How-to Guides
Users can create and manage user groups, users, policies, and My Info. through Identity and Access Management (IAM).
Getting Started with IAM
- Click on the All Services > Management > IAM menu. This will take you to the Service Home page of IAM.
- On the Service Home page, My Info., Account information, Quick Link, and IAM status are provided as widgets.
| Category | Detailed Description |
|---|
| My Info. | The username, email, and user group information of the user logged in to the Samsung Cloud Platform Console. Clicking the More button will take you to the My Info. page |
| Account Information | Provides the user’s Account ID, Account alias, and IAM user login URL if the user is an IAM user- Account ID: The user’s Account ID
- Account Alias: A name assigned to the Account. An alias can be used to manage the Account more easily
- Edit: If the Account alias is edited, the current alias can no longer be used for IAM user login URL See Editing Account Alias for more information
- Delete: If the Account alias is deleted, IAM users can no longer log in using the Account alias. See Deleting Account Alias for more information
- IAM User Login URL allows login without entering Account information
- For more information about Accounts, see Account
|
| Quick Link | Description of My Info. and a button to click to go to the corresponding page.- For more information about My Info., see My Info.
|
| IAM Status | The number of user groups, users, and policies |
Table. IAM Service Home Widget Items
Editing Account Alias
You can edit the Account alias in the Service Home > Account widget of IAM.
- Click on the All Services > Management > IAM menu. This will take you to the Service Home page of IAM.
- On the Service Home page, click the Edit button for the Account alias in the Account widget. This will take you to the Edit Account Alias popup window.
- In the Edit Account Alias popup window, confirm the instructions and edit the Account alias, then click the OK button.
Note
When editing the Account alias, the current alias can no longer be used for Console login URL.
After editing, if the alias is not used in another Account, you can use the previous alias again.
Deleting Account Alias
You can delete the Account alias in the Service Home > Account widget of IAM.
- Click on the All Services > Management > IAM menu. This will take you to the Service Home page of IAM.
- On the Service Home page, click the Delete button for the Account alias in the Account widget. This will take you to the Delete Account Alias popup window.
- In the Delete Account Alias popup window, confirm the instructions and click the OK button.
Warning
Deleting the Account alias will prevent IAM users from logging in using the Account alias.
- The IAM login URL will also be unavailable.
1 - User Group
The user can enter the essential information of the user group and select detailed options through the Samsung Cloud Platform Console to create the corresponding service.
Create a user group
To create a user group, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the Create User Group button. It moves to the Create User Group page.
- Basic Information Input, Add User, Policy Link, Additional Information Input area, please enter the necessary information.
| Classification | Necessity | Detailed Description |
|---|
| User Group Name | Required | Enter User Group Name- Use a value between 3 and 24 characters using Korean, English, numbers, and special characters (
+=,.@-_) to input
|
| Description | Select | Description of the user group name- A detailed description of the user group name, up to 1,000 characters can be entered
|
| User | Select | User to add to the user group- The list of users registered in the account is retrieved, and when the check box is selected, the user name of the selected user is displayed at the top of the screen
- By clicking the X button for each user at the top of the screen or unchecking the check box in the user list, the selection of the selected user is canceled
- If there are no users to add, click Create User at the bottom of the user list to proceed with new user registration first
- After user creation is complete, the user list is refreshed, and when the user is retrieved, user selection is possible
- For more information on creating a user group, see Create User
|
| Policy | Select | Policy to be linked to the user group- The list of policies registered in Account is retrieved, and if the check box is selected, the policy name of the selected policy is displayed at the top of the screen
- At the top of the screen, you can cancel the selection of the policy by clicking the X button for each policy or unchecking the check box in the policy list
- If there is no policy to be linked, click Policy Creation at the bottom of the policy list to proceed with new policy registration first
- After policy creation is complete, the policy list is refreshed, and if the policy is retrieved, policy selection is possible
|
| Tag | Selection | Tags to add to the user group- Up to 50 tags can be added per resource
|
Table. Input Items for Creating User Group Information
- Complete button click. Move to the User Group List page.
In the user group, you can check and modify the user group list and detailed information. The User Group Details page consists of Basic Information, Users, Policies, Tags tabs.
To check the detailed information of the user group service, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the user group name to check the detailed information. It moves to the User Group Details page.
- User Group Details page displays basic information, and consists of Basic Information, User, Policy, Tag tabs.
User Group List page where you can check the basic information of the selected user group, and modify the user group name and description if necessary.
| Classification | Detailed Description |
|---|
| Service | Service Name |
| Resource Type | Resource Type |
| SRN | Unique resource ID in Samsung Cloud Platform |
| Resource Name | Resource Name- In the user group, it means the user group name
|
| Resource ID | Unique Resource ID |
| Creator | The user who created the service |
| Creation Time | The time when the service was created |
| Editor | User who modified the service information |
| Revision Time | Time when service information was revised |
| User Group Name | The name of the user group |
| Description | A description of the user group name |
Table. Basic information tab items of user group
User
User Group List page where you can check the users included in the selected user group, and add or delete users as needed.
- User for more information about the user, please refer to User
| Classification | Detailed Description |
|---|
| Exclusion | Exclude users from the user group- Activated when selecting a user from the user list
|
| Add User | Add another user to the user group- When the button is clicked, it moves to the Add User page
|
| User Name | User’s Name |
| User Group | Number of user groups the user belongs to- Clicking on an item allows you to check the name of the user group it belongs to
|
| Creation Time | The time when the user was created |
Table. User Group Details - User Tab Items
Policy
User Group List page where you can check the policy linking information of the selected user group and modify the policy linking information for the user group if necessary.
- Policy details can be found in the policy guide.
| Classification | Detailed Description |
|---|
| Release Connection | Release the connection of the selected policy- Activated when a policy is selected from the policy list
|
| Policy Connection | Connect a new policy to a user group- When the button is clicked, it moves to the Policy Connection page
|
| policy name | the name of the policy |
| Policy Type | Type of connected policy- Basic: basic policy provided by Samsung Cloud Platform
- Custom: policy created directly by the user
|
| Description | Description of the policy |
| Creation Time | The time when the policy was created |
| Revision Time | Time when the policy was revised |
Table. User Group Details - Policy Tab Items
Tag
User Group List page where you can check the tag information of the selected user group, and add, change or delete it.
| Classification | Detailed Description |
|---|
| Tag List | Tag list- Check Key, Value information of the tag
- Up to 50 tags can be added per resource
- Search and select from existing Key and Value lists when entering tags
|
Table. User Group Tag Tab Items
Managing User Groups
You can change the name of the user group, add users, attach policies, or modify tags.
If management of the user group is required, you can perform tasks from the user group list or user group details page.
You can modify the name and description of the user group.
To modify the name and description of a user group, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the user group name to modify the basic information. It moves to the User Group Details page.
- User Group Details page, check the basic information to be modified, and then click the Modify button.
- User Group Name: You can change the user group name. When the Edit button is clicked, the Edit User Group Name popup window opens.
- Description: you can modify the description of the user group. when the Modify button is clicked, the Description Modification popup window opens.
- In the popup window, modify it to the content to be changed, then click the Confirm button.
Managing Users
You can add or remove users from the user group.
Add User
To add a user to a user group, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the user group name to add a user. It moves to the User Group Details page.
- User Group Details page, click the User tab. It moves to the User tab.
- User tab, click the Add User button, and move to the Add User page.
- Add User page’s User list, select the user you want to add, then click the Complete button. A popup window announcing the addition of the user will open.
| Classification | Detailed Description |
|---|
| Added user | Display users included in the user group |
| User | Select a user to add to the user group from the list of users registered in the Account- When you select a check box, the name of the selected user group is displayed at the top of the list
- You can cancel the user by clicking the X button for the added user name at the top of the list or by unchecking the check box in the user list
- If the desired user is not available, click the Create User item at the bottom of the user list to register a new user first
- After user creation is complete, you can refresh the user list and select the created user
|
Table. Additional User Details
- In the popup window notifying user addition, click the Confirm button. You can check the added user in the list of the User tab.
Excluding Users
To exclude a user from a user group, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the user group name to exclude the user. It moves to the User Group Details page.
- User Group Details page, click the User tab. It moves to the User tab.
- User tab, select the user to be excluded from the list of users to be retrieved, and click the Exclude User button.
- The selected user is excluded and the user list is newly retrieved.
Managing Policies
You can attach a policy to a user group or detach an attached policy.
Connect Policy
To link a policy to a user group, follow these procedures.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the user group name to link the policy, it moves to the User Group Details page.
