, see System Permissions.

Process

Figure 1 Process for granting CodeArts console permissions
  1. Create a user group and assign permissions.

    Create a user group on the IAM console, and attach the DevCloud Console ReadOnlyAccess policy to the group.

  2. Create an IAM user and add it to a group.

    Create a user on the IAM console and add the user to the group created in 1.

  3. Log in and verify permissions.

    Log in to the console as the created user and switch to the region for which the user is authorized to verify permissions.

    Choose CodeArts in Service List, and then choose Enterprise Account Authorization in the navigation pane. Click Authorize Enterprise Account, and enter an account ID. If a message is displayed indicating that you cannot access the page, the DevCloud Console ReadOnlyAccess policy has already taken effect.