Updated on 2024-04-15 GMT+08:00

Before You Start

Reading this document will help you to:

  • Create Identity and Access Management (IAM) users.
  • Create user groups based on your organization's business functions.
  • Assign permissions to user groups.
  • Create IAM users for employees in your organization.
  • Enable IAM users to log in to the cloud platform.

Prerequisites

You already have an account. If you do not have an account, create one.

Example Scenario

A website development company has three functional teams. With IAM, the company's administrator can create only one account and then use this account to create IAM users for employees and assign permissions based on their job responsibilities.

The following uses the company as an example to show how to use IAM to manage permissions.

Organizational Structure

  • Management team (admin group in Figure 1): manages employees and resources, assigns permissions, and allocates resources. The team members include James and Alice.
  • Development team (Developers group in Figure 1): develops websites. The team members include Charlie and Jackson.
  • Test team (Testers group in Figure 1): tests websites. The team members include Jackson and Emily. Jackson develops and tests websites, so he needs to join both the Developers and Testers groups to obtain the required permissions.
Figure 1 User management model

User Groups and Required Resources

  • admin group: manages user permissions using IAM.
  • Developers group: develops websites using Elastic Cloud Server (ECS), Elastic Load Balance (ELB), Virtual Private Cloud (VPC), Relational Database Service (RDS), Elastic Volume Service (EVS), and Object Storage Service (OBS).
  • Testers group: performs functional and performance testing on websites by using the Application Performance Management (APM) service.

User Management Process

  1. The company's administrator logs in to the cloud platform, creates user groups Developers and Testers, and grants them permissions. For details, see Step 1: Create User Groups and Assign Permissions.
  2. The administrator creates IAM users for members of the three functional teams. The members then log in to the cloud platform as IAM users. For details, see Step 2: Create IAM Users and Log In.