- User Group Details page, click the Policy tab. It moves to the Policy tab.
- Policy tab, click the Policy Link button. It moves to the Policy Link page.
- Select the policy to link to the user group, then click the Complete button. A popup window announcing the policy connection will open.
| Classification | Detailed Description |
|---|
| Connected Policy | Displays policies directly connected to the user group |
| Policy | Select a policy to be linked to the user group from the list of policies registered in the Account- When you select a check box, the selected policy name is displayed at the top of the list
- You can cancel the policy by clicking the X button of the added policy name at the top of the list or by unchecking the check box in the policy list
- If there is no policy to link, click the Create Policy item at the bottom of the policy list to register a new policy first
- After policy creation is complete, you can refresh the policy list and select the created policy
|
Table. Policy Link Details
- Click the Confirm button in the pop-up window notifying policy connection. You can check the connected policy in the list of the Policy tab.
Policy Disconnection
To detach a policy from a user group, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the user group name to detach the policy link, it moves to the User Group Details page.
- User Group Details page, click the Policy tab. It moves to the Policy tab.
- Policy tab where you can select the policy to be disconnected from the list of policies and click the Disconnect button.
- The selected policy will be disconnected and the policy list will be retrieved again.
You can modify the tags of the user group.
To modify tags in the user group, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home 페이지에서 User Group 메뉴를 클릭하세요. User Group List 페이지로 이동합니다.
- User Group List page, click the user group name to modify the tag information. It moves to the User Group Details page.
- User Group Details page, click the Tags tab. It moves to the Tags tab.
- Tag tab, click the Edit Tag button.
- After adding or modifying the tag, click the Save button. A popup window announcing the tag modification will open.
- You can modify the Key, Value of the previously registered tag.
- Add tag button to click to add a new tag.
- Clicking the X button in front of the added tag will delete the tag.
- Confirm button should be clicked. You can check the modified tag information from the list.
Delete user group
To delete a user group, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- User Group List page, click the user group name to be deleted, it moves to the User Group Details page.
- User Group Details page, click the Delete User Group button.
- The user group is deleted, and it moves to the User Group List page.
To delete multiple user groups simultaneously, follow the procedure below.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User Group menu. It moves to the User Group List page.
- Check the user groups to be deleted from the user group list.
- Confirm the selected user groups, and click the delete button.
- The selected user groups are deleted and the User Group List page is refreshed.
2 - User
The user can enter the required information of the policy and select detailed options through the Samsung Cloud Platform Console to create the corresponding service.
Create User
To create a user, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the Create User button. It moves to the Create User page.
- User Creation page’s Basic Information Input, Authority Setting, Additional Information Input area, enter the necessary information, then click the Complete button. A pop-up window announcing user creation will open.
| Classification | Necessity | Detailed Description |
|---|
| username | required | user’s name- use English letters, numbers and special characters (
+=,.@-_) to enter a value within 64 characters
|
| Description | Select | Description of the username- A detailed description of the username, up to 1,000 characters can be entered
|
| Password | Required | The method of creating a password for the user to use is two-fold.- Automatic Generation: The password is automatically generated and can be checked at the time of user creation
- Direct Input: Enter the password directly
|
| Password change setting | Selection | Password change setting when user logs in for the first time- If not set, the user cannot change the password at the first login, and it can be set again through password reset
|
| Add to user group | Select | Select a user group to include users from the list of user groups registered in the account- When you select a check box, the name of the selected user group is displayed at the top of the list
- The added user group name at the top of the list can be canceled by clicking the X button or by unchecking the check box in the user group list
- If there is no user group to connect, click the Create User Group item at the bottom of the user group list to register a new user group first
- After user group creation is complete, you can refresh the user group list and select the created user group
|
| Policy Direct Connection | Select | Select a policy to directly connect to the user from the list of policies registered in the Account- When you select the check box, the selected policy name is displayed at the top of the list
- The X button next to the policy name added to the top of the list can be clicked, or the check box in the policy list can be unchecked to cancel the policy
- If there is no policy to connect, click the Create Policy item at the bottom of the policy list to register a new policy first
- After policy creation is complete, the policy list can be refreshed and the created policy can be selected
|
| Tag | Selection | Tags to add to the user group- Up to 50 tags can be added per resource
|
Table. User-generated information input items
5. In the popup window notifying user creation, click the
Confirm button. The
IAM User Login Information popup window will open.
6. After checking the IAM user login information, click the
Confirm button. It moves to the
User List page.
| Classification | Detailed Description |
|---|
| Account ID | Account ID value |
| User Name | Created User Name |
| password | the password of the authenticated user- view icon to check the password
|
| IAM user login URL | IAM user’s login URL information |
| Excel Download | Download IAM user login information as an Excel file |
| Email transmission | An Excel file containing IAM user login information is sent via email- After clicking the button, enter the email address to receive the email
|
Table. IAM user login information items
Password Creation Rules
- Uppercase letters (English), lowercase letters (English), numbers, special characters (
! @ # $ % & * ^) must each be included at least once. - The length is 9~20 characters.
- ID or username cannot be used as a password.
- The same character cannot be used three times or more.
- Easily guessable passwords cannot be used.
- Recently used passwords cannot be used.
- 4 characters or more of consecutive characters/numbers cannot be used.
- The password change cycle is 90 days.
Check user details
In the user section, users can check and modify the user list and detailed information. The User Details page consists of Basic Information, User Group, Tags tabs.
To check the detailed information of the user service, please follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to check the detailed information. It moves to the User Details page.
- User Details page displays basic information, and consists of Basic Info, User, Policy, Tags tabs.
User List page where you can check the basic information of the selected user, and if necessary, modify the user’s description and options.
| Classification | Detailed Description |
|---|
| Service | Service Name |
| Resource Type | Resource Type |
| SRN | Unique resource ID in Samsung Cloud Platform |
| Resource Name | Resource Name- it means user name in user
|
| Resource ID | Unique Resource ID |
| Creator | The user who created the service |
| Creation Time | The time when the service was created |
| Editor | User who modified the service information |
| Revision Time | Time when service information was revised |
| User Name | The user’s name |
| Last Login | The time when the user last logged in |
| Description | A description of the username |
| Password | The last time the password was changed |
| Password Reuse Restriction | Restricts the reuse of recently used passwords- Edit icon can be clicked to change the number of password history to be restricted
|
| Email | Email Verification Status |
| Mobile Phone Number | Mobile Phone Number Authentication Status |
Table. User Details - Basic Information Tab Items
User Group
User List page, you can check the user group registered to the selected user and add or exclude the user group if necessary.
- User Group details can be found in User Group please refer to it.
| Classification | Detailed Description |
|---|
| Exclusion | Exclude the user from the user group- Activated when selecting a user group from the user group list
|
| Add User Group | Add users to another user group- When the button is clicked, it moves to the Add User Group page
|
| User Group Name | Name of the User Group |
| Connected Policies | Number of policies connected to the user group- Clicking on an item allows you to check the connected policy name and move to the corresponding Policy Details page
|
| Description | Description of the user group |
| Revision Time | Time when the user group was revised |
Table. User Details - User Group Tab Items
Policy
User List page where you can check the policy information of the selected user, and add, change or delete it.
| Classification | Detailed Description |
|---|
| Release Connection | Release the connection of the selected policy- Activated when selecting a policy from the policy list
|
| View more | You can remove the direct connection or exclude from the user group- Remove direct connection: If the connection method is direct, remove the direct connection of this policy
- Exclude from user group: Exclude the user from the user group
|
| Policy Connection | Connect a new policy to the user- When the button is clicked, move to the Policy Connection page
|
| Policy Name | Policy’s Name- Click on the policy name to check the policy details page
|
| Type | Type of Policy |
| Description | Description of the policy |
| Connection Method | Policy Connection Method- Direct: User is directly connected to the policy
- Group: Connected to the policy through a group
- Direct, Group: Both direct connection and group connection are applied
- When a group name is selected, it moves to the detailed page of the corresponding group
|
| Revision Time | The time when the policy was last revised |
Table. User Details - Policy Tab Items
Tag
User List page where you can check the tag information of the selected user, and add, change or delete it.
| Classification | Detailed Description |
|---|
| Tag List | Tag list- Check Key, Value information of the tag
- Up to 50 tags can be added per resource
- Search and select from existing Key and Value lists when entering tags
|
Table. User Details - Tags Tab Items
Managing Users
You can change the user’s basic information, add a user group, or modify tags.
If management of the user is required, you can perform tasks from the user list or user details page.
