Precise Access Control
Create IAM users and groups and grant them permissions by using policies and roles, allowing or denying access to specific services and resources.
Delegate a trusted HUAWEI CLOUD account or a cloud service to access your HUAWEI CLOUD resources based on assigned permissions.
Integration with Existing Identity System
Establish a trust relationship between your existing identity system and HUAWEI CLOUD by creating a SAML-based or OpenID Connect–based identity provider or a custom identity broker. In this way, users in your enterprise can log in to HUAWEI CLOUD through single sign-on (SSO).
You can require IAM users to complete identity authentication each time they log in or perform a critical operation.
User Access Management
You can create user groups and grant them specific permissions, and add users to user groups so that they inherit the groups' permissions.
IAM users can use their own credentials to access HUAWEI CLOUD and do not need to know your account and password.
You can grant IAM users only the permissions for specific resources in specific projects.
You can configure account security settings to keep your user information and system data secure.
You can delegate resource access to another account without sharing your password or access keys.
To ensure the security of your account and data, you can grant only the permissions required for specific resources to another account.
The delegated party can use their own account and password to access only resources you specify.
You can cancel the trust relationship between you and the delegated party at any time according to your business needs.
Federated Identity Authentication
Users in your enterprise can access HUAWEI CLOUD through the enterprise management system, without using HUAWEI CLOUD accounts.
Users can access HUAWEI CLOUD through your enterprise management system.
You can easily manage users on your enterprise management system.
IAM allows you to create IAM users and authorize them to securely access your resources using their own username and password.
With IAM, you can grant IAM users only the permissions they require to access specific resources.
IAM allows you to authorize another HUAWEI CLOUD account or a cloud service to access your resources based on assigned permissions.
You can create access keys (AK/SK pairs) and use them to access cloud services through APIs.
You can use IAM to create an identity provider and federate users to HUAWEI CLOUD from your enterprise network.
IAM allows you to configure security settings, including identity authentication for critical operations, to keep your user information and system data always secure.