Identity and Access Management

Identity and Access Management (IAM) enables you to easily manage users and control their access to HUAWEI CLOUD services and resources.

Free

Try Now
Documentation SDKs
Product Advantages

  • Precise Access Control

    Create IAM users and groups and grant them permissions by using policies and roles, allowing or denying access to specific services and resources.

  • Access Delegation

    Delegate a trusted HUAWEI CLOUD account or a cloud service to access your HUAWEI CLOUD resources based on assigned permissions.

  • Integration with Existing Identity System

    Establish a trust relationship between your existing identity system and HUAWEI CLOUD by creating a SAML-based or OpenID Connect–based identity provider or a custom identity broker. In this way, users in your enterprise can log in to HUAWEI CLOUD through single sign-on (SSO).

  • Operation Security

    You can require IAM users to complete identity authentication each time they log in or perform a critical operation.

Application Scenarios

  • User Access Management

  • Cross-Account Delegation

  • Federated Identity Authentication

User Access Management

User Access Management

You can create user groups and grant them specific permissions, and add users to user groups so that they inherit the groups' permissions.

Advantages

Independent Credentials

IAM users can use their own credentials to access HUAWEI CLOUD and do not need to know your account and password.

Refined Permissions

You can grant IAM users only the permissions for specific resources in specific projects.

Account Security

You can configure account security settings to keep your user information and system data secure.

Cross-Account Delegation

Cross-Account Delegation

You can delegate resource access to another account without sharing your password or access keys.

Advantages

Access Delegation

To ensure the security of your account and data, you can grant only the permissions required for specific resources to another account.

No Account Sharing

The delegated party can use their own account and password to access only resources you specify.

Option to Cancel Delegation

You can cancel the trust relationship between you and the delegated party at any time according to your business needs.

Federated Identity Authentication

Federated Identity Authentication

Users in your enterprise can access HUAWEI CLOUD through the enterprise management system, without using HUAWEI CLOUD accounts.

Advantages

Unified Portal

Users can access HUAWEI CLOUD through your enterprise management system.

Easy User Management

You can easily manage users on your enterprise management system.

Functions

  • User Management

    IAM allows you to create IAM users and authorize them to securely access your resources using their own username and password.

  • Permissions Management

    With IAM, you can grant IAM users only the permissions they require to access specific resources.

User Management

Permissions Management

  • Access Delegation

    IAM allows you to authorize another HUAWEI CLOUD account or a cloud service to access your resources based on assigned permissions.

  • Access Key Management

    You can create access keys (AK/SK pairs) and use them to access cloud services through APIs.

Access Delegation

Access Key Management

  • Identity Federation

    You can use IAM to create an identity provider and federate users to HUAWEI CLOUD from your enterprise network.

  • Account Security

    IAM allows you to configure security settings, including identity authentication for critical operations, to keep your user information and system data always secure.

Identity Federation

Account Security

Usage Guides
Documentation

API Reference

IAM API Reference

User Guide

IAM User Guide

Common Operations

Creating a User Group and Assigning Permissions

Create an Account and Experience HUAWEI CLOUD for Free

Register Now