You can modify the user’s basic information.
Caution
The username cannot be modified.
Modify the description
To modify the user’s description, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to modify the description, it will move to the User Details page.
- User Details page where you check the description, and click the Edit description button. Edit Description popup window opens.
- Description Modification In the popup window, change the description content and then click the Confirm button.
Modify password
To modify the user’s password, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to modify the password. It moves to the User Details page.
- User Details page, click the Modify password button. Password Reset popup window opens.
- After modifying the password, click the Confirm button. The IAM User Login Information popup window will open.
- Password has the following 2 settings.
- Auto Generation: A random password will be generated.
- Direct Input: It will be created with the password directly entered by the user. It must include at least one of each: uppercase letters (English), lowercase letters (English), numbers, and special characters (
! @ # $ % & * ^). Please refer to the password creation rules. - Password change settings: It is recommended to change the password when logging in for the first time after resetting the password.
Password Creation Rules
- Uppercase letters (English), lowercase letters (English), numbers, special characters (
! @ # $ % & * ^) must each be included at least once. - The length is 9~20 characters.
- ID or username cannot be used as a password.
- The same character cannot be used three times or more.
- Easily guessable passwords cannot be used.
- Recently used passwords cannot be used.
- 4 characters or more of consecutive characters/numbers cannot be used.
- The password change cycle is 90 days.
- After checking the user-generated information, click the Confirm button. The password change will be completed.
| Classification | Detailed Description |
|---|
| Account ID | Account ID value |
| User Name | Created User Name |
| password | password of the authenticated user- view icon to check the password
|
| IAM user login URL | IAM user’s login URL information |
| Excel Download | Download IAM user login information as an Excel file |
| Email transmission | An Excel file containing IAM user login information is sent via email- After clicking the button, enter the email address to receive the email
|
Table. IAM user login information items
Restricting password reuse
Specifies the number of password history to check so that recently used passwords cannot be reused.
To limit the reuse of a user’s password, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to modify the password reuse restriction, it will move to the User Details page.
- User Details page, click the Modify button to restrict password reuse. The Modify Password Reuse Restriction popup window will open.
- Password Reuse Restriction: Select the number of recent password history records to be used, as a number between 1 and 24.
- Confirmation button should be clicked. Password reuse restriction count change can be confirmed.
User Group Management
You can add or remove users from a user group.
Add User Group
To add a user to a user group, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to add to the user group. It moves to the User Details page.
- User Details page, click the User Group tab. It moves to the User Group tab.
- User Group tab, click the Add User Group button. It moves to the Add User Group page.
- Add User Group page’s User Group list, select the user group you want to add, then click the Complete button. A pop-up window announcing the addition of the user group will open.
| Classification | Detailed Description |
|---|
| Added user group | Display user groups that the user is included in |
| Add to user group | Select a user group to add users from the list of user groups registered in the Account- When you select a check box, the name of the selected user group is displayed at the top of the list
- You can cancel the added user group by clicking the X button at the top of the list or by unchecking the check box in the user group list
- If the desired user group does not exist, you can click the Create User Group item at the bottom of the user group list to register a new user group first
- After creating a user group, you can refresh the user group list and select the created user group
|
Table. Add User Group Detailed Items
- Click the Confirm button in the popup window notifying the addition of a user group. The added user group can be confirmed in the list of the User Group tab.
Excluding User Groups
To exclude a user from a user group, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click on the user name to be excluded from the user group. It moves to the User Details page.
- User Details page, click the User Group tab. It moves to the User Group tab.
- User Group tab, select the user group to be excluded from the list of user groups to be retrieved, and click the Exclude User Group button.
- The selected user group is excluded and the user group list is newly retrieved.
Managing Policies
You can link a policy to the user or unlink a linked policy.
Connect Policy
You can include the user in a user group to link policies or link directly to policies.
To link a policy to a user, follow the next procedure.
All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
Service Home page, click the User menu. It moves to the User List page.
User List page, click the username to link the policy. It moves to the User Details page.
User Details page, click the Policy tab. It moves to the Policy tab.
Policy tab, click the Policy Link button. It moves to the Policy Link page.
Select the user group and policy to connect to the user, then click the Complete button. A popup window announcing the policy connection will open.
| Classification | Detailed Description |
|---|
| Added user group | Displays the user group that the user is included in |
| Add to user group | Select a user group connected to the policy being used from the list of user groups registered in the Account- When you select a check box, the name of the selected user group is displayed at the top of the list
- You can cancel the selected user group by clicking the X button for the added user group name at the top of the list or by unchecking the check box in the user group list
- If the desired user group is not available, you can click the Create User Group item at the bottom of the user group list to register a new user group first
- After creating a user group, you can refresh the user group list and select the created user group
|
| Directly Linked Policies | Display policies directly linked to the user |
| Policy Direct Connection | Select a policy to directly connect to the user from the list of policies registered in the Account- If you select the check box, the selected policy name will be displayed at the top of the list
- The selected policy can be canceled by clicking the X button at the top of the list or by unchecking the check box in the policy list
- If there is no policy to connect, click the Create Policy item at the bottom of the policy list to register a new policy first
- After policy creation is complete, you can refresh the policy list and select the created policy
|
Table. Policy Link Details
Click the Confirm button in the pop-up window notifying policy connection. You can check the connected policy in the list of the Policy tab.
Policy Disconnection
You can release the policies connected to the user.
To release the policy linked to the user, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to detach the policy link, it will move to the User Details page.
- User Details page, click the Policy tab. It moves to the Policy tab.
- Policy list, select the policy to disconnect, then click the Disconnect button. A pop-up window notifying disconnection will open.
- More button is clicked, then you can either disable the directly connected policy or exclude only the user group that the user is included in.
- After checking the policy information to be disconnected, click the Confirm button. The policy will be disconnected.
Guide
Policies linked to a user group can be unlinked by excluding the user from the group. If a user is excluded from a user group, policies linked only through that group will have all links removed.
You can modify the user’s tag.
To modify tags from the user, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to modify the tag information. It moves to the User Details page.
- User Details page, click the Tags tab. It moves to the Tags tab.
- Tag tab, click the Edit Tag button.
- After adding or modifying the tag, click the Save button. A popup window announcing the tag modification will open.
- You can modify the Key, Value of the previously registered tag.
- Add tag button to click to add a new tag.
- Clicking the X button in front of the added tag will delete the corresponding tag.
- Confirm button, you can check the modified tag information from the list.
Delete user
To delete a user, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- User List page, click the username to be deleted, it will move to the User Details page.
- User Details page, click the Delete User button.
- the user is deleted, and it moves to the user list page.
To delete multiple users at the same time, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the User menu. It moves to the User List page.
- Check the users to be deleted from the user list.
- Confirm the selected users, and click the delete button.
- The selected users are deleted and the user list page is newly retrieved.
3 - Policy
The user can enter the required information of the policy and select detailed options through the Samsung Cloud Platform Console to create the corresponding service.
Create a policy
To create a policy, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the Create Policy button. It moves to the Create Policy page.
- Basic Information Input, Additional Information Input area, enter the required information, then click the Next button. It moves to the Permission Setting area.
| Classification | Mandatory | Detailed Description |
|---|
| Policy Name | Required | Policy Name Input- Use Hangul, English, numbers, and special characters (
+=,.@-_) to enter a value between 3 and 128 characters
|
| Description | Selection | A detailed description of the policy name- A detailed description of the policy name, up to 1,000 characters can be entered
|
| tag | selection | policy to add tag- up to 50 tags can be added per resource
|
Table. Policy Creation Information Input Items - Basic Information and Additional Information
- Select the service for which you want to set permissions. The permission settings item will be displayed under the name of the selected service.
- You can select the desired service or set up all services.
- Permission Setting area, please enter the required information.
| Classification | Mandatory | Detailed Description |
|---|
| control type | required | policy control type selection- Allow policy: a policy that allows the defined authorities
- Deny policy: a policy that denies the defined authorities
the deny policy is applied first to the same target |
| Action | Required | Select actions provided for each service- Actions that allow individual resource selection are displayed in purple
- Actions that target all resources are displayed in black
- Add Action Directly: Multiple actions can be specified at once using the Wildcard
*
|
| Applied Resource | Required | Resource to which the action is applied- All Resources: Apply to all resources for the selected action
- Individual Resource: Apply only to the specified resource for the selected action
- Individual resources are only possible when selecting individual resources during purple action selection
- Click the Add Resource button to specify the target resource by resource type
|
| Authentication Type | Required | Authentication method for the target users to apply the policy- All Authentication: Applies regardless of authentication method
- API Key Authentication: Applies to users who use API key authentication
- Session Key Authentication, Console Login: Applies to users who use session key authentication or console login
|
| Applied IP | Required | IP that allows policy application- Custom IP: IP that users directly register and manage
- Applied IP: IP that users directly register and apply policies, which can be registered in IP address or range format
- Excluded IP: IP to be excluded from Applied IP, which can be registered in IP address or range format
- All IP: Does not restrict IP access
- Allows access to all IPs, but if an exception is needed, Excluded IP can be registered to restrict access to registered IPs
|
| Additional Conditions | Select | Add conditions for Attribute-Based Access Control (ABAC)- Condition Key: Select from Global Condition Key and Service Condition Key list
- Qualifier: Default, Any value in request, All values in request
|
Table. Policy Creation Information Input Items - Authority Settings
Caution
In the authority setting, it provides basic mode and JSON mode.
- Basic Mode에서 작성 후 JSON Mode 진입 또는 화면 이동 시, becomes * When entering JSON Mode or moving the screen after writing in Basic Mode, identical services are integrated into one and services with incomplete settings are deleted.
- JSON mode content written in a format that does not match JSON format cannot be converted to default mode.
- Authority Setting area, please select the service to set the authority first.
- Policy Import allows you to create a policy by importing an existing registered policy. For more information on Policy Import, please refer to Policy Import.
- Next button will be clicked. It moves to the Input Information Confirmation page.
- Check the input information and click the Complete button. It will move to the Policy List page.
Policy Import
You can bring in existing policies and refer to them when creating policies. To bring in existing policies, follow these steps.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the Create Policy button. It moves to the Create Policy page.
- Basic Information Input, Additional Information Input area, please enter the necessary information.
- Next button click. It moves to the Permission Settings area.
- Policy Import button is clicked. Policy Import popup window opens.
- The list of policies registered in the Account will be retrieved. Select the policy you want to import and click Confirm.
- The imported policy is entered in the permission setting area and can be edited.
Note
Policy Import will be executed, then all previously entered contents will be deleted and replaced with the setting values of the selected policy.
Registering individual resources as applied resources
Authority Setting area where you can register individual resources as applied resources. To register individual resources as applied resources, follow the next procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the Create Policy button. Move to the Create Policy page.
- Basic Information Input, Additional Information Input area, please enter the necessary information.
- Next button click. It moves to the Permission Settings area.
- Authorization settings area, select the service to set authorization.
- Action 선택에서 Individual Resource 선택이 가능한 Action을 선택하세요.
- Actions that allow individual resource selection are displayed in purple.
- Applied Resources에서 Individual Resource을 클릭하세요.
- Resource Addition button should be clicked. Resource Addition popup window will be opened.
- Resource Addition tab where you add resources to apply policies. Resource addition is possible in two ways: Resource Selection, Direct Input.
- Resource Selection: Checks and selects resources retrieved by resource type.
- Direct Input: Add the target resource by directly entering it by resource type.
- Wildcard
*, ? can be used. Select all is checked, all resources of the corresponding resource type are added, and subsequently newly added resources are also automatically included.
Reference
When you change the additional method, the entered contents will be deleted.
- Check the input information and click the Confirm button.
Check policy details
In the policy, you can check and modify the policy list and detailed information. The policy details page consists of basic information, permissions, connected targets, tags tabs.
To check the detailed information of the policy service, follow the next procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click on the policy name to check the detailed information. It moves to the Policy Details page.
- Policy Details page displays basic information, and consists of Basic Information, Authorities, Connection Targets, Tags tabs.
Policy List page where you can check the basic information of the selected policy and modify the policy name and description if necessary.
| Classification | Detailed Description |
|---|
| Service | Service Name |
| Resource Type | Resource Type |
| SRN | Unique resource ID in Samsung Cloud Platform |
| Resource Name | Resource Name- In policies, it means policy name
|
| Resource ID | Unique Resource ID |
| Creator | The user who created the service |
| Creation Time | The time when the service was created |
| Editor | User who modified the service information |
| Revision Time | The time when service information was revised |
| Policy Name | The name of the policy |
| Policy Type | Type of policy- Basic: basic policy provided by Samsung Cloud Platform
- User-defined: policy created directly by the user
|
| Description | Description of the policy name |
Table. Policy Details - Basic Information Tab Items
Authority
Policy List page where you can check the authority information of the selected policy and modify the authority if necessary.
- Authority information to confirm the service name’s unfold button is clicked, detailed policy information will be displayed.
Note
In the permission settings, it provides basic mode and JSON mode.
| Classification | Detailed Description |
|---|
| Modify Authority | Authority modification is possible- When the button is clicked, it moves to the Authority Modification page
- For more information on authority modification items, refer to Create Policy
|
| View Mode | Policy Control Type- Default Mode: Displays policy items and detailed information in the default UI
- JSON Mode: Displays in JSON editor style
|
| Control Type | Policy Control Type- Allow Policy: a policy that allows defined authorities
- Deny Policy: a policy that denies defined authorities
|
| Action | Functions provided for each service that is the target of the policy |
| Applied Resource | Resource to which the action is applied- All Resources: Apply to all resources for the selected action
- Individual Resource: Apply only to the specified resource for the selected action
|
| Authentication Type | Authentication method for the target users to apply the policy- All Authentication: Applies regardless of the authentication method
- API Key Authentication: Applies to users who use API key authentication
- Temporary Key Authentication, Console Login: Applies to users who use temporary key authentication or console login
|
| Applied IP | IP that allows policy application- Custom IP: IP that users directly register and manage
- Applied IP: IP that users directly register for policy application, which can be registered in IP address or range format
- Excluded IP: IP to be excluded from Applied IP, which can be registered in IP address or range format
- All IP: Does not restrict IP access
- Allows access to all IPs, but if an exception is needed, Excluded IP can be registered to restrict access to the registered IP
|
Table. Policy Details - Permissions Tab Items
Connection target
Policy List page where you can check the user groups registered for the selected policy, and add or exclude user groups as needed.
- User Group details can be found in User Group please refer to it.
| Classification | Detailed Description |
|---|
| User | List of users connected to the policy- User name, user group, and creation time can be checked
- When the Connect User button is clicked, it moves to the Connect User page
- For more information about connecting users, refer to Connect User
- Disconnect is possible by selecting a user from the list and clicking the Disconnect button
|
| User Group | List of user groups linked to the policy- User group name, linked policy, description, and modification time can be checked
- When the Link User Group button is clicked, it moves to the Link User Group page
- It is possible to unlink by selecting a user group from the list and clicking the Unlink button
|
| Role | Display a list of roles linked to the policy- Role name, linked policy, description, and modification time can be checked
- When the Role Link button is clicked, it moves to the Role Link page
- It is possible to disconnect the link by selecting a role from the list and clicking the Disconnect button
|
Table. Policy Details - Connected Target Tab Items
Tag
Policy List page where you can check the tag information of the selected policy, and add, change or delete it.
| Classification | Detailed Description |
|---|
| Tag List | Tag list- Check Key, Value information of tag possible
- Up to 50 tags can be added per resource
- Search and select from existing Key and Value lists when entering tags
|
Table. Policy Details - Tags Tab Items
Managing Policies
You can change the name of the policy, or modify permissions, connection targets, or tags.
If management of policies is required, you can perform tasks from the policy list or policy details page.
You can modify the name and description of the policy.
To modify the policy name and description, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the policy name to modify the basic information. It moves to the Policy Details page.
- Policy Details page, check the basic information to be modified, and then click the Modify button.
- Policy Name: You can change the policy name. When the Edit button is clicked, the Edit Policy Name popup window opens.
- Description: You can modify the description of the policy. When the Modify button is clicked, the Description Modification popup window opens.
- Modify the content to be changed in the popup window, then click the Confirm button.
Managing Permissions
You can modify the authority of the policy. To modify the authority of the policy, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the policy menu. It moves to the policy list page.
- Policy List page, click the policy name to modify the policy authority. It moves to the Policy Details page.
- Policy Details page, click the Authority tab. It moves to the Connection Authority tab.
- Policy Details page, click the Edit Permissions button. It moves to the Edit Permissions page.
- Modify Authority page where you modify the necessary authority, click the Next button. It moves to the Check Input Information page.
- For a detailed description of each item in the authorization information, please refer to Creating a Policy.
- Input Information Confirmation page, confirm the modified authority information and click the Complete button. Move to the Authority tab.
Managing User Connections
- Policy > Connected Targets tab where you can check the users registered in the policy and connect or disconnect users as needed.
- User for more information about the user, please refer to User
Connect User
To connect a user to a policy, follow the next procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home 페이지에서 Policy 메뉴를 클릭하세요. Policy List 페이지로 이동합니다. should be translated to: 2. Service Home page, click the Policy menu. It moves to the Policy List page.
So the correct translation is: 2. Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the policy name to link the user. It moves to the Policy Details page.
- Policy Details page, click the Connection Target tab. It moves to the Connection Target tab.
- Connection Target tab, click the User Connection button, move to the User Connection page.
- User Connection page’s User list, select the user you want to connect to, then click the Complete button. A pop-up window announcing the user connection will open.
| Classification | Detailed Description |
|---|
| Connected User Group | Display users connected to the policy |
| User Group | Select a user to link the policy from the list of users registered in the Account- When you select a check box, the selected user name is displayed at the top of the list
- You can cancel the selected user by clicking the X button for the added user name at the top of the list or by unchecking the check box in the user list
- If the desired user is not available, you can click the Create User item at the bottom of the user list to register a new user first
- After user creation is complete, you can refresh the user list and select the created user
|
Table. User Connection Details
7. Click the
Confirm button in the pop-up window that notifies the user connection. You can check the connected user in the list of the
User tab.
Disconnecting the user
To disconnect a user’s connection linked to the policy, follow the next procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the policy menu. It moves to the policy list page.
- Policy List page, click the policy name to disconnect the user connection. It moves to the Policy Details page.
- Policy Details page, click the Connection Target tab. It moves to the Connection Target tab.
- Connection Target tab, select the user to disconnect from the list of user groups, then click the Disconnect button. A pop-up window notifying disconnection will open.
- Click the Confirm button in the pop-up window to notify the disconnection. The connection of the selected user will be released and the user group list will be refreshed.
Managing User Group Connections
- Policy > Connected Targets tab where you can check the user groups registered in the policy, and connect or disconnect user groups as needed.
- User Group details can be found in the User Group guide.
Connect User Group
To link a user group to a policy, follow these procedures.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click on the policy name to link the user group. It moves to the Policy Details page.
- Policy Details page, click the Connection Target tab. It moves to the Connection Target tab.
- Connection Target tab, click the User Group Connection button, and move to the User Group Connection page.
- User Group Linking page, select the user group you want to link from the User Group list, then click the Complete button. A popup window announcing the user group connection will open.
| Classification | Detailed Description |
|---|
| Connected User Group | Displays the user group connected to the policy |
| User Group | Select a user group to link the policy from the list of user groups registered in the Account- When you select the check box, the selected user group name is displayed at the top of the list
- You can cancel the selected user group by clicking the X button for the added user group name at the top of the list or by unchecking the check box in the user group list
- If the desired user group is not available, you can click the Create User Group item at the bottom of the user group list to register a new user group first
- After creating a user group, you can refresh the user group list and select the created user group
|
Table. User Group Link Details
7. Click the
Confirm button in the popup window notifying the user group connection. You can check the connected user group in the list of the
User Group tab.
Disconnecting User Groups
To disconnect the connection of the user group connected to the policy, follow the following procedure.
- All services > Management > IAM menu should be clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the policy menu. It moves to the policy list page.
- Policy List page, click the policy name to release the user group link, it moves to the Policy Details page.
- Policy Details page, click the Connection Target tab. It moves to the Connection Target tab.
- Connection Target tab, select the user group to disconnect from the list of user groups, then click the Disconnect button. A pop-up window notifying disconnection will open.
- Click the Confirm button in the pop-up window to notify the disconnection. The connection of the selected user group will be released and the user group list will be refreshed.
Role Connection Management
- Policy > Connected Targets tab where you can check the roles registered in the policy, and connect or disconnect roles as needed.
- Role details can be found in the role guide.
Connecting Roles
To link a role to a policy, follow these procedures.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the policy menu. It moves to the policy list page.
- Policy List page, click on the policy name to link the role. It moves to the Policy Details page.
- Policy Details page, click the Connection Target tab. It moves to the Connection Target tab.
- Connection Target tab, click the Role Binding button, move to the Role Binding page.
- Role Connection page’s Role list, select the role you want to connect, then click the Complete button. A pop-up window announcing the role connection will open.
| Classification | Detailed Description |
|---|
| Connected Role | Display roles connected to the policy |
| Role | Select a role to link policies from the list of roles registered in the Account- When you select the check box, the selected role is displayed at the top of the list
- You can cancel the role by clicking the X button added to the top of the role name list or by unchecking the check box in the role
- If the desired role is not available, you can click the Create Role item at the bottom of the role list to register a new role first
- After role creation is complete, you can refresh the role list and select the created role
|
Table. Detailed Items of Role Linkage
7. Click the
Confirm button in the popup window notifying the role connection. You can check the connected role in the list of the
Role tab.
Disconnecting Roles
To disconnect the connection of a role connected to a policy, follow the following procedure.
- All services > Management > IAM menu should be clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the policy name to release the role link, it will move to the Policy Details page.
- Policy Details page, click the Connection Target tab. It moves to the Connection Target tab.
- Connection Target tab, select the role to disconnect from the list of roles and click the Disconnect button. A pop-up window notifying disconnection will open.
- Click the Confirm button in the pop-up window to notify the disconnection. The connection of the selected role will be released and the role list will be refreshed.
Tag management
You can modify the tags of the policy.
To modify tags in the policy, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the policy name to add a user. It moves to the Policy Details page.
- Policy Details page, click the Tags tab. It moves to the Tags tab.
- Tag tab, click the Edit Tag button.
- After adding or modifying the tag, click the Save button. A popup window announcing the tag modification will open.
- You can modify the Key, Value of the previously registered tag.
- Add tag button to click on to add a new tag.
- Clicking the X button in front of the added tag will delete the tag.
- Confirm button, you can check the modified tag information from the list.
Policy deletion
To delete a policy, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Policy menu. It moves to the Policy List page.
- Policy List page, click the policy name to be deleted. It moves to the Policy Details page.
- Policy Details page, click the Delete Policy button.
- The policy is deleted, and it moves to the policy list page.
To delete multiple policies at the same time, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the policy menu. It moves to the policy list page.
- Select the policy to delete from the policy list.
- Confirm the selected policies and click the policy deletion button.
- The selected policies are deleted and the policy list page is newly retrieved.
4 - Role
The user can create a role with separate permissions and switch from their own account to another role to access the Account.
Creating a role
To create a role, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the role menu. It moves to the role list page.
- Role List page, click the Create Role button. It moves to the Create Role page.
- Role Creation page where you enter information for role creation, click the Complete button.
- Basic Information Input를 입력하세요.
| Classification | Necessity | Detailed Description |
|---|
| Role Name | Required | Enter the name of the role- Use English letters, numbers, and special characters (
+=-_@,.) to enter within 64 characters
|
| Description | Selection | Enter a description of the role within 1,000 characters |
| Maximum session persistence time | Required | Enter the session time allowed for the user when switching roles in the console- Time selection: 1 hour, 2 hours, 4 hours, 8 hours, 12 hours
- Job input: Input possible in seconds from 3,200 seconds (1 hour) to 43,200 seconds (12 hours)
|
Table. Basic Information Items for Role Creation
- Execution Entity를 연결하세요.
| Classification | Mandatory | Detailed Description |
|---|
| Classification | Essential | Select the performing entity- Current Account, Different Account, User SRN, Credential Provider, Service
|
| Value | Required | Enter the Value value for the performing entity- Current Account: Display the current Account ID
- Different Account: Enter the Account ID to use this role
- User SRN: Enter the SRN of the user registered in the Console
- Credential Provider: Select the credential provider name
- Service: Select Virtual Server or Cloud Functions
|
| Add | Select | A button to add the performing entity- Up to 20 additional connections are possible
|
Table. Role Creation Performing Subject Connection Items
- Policy을 연결하세요 -> * Connect the policy.
| Classification | Mandatory | Detailed Description |
|---|
| Policy | Required | Select a policy to link to the role- If you select the check box, the selected policy name will be displayed at the top of the list
- You can cancel the policy by clicking the X button for the added policy name at the top of the list or by unchecking the check box in the policy list
- If there is no policy to link, you can click the Create Policy item at the bottom of the policy list to register a new policy first
- After policy creation is complete, you can refresh the policy list and select the created policy
|
Table. Role Creation Policy Link Items
- Additional information를 입력하세요.
| Classification | Mandatory | Detailed Description |
|---|
| Tag | Selection | Tags to add to the role- Up to 50 tags can be added per resource
|
Table. Role Creation Additional Information Items
- When the popup window notifying role creation opens, click the Confirm button.
Role List page where you can check and modify the detailed information of the selected role.
To check the detailed information of the role, follow the next procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the role menu. It moves to the role list page.
- Role List page, click the identity provider to verify. It moves to the Identity Provider Details page.
- Role Details page displays basic information, and consists of Basic Information, Performing Entity, Policy, Tag tabs.
You can check and modify the basic information of the role.
| Classification | Detailed Description |
|---|
| Service | Service Name |
| Resource Type | Resource Type |
| SRN | Unique resource ID in Samsung Cloud Platform |
| Resource Name | Resource Name |
| Resource ID | Unique Resource ID |
| Creator | The user who created the service |
| Creation Time | The time when the service was created |
| Modifier | User who modified the service information |
| Revision Time | The time when service information was revised |
| Role Name | Role’s Name |
| Description | Description of the role proof provider- Edit button to change description possible
|
| Maximum session duration | The role session duration allowed for an IAM user switching roles in the Console- Edit button can be clicked to change the duration
- Time selection: 1 hour, 2 hours, 4 hours, 8 hours, 12 hours
- Job input: Input possible in seconds from 3,200 seconds (1 hour) to 43,200 seconds (12 hours)
|
Table. Role Details - Basic Information Tab Items
You can confirm and manage the subject of role performance.
| Classification | Detailed Description |
|---|
| Division | Name of the executing entity |
| Value | Value of the performing entity |
| Modify Executor | Modify the executor button- When the button is clicked, it moves to the Executor Connection page
|
Table. Role Details - Performing Entity Tab Items
Policy
| Classification | Detailed Description |
|---|
| Disconnect | Disconnects the selected policy from the role- Activated when a policy is selected from the policy list
|
| Policy Connection | Connect a new policy to the role- When the button is clicked, move to the Policy Connection page
|
| Policy Name | Policy’s Name- Click on the policy name to check the policy details page
|
| Type | Type of Policy |
| Description | Description of the policy |
| Modification Time | The time when the policy was last modified |
Table. Role Details - Policy Tab Items
Tag
You can check, add, change, or delete the tag information of the credential provider.
| Classification | Detailed Description |
|---|
| Tag List | Tag list- Check Key, Value information of the tag
- Up to 50 tags can be added per resource
- Search and select from existing Key and Value lists when entering tags
|
Table. Role Supervisor - Tag Tab Items
Managing Roles
You can change the basic information of the role, or modify or delete the performing entity, connected policies, or tag information of the role.
You can modify the maximum session persistence time and description in the role details.
To modify the basic information, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the role menu. It moves to the role list page.
- Role List page, click the user role name to modify the basic information. It moves to the Role Details page.
- Role Details page, check the basic information to be modified, and then click the Modify button.
- Maximum session duration: You can set the role session duration allowed for an IAM user switching roles in the Console. When you click the Edit button, the Edit maximum session duration popup window opens.
- Description: You can modify the description of the role. When the Modify button is clicked, the Description Modification popup window opens.
- In the popup window, modify it to the content to be changed, then click the confirm button.
You can add, modify, or delete the subject of the role’s performance.
To manage the performing subject of a role, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the role menu. It moves to the role list page.
- Role List page, click the user name to modify the performing subject. It moves to the Role Details page.
- Role Details page, click the Performing Entity tab. It moves to the Performing Entity tab.
- Execution Entity tab, click the Modify Execution Entity button. It moves to the Modify Execution Entity page.
- Modify the performing entity page, modify the performing entity, and then click the Complete button. A pop-up window announcing the modification of the performing entity will open.
| Classification | Mandatory | Detailed Description |
|---|
| Classification | Essential | Select the performing entity- Current Account, Different Account, User SRN, Credential Provider, Service
|
| Value | Required | Enter the Value value for the performing entity- Current Account: Display the current Account ID
- Different Account: Enter the Account ID to use this role
- User SRN: Enter the SRN of the user registered in the Console
- Credential Provider: Select the credential provider name
- Service: Select Virtual Server or Cloud Functions
|
| Add | Select | Button to add the performing entity- Up to 20 additional connections can be added
- Performing entity can be deleted by clicking the X button of the added performing entity
|
Table. Items to be revised by the performing entity
- Click the Confirm button in the pop-up window notifying the modification of the performing entity. You can check the modified performing entity in the list of the Performing Entity tab.
Managing Policies
You can link policies to roles or unlink linked policies.
Connect Policy
You can link policies to a role.
To link a policy to a role, follow these procedures.
All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
Service Home page, click the role menu. It moves to the role list page.
Role List page, click the role name to link the policy. It moves to the User Detail page.
Role Details page, click the Policy tab. It moves to the Policy tab.
Policy tab, click the Policy Link button. It moves to the Policy Link page.
After selecting the policy to be linked to the role, click the Complete button. A popup window announcing the policy connection will open.
| Classification | Detailed Description |
|---|
| Connected Policy | Displays the policy connected to the role |
| Policy | Select a policy to be linked to the role from the list of policies registered in the Account- When you select a check box, the selected policy name is displayed at the top of the list
- The selected policy can be canceled by clicking the X button at the top of the list or by unchecking the check box in the policy list
- If there are no policies to link, click the Create Policy item at the bottom of the policy list to register a new policy first
- After policy creation is complete, you can refresh the policy list and select the created policy
|
Table. Policy Link Details
Click the Confirm button in the pop-up window notifying policy connection. You can check the connected policy in the list of the Policy tab.
Policy Disconnecting
You can release the policies connected to the user.
To release the policy linked to the user, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the role menu. It moves to the role list page.
- Role List page, click the role name to disconnect the policy link. It moves to the Role Details page.
- Role Details page, click the Policy tab. It moves to the Policy tab.
- Policy list, select the policy to disconnect, then click the Disconnect button. A pop-up window notifying disconnection will open.
- After checking the policy information to be disconnected, click the Confirm button. The policy will be disconnected.
You can add, modify, or delete the role’s tag.
To manage the role’s tags, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the Role menu. It moves to the Role List page.
- Role List page, click the role name to modify the tag information. It moves to the Role Details page.
- Role Details page, click the Tags tab. It moves to the Tags tab.
- Tag tab, click the Edit Tag button.
- After adding or modifying the tag, click the Save button. A popup window announcing the tag modification will open.
- You can modify the Key, Value of the previously registered tag.
- Add tag button to click and add a new tag.
- Clicking the X button in front of the added tag will delete the tag.
- Confirm button, you can check the modified tag information in the list.
Switching roles
To switch roles in the Samsung Cloud Platform Console, follow the following procedure.
Click the profile-shaped button at the top right of the Console. My menu popup window will open.
My menu popup window, click the role switch button. Role switch popup window opens.
Role Switching In the role switching popup window, enter the role switching information and click the Confirm button.
| Classification | Mandatory | Detailed Description |
|---|
| Account ID | required | Enter the Account ID that the user wants to enter with role switching |
| Role Name | Mandatory | Enter the role name that the user wants to enter through role switching |
| Alias | Select | Name to be used when the user enters with role switching |
| Color | Required | Select a color to use as the background of the Account when entering the role- Not selected: Apply the existing Account background color
|
Table. Role Transition Information Items
When the popup window notifying role switching opens, click the Confirm button.
Check the role
Console you can check the role information switched by clicking the profile-shaped button at the top right of the console.
| Provided Function | Description |
|---|
| Account ID | Account ID logged in to Samsung Cloud Platform Console |
| Role Name | Alias set when switching roles- If accessed by ID Center user as a role, it is displayed as Authority Set Name
- Session expiration time is displayed at the bottom
|
| Time Zone | Time zone set by the user- Example: Asia/Seoul (GMT +09:00)
- Edit Time Zone can be changed by clicking
|
| Account | Account information- For more detailed information, please refer to Account
|
| Cost Management | You can check the usage and billing details, payment history, and cost analysis, and manage Credits, budgets, Accounts, and payment methods |
| Login user information | Role switched IAM user name and user’s Account ID |
| Switch to my account | Switch to the IAM user account and move to the Console Home page- Display after role switching
|
| Role Switching | Can be switched to another role |
| Log out | Log out from Samsung Cloud Platform Console |
Table. My Info. items when role switching
Delete role
To delete a role, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the role menu. It moves to the role list page.
- Role List page, click the role name to be deleted. It moves to the Role Details page.
- Role Details page, click the Delete Role button.
- The role is deleted, and it moves to the role list page.
To delete multiple roles at the same time, follow the procedure below.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the role menu. It moves to the role list page.
- Check the role to be deleted from the role list.
- Confirm the selected role, and click the role deletion button.
- The selected role is deleted and the role list page is newly retrieved.
5 - Credential Provider
You can access and use the Account resource through an identity provider.
Creating a Credential Provider
To create a credential provider, follow these procedures.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the credential provider menu. It moves to the credential provider list page.
- Credential Provider List page, click the Create Credential Provider button. It moves to the Create Credential Provider page.
- Basic Information Input, Additional Information Input areas, enter the information and click the Confirm button.
| Classification | Mandatory | Detailed Description |
|---|
| Credential Provider Name | Required | Name of the credential provider- Enter a value within 128 characters using English, numbers, and special characters (
,-_)
|
| Description | Select | Enter a description of the identity provider within 1,000 characters |
| Type | Required | Select the type of authentication provider- SAML: Establish trust between Samsung Cloud Platform account and SAML 2.0 compatible authentication provider
|
| Metadata | Select | Attach a metadata file provided by the IdP, only one file can be uploaded by clicking the File Attach button- Only one file can be uploaded by clicking the File Attach button
- Only UTF-8 XML documents with a size of 10 MB or less can be uploaded
- The metadata must include the issuer name, expiration information, and the key for verifying SAML authentication responses received from the IdP
|
| Tag | Selection | Tags to be added to the authentication provider group- Up to 50 tags can be added per resource
|
Table. Input Items for Creating Credential Provider Information
Reference
Credential Provider from OIDC type is scheduled to be available in 2026.
- When the popup window notifying the creation of a credential provider opens, click the Confirm button.
Check the details of the certificate provider
You can check and modify the credential provider details. The Credential Provider page consists of Basic Information, Tags tabs.
To check the detailed information of the certification provider, follow the next procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the credential provider menu. It moves to the credential provider list page.
- Credential Provider List page, click the credential provider to check, it moves to the Credential Provider Details page.
- Credential Provider Details page displays basic information, and consists of Basic Information tab, Tags tab.
You can check and modify the basic information of the certification provider.
| Classification | Detailed Description |
|---|
| Service | Service Name |
| Resource Type | Resource Type |
| SRN | Unique resource ID in Samsung Cloud Platform |
| Resource Name | Resource Name- In the identity provider, it means the identity provider name
|
| Resource ID | Unique Resource ID |
| Creator | User who created the service |
| Creation Time | The time when the service was created |
| Editor | User who modified the service information |
| Revision Time | The time when service information was revised |
| Credential Provider Name | Credential provider’s name- Edit button to change the name
|
| Type | The type of credential provider |
| Description | Description of the identity provider- Edit button to change the description possible
|
| Login URL | Login URL |
| Metadata | Metadata- Metadata View button, when clicked, opens the currently applied metadata information in a popup window
- Modify button allows uploading metadata files by clicking
- Only UTF-8 XML documents under 10 MB can be uploaded
- Metadata must include the issuer name, expiration information, and the key for verifying SAML authentication responses received from the IdP
|
Table. Credential Provider Basic Information Tab Items
Reference
ID Center에서 사용 중인 자격 증명 공급자 정보는 수정할 수 없습니다 -> The credential provider information being used in the ID Center cannot be modified.
Tag
You can check, add, change or delete the tag information of the credential provider.
| Category | Detailed Description |
|---|
| Tag List | Tag list- Check Key, Value information of tag possible
- Up to 50 tags can be added per resource
- When entering a tag, search and select from the existing Key and Value list
|
Table. Credential Provider Tags Tab Items
Deleting Credential Providers
Guidance
ID Center에서 사용 중인 자격 증명 공급자 정보는 수정할 수 없습니다. -> ID Center에서 사용 중인 자격 증명 공급자 정보는 수정할 수 없습니다. is incorrect, here is the correct translation: The credential provider information currently in use at the ID Center cannot be modified.
To delete an identity provider, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the credential provider menu. It moves to the credential provider list page.
- Credential Provider List page, click the credential provider name to be deleted, it moves to the Credential Provider Details page.
- Credential Provider Details page, click the Delete Credential Provider button.
- The credential provider is deleted, and it moves to the Credential Provider List page.
To delete multiple identity providers at the same time, follow these steps.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the credential provider menu. It moves to the credential provider list page.
- Check the certification provider to be deleted from the list of certification providers.
- Confirm the selected credential provider and click the Credential Provider Delete button.
- The selected credential provider is deleted and the Credential Provider List page is refreshed.
6 - My Info.
My Info. provides the function of managing the user’s basic information and authentication key.
My Info. Check
The user can check and change the user’s basic information on the My Info screen, and manage the authentication key.
My Info.’s information to confirm, please follow the next procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page displays basic information, and it consists of basic information, user, policy, tag tabs.
Notice
My Info. page can be accessed from My menu > My Info. at the top of the Console screen and My Info. of Console Home.
My Info. > Basic Information tab where you can check the user’s basic information and modify email, password, mobile phone number, password reuse restriction, and time zone if necessary.
| Classification | Detailed Description |
|---|
| User Name | User’s Name |
| SRN | user’s SRN |
| Email | User’s Email |
| Mobile Phone Number | User’s Mobile Phone Number |
| Password | User’s password |
| Password Reuse Limit | Number of password reuse limits for users |
| Time Zone | User’s Time Zone |
| Terms of Service | User’s Name |
Table. Basic info tab items of My Info.
Notice
The way to modify basic information is to refer to
Modify Basic Information.
Key Management
My Info. > Authentication Key Management tab where you can check the user’s authentication key information and create an authentication key if necessary.
| Classification | Detailed Description |
|---|
| Authentication Key | Authentication key created by user |
| Security Settings | Security settings for authentication key- Authentication method: One-time key, Authentication key
- Access allowed IP: IP that controls user access
|
Table. My Info.'s authentication key management tab items
Access IP Control
My Info. > Access IP Control tab where you can register and manage accessible IPs.
| Classification | Detailed Description |
|---|
| Console access IP control | Whether to use the access IP control function- Modify button to change usage and register IP
- When using access IP control, only accessible from registered IP range to Console
|
| Access IP List | List of IPs that can access the Console |
Table. Access IP Control Tab Items
Notice
- The access IP control function can only be used by Root users and IAM users, it cannot be used by ID Center and roles.
- You can add and manage IPs even if you don’t use the access IP control feature.
My Info. > Basic Information tab where you can modify email, password, mobile phone number, password reuse restriction, and timezone.
Editing email
You can modify the user’s email.
To modify the user’s email, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s basic information tab, click edit email. edit email popup window will be opened.
- Email Modification popup window, enter the characters displayed for auto-input prevention and press the Confirm button.
- Email을 입력하고 Authentication 버튼을 클릭하세요. 입력된 Email로 인증번호가 발송됩니다.
- Enter the authentication number sent to the entered email and click the confirm button.
- Email modification popup window, click the Confirm button. Password confirmation popup window opens.
- Password Confirmation popup window, enter the password, then click the Confirm button. It moves to the Basic Information tab.
Caution
Please enter your email information accurately, if the authentication number is not received, please check the spam message box.
Modify password
You can modify the user’s password.
To modify the user’s password, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s basic information tab, click password modification. The password change popup window opens.
- Password Change popup window, enter Existing Password, New Password, and Password Confirmation.
- Password change popup window, click the Confirm button. It moves to the Basic Information tab.
Caution
Precautions when changing password
- Uppercase letters (English), lowercase letters (English), numbers, special characters (
! @ # $ % & * ^) must each be included at least once. - The length is 9~20 characters.
- ID or username cannot be used as a password.
- The same character cannot be used three times or more.
- Easily guessable passwords cannot be used.
- Recently used passwords cannot be used.
- 4 characters or more of continuous characters/numbers cannot be used.
- The password change cycle is 90 days.
Modify phone number
You can modify the user’s mobile phone number.
To modify the user’s mobile phone number, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s basic information tab, click the change mobile phone number button. The change mobile phone number popup window will open.
- Cell phone number change popup window, enter the characters shown for auto-input prevention and press the Confirm button.
- Phone number를 입력하고 Verify 버튼을 클릭하세요. 입력된 Phone number로 인증번호가 발송됩니다.
- Enter the authentication number sent to the entered mobile phone number and click the confirm button.
- Change mobile phone number popup window, click the Confirm button. Password confirmation popup window opens.
- Password Confirmation popup window, enter the password and click the Confirm button. Move to the Basic Information tab.
Caution
Please enter the mobile phone number information in your name accurately. If the authentication number is not received, please check the spam message box.
Modify password reuse restrictions
You can modify the number of times a user’s password can be reused.
To modify the number of times a user’s password can be reused, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s basic information tab, click Modify password reuse restriction. The Modify password reuse restriction popup window will open.
- Password Reuse Restriction Modification In the popup window, select the number of recently used passwords that cannot be reused.
- Password Reuse Restriction Modification popup window, click the Confirm button. Move to the Basic Information tab.
Modifying the Time Zone
You can modify the user’s time zone.
To modify the user’s time zone, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s basic information tab, click time zone modification, the time zone modification popup window opens.
- Time Zone Modification Please select the user’s time zone.
- Time modification popup window, click the Confirm button. It moves to the Basic Information tab.
Managing authentication keys
My Info. > Authentication Key Management tab where you can generate authentication keys and manage security settings.
Creating an authentication key
You can generate the user’s authentication key.
To generate the user’s authentication key, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s Key Management tab should be clicked. It moves to the Key Management tab.
- API Key Management tab, click the Generate API Key button. This will move to the Generate API Key page.
- Generate authentication key page where you enter the expiration period and usage.
- Expiration period can be entered as a number from 1 to 365.
- Expiration period where selecting permanent allows permanent use.
- Check the authentication key creation information and click the Confirm button. It moves to the Authentication Key Management tab.
Reference
- The authentication key can only be created up to 2 times.
- After generating a new authentication key, you must apply the changed API authentication key to the service you are using.
- In the security settings, you can set the authentication method and access allowed IP usage settings.
- You can call the API with the generated authentication key to issue a temporary key, and up to 5 can be issued per authentication key.
Check the details of the authentication key
To view the detailed information of the authentication key, proceed with the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s Key Management tab should be clicked. It moves to the Key Management tab.
- Authentication Key Management tab, click on the authentication key you want to inquire, it will move to the Authentication Key Details page.
- API Key Details page consists of Basic Information, API Key Management tabs.
Authentication Key Details > Basic Information tab where you can check the basic information of the selected authentication key.
| Classification | Detailed Description |
|---|
| Use of authentication key | Indicates whether to use the authentication key- Use, Stop using buttons can be set by clicking
|
| Delete authentication key | Delete the authentication key |
| Authentication Key | Access Key and Secret Key information- Authentication Key button, when clicked, opens the Password Confirmation popup window, where you can enter your password and confirm
|
| Usage | Purpose of using the authentication key |
| Creation Time | The time when the user created the authentication key |
| Expiration Time | Expiration time of the authentication key created by the user |
| Secret Vault | Secret Vault service usage status- When using the Secret Vault service, authentication key usage suspension and deletion are not possible
|
Table. My Info.'s authentication key management > Basic information items
User Lim Sik-i
Authentication Key Details > User Key tab where you can view the list of user keys for the selected authentication key.
Notice
임시키는 API로만 생성이 가능하며 사용자 임시키 탭에서는 조회 및 삭제만 가능합니다. is translated to: IMSI key can only be created via API, and on the User IMSI key tab, only inquiry and deletion are possible.
| Classification | Detailed Description |
|---|
| Delete | Delete the selected license key from the user license key list- Activated when a license key is selected from the list
|
| More | Select the usage of the selected IMSI from the user IMSI list- Activated when selecting IMSI from the list
|
| Access Key | A unique string to call the API |
| Secret Key | Security token used with Access Key- View button opens a Password Confirmation popup window where you can enter your password and confirm
|
| Creation Time | The time when the user created the authentication key |
| Expiration Time | Expiration time of the authentication key created by the user |
| Status | Whether to use the authentication key |
Table. My Info.'s authentication key management > User Private Key Details
Secret Vault Administrator
인증키 상세 > Secret Vault 임시키 tab allows you to view the list of Secret Vault 임시키 for the selected authentication key.
Notice
- Secret Vault service can be checked when using.
- The shim key can only be created via API, and in the Secret Vault tab, only viewing and deletion are possible.
| Classification | Detailed Description |
|---|
| Delete | Delete the selected license key from the user license key list- Activated when a license key is selected from the list
|
| More | Select the usage of the selected IMSI from the user IMSI list- Activated when selecting IMSI from the list
|
| Access Key | a unique string for calling the API |
| Secret Key | Security token used with Access Key- View button opens the Password Confirmation popup window where you can enter your password and confirm
|
| Creation Time | The time when the user created the authentication key |
| Expiration Time | Expiration time of the authentication key created by the user |
| Status | Whether to use the authentication key |
Table. My Info.'s authentication key management > Secret Vault detailed items
Modify authentication key security settings
You can register security settings for the user’s authentication key.
To register security settings for the user’s authentication key, follow the procedure below.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s Key Management tab should be clicked. It moves to the Key Management tab.
- Authentication Key Management tab, click the Edit Security Settings button. It moves to the Authentication Key Security Settings Edit page.
- Modify authentication key security settings page where you enter the authentication method and allowed access IP.
- Authentication method: One-time key, authentication key
- You can access it only when the set authentication is set as the authentication method when calling the API.
- Issued key: issued key using authentication key and authentication number for authentication
- Authentication key: authenticated with the authentication key created in the Console
- Allowed IP for Access: IP that controls user access
- Usage settings only allow access to specific IP ranges when enabled.
- Usage settings after IP unregistration will deny access to all IPs.
- Do not use setting allows access to all IPs.
- Up to 50 can be registered.
- You can enter an IP address or CIDR.
- Check the security settings information for the authentication key and click the Confirm button. It moves to the Authentication Key Management tab.
Note
- South Korea (kr-south) region restrictions
- Access allowed IP is set to Use, only IP addresses can be entered, CIDR cannot be entered.
Caution
- It is recommended to use IMSI authentication and allow access to IP usage.
- When authenticating the authentication key, the email or text authentication step may be omitted, which may cause a security risk.
- Access allowed IP if not used, it can be accessed from any IP, which can cause a security risk.
- Allowed IP for access when used, if the IP is not registered, all access will be restricted.
- The authentication key with a temporary key generated by Secret Vault can be stopped and deleted after canceling the Secret Vault service in each region of the Account.
Delete authentication key
Guidance
- The authentication key can only be deleted when it is in the suspended state. Please stop using the authentication key before deleting it.
- When using the Secret Vault service, you cannot stop using the authentication key. Please cancel the Secret Vault service first.
To delete the authentication key, follow the following procedure.
- All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s Key Management tab should be clicked. It moves to the Key Management tab.
- Authentication Key Management tab, click the authentication key to be deleted from the list of authentication keys. It moves to the Authentication Key Details page.
- Authentication Key Details page, click the Delete Authentication Key button.
- The authentication key is deleted, and it moves to the Authentication Key Management tab.
To delete multiple policies at the same time, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page’s Key Management tab should be clicked. It moves to the Key Management tab.
- Key Management tab’s key list, check the authentication key to be deleted from there.
- Check the selected authentication keys and click the Delete Authentication Key button.
- The selected authentication keys are deleted and the Authentication Key Management tab is newly retrieved.
Managing Access IP
My Info. > Access IP Control tab where you can register and manage IP addresses that can access the Console.
You can restrict access to the Console only from registered IP ranges by using the access IP control feature.
Notice
- The access IP control function can only be used by Root users and IAM users, it cannot be used by ID Center and roles.
- You can add and manage IPs even if you don’t use the access IP control feature.
To use the access IP control function and manage IP, follow the following procedure.
- All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
- Service Home page, click the My Info. menu. It moves to the My Info. page.
- My Info. page, click the Access IP Control tab. It moves to the Access IP Control page.
- Access IP Control page, click the Edit button of Console Access IP Control. The Password Confirmation popup window opens.
- After entering the password, click the Confirm button. The Console Access IP Control Modification popup window will open.
- After setting the access IP control function to use, register the IP to be allowed access.
| Classification | Detailed Description |
|---|
| Console access IP removal | Whether to use the access IP control function- Can be changed to ON or OFF by clicking the toggle button
- When used, at least one IP must be registered
|
| IP list | List of IPs allowed to access- Enter the IP to allow access, then click the Add button to register
- Can register up to 50 single IPs or in CIDR format (10.0.0.0/16)
- Delete All: Delete all IPs registered in the list
- Click the X next to the IP displayed in the list to delete
|
Table. Console Access IP Control Modification Items
7. Once the registration is complete, click the
Confirm button.
7 -