The page has been translated by Gen AI.

Role

The user can create a role with separate permissions and switch from their own account to another role to access the Account.

Creating a role

To create a role, follow the following procedure.

  1. All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the role menu. It moves to the role list page.
  3. Role List page, click the Create Role button. It moves to the Create Role page.
  4. Role Creation page where you enter information for role creation, click the Complete button.
  • Basic Information Input를 입력하세요.
    Classification
    Necessity
    		Detailed Description
    Role NameRequiredEnter the name of the role
    • Use English letters, numbers, and special characters (+=-_@,.) to enter within 64 characters
    DescriptionSelectionEnter a description of the role within 1,000 characters
    Maximum session persistence timeRequiredEnter the session time allowed for the user when switching roles in the console
    • Time selection: 1 hour, 2 hours, 4 hours, 8 hours, 12 hours
    • Job input: Input possible in seconds from 3,200 seconds (1 hour) to 43,200 seconds (12 hours)
    Table. Basic Information Items for Role Creation
  • Execution Entity를 연결하세요.
    Classification
    Mandatory
    		Detailed Description
    ClassificationEssentialSelect the performing entity
    • Current Account, Different Account, User SRN, Credential Provider, Service
    ValueRequiredEnter the Value value for the performing entity
    • Current Account: Display the current Account ID
    • Different Account: Enter the Account ID to use this role
    • User SRN: Enter the SRN of the user registered in the Console
    • Credential Provider: Select the credential provider name
    • Service: Select Virtual Server or Cloud Functions
    AddSelectA button to add the performing entity
    • Up to 20 additional connections are possible
    Table. Role Creation Performing Subject Connection Items
  • Policy을 연결하세요 -> * Connect the policy.
    Classification
    Mandatory
    		Detailed Description
    PolicyRequiredSelect a policy to link to the role
    • If you select the check box, the selected policy name will be displayed at the top of the list
    • You can cancel the policy by clicking the X button for the added policy name at the top of the list or by unchecking the check box in the policy list
    • If there is no policy to link, you can click the Create Policy item at the bottom of the policy list to register a new policy first
      • After policy creation is complete, you can refresh the policy list and select the created policy
    Table. Role Creation Policy Link Items
  • Additional information를 입력하세요.
    Classification
    Mandatory
    		Detailed Description
    TagSelectionTags to add to the role
    • Up to 50 tags can be added per resource
    Table. Role Creation Additional Information Items
  1. When the popup window notifying role creation opens, click the Confirm button.

Check detailed role information

Role List page where you can check and modify the detailed information of the selected role.

To check the detailed information of the role, follow the next procedure.

  1. All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the role menu. It moves to the role list page.
  3. Role List page, click the identity provider to verify. It moves to the Identity Provider Details page.
  • Role Details page displays basic information, and consists of Basic Information, Performing Entity, Policy, Tag tabs.

Basic Information

You can check and modify the basic information of the role.

ClassificationDetailed Description
ServiceService Name
Resource TypeResource Type
SRNUnique resource ID in Samsung Cloud Platform
Resource NameResource Name
  • Role means role name
Resource IDUnique Resource ID
CreatorThe user who created the service
Creation TimeThe time when the service was created
ModifierUser who modified the service information
Revision TimeThe time when service information was revised
Role NameRole’s Name
DescriptionDescription of the role proof provider
  • Edit button to change description possible
Maximum session durationThe role session duration allowed for an IAM user switching roles in the Console
  • Edit button can be clicked to change the duration
  • Time selection: 1 hour, 2 hours, 4 hours, 8 hours, 12 hours
  • Job input: Input possible in seconds from 3,200 seconds (1 hour) to 43,200 seconds (12 hours)
Table. Role Details - Basic Information Tab Items

Performing Entity

You can confirm and manage the subject of role performance.

ClassificationDetailed Description
DivisionName of the executing entity
ValueValue of the performing entity
Modify ExecutorModify the executor button
  • When the button is clicked, it moves to the Executor Connection page
Table. Role Details - Performing Entity Tab Items

Policy

ClassificationDetailed Description
DisconnectDisconnects the selected policy from the role
  • Activated when a policy is selected from the policy list
Policy ConnectionConnect a new policy to the role
  • When the button is clicked, move to the Policy Connection page
Policy NamePolicy’s Name
  • Click on the policy name to check the policy details page
TypeType of Policy
DescriptionDescription of the policy
Modification TimeThe time when the policy was last modified
Table. Role Details - Policy Tab Items

Tag

You can check, add, change, or delete the tag information of the credential provider.

ClassificationDetailed Description
Tag ListTag list
  • Check Key, Value information of the tag
  • Up to 50 tags can be added per resource
  • Search and select from existing Key and Value lists when entering tags
Table. Role Supervisor - Tag Tab Items

Managing Roles

You can change the basic information of the role, or modify or delete the performing entity, connected policies, or tag information of the role.

Modify basic information

You can modify the maximum session persistence time and description in the role details. To modify the basic information, follow the following procedure.

  1. All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the role menu. It moves to the role list page.
  3. Role List page, click the user role name to modify the basic information. It moves to the Role Details page.
  4. Role Details page, check the basic information to be modified, and then click the Modify button.
  • Maximum session duration: You can set the role session duration allowed for an IAM user switching roles in the Console. When you click the Edit button, the Edit maximum session duration popup window opens.
  • Description: You can modify the description of the role. When the Modify button is clicked, the Description Modification popup window opens.
  1. In the popup window, modify it to the content to be changed, then click the confirm button.

Managing the Performing Entity

You can add, modify, or delete the subject of the role’s performance.

To manage the performing subject of a role, follow the following procedure.

  1. All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the role menu. It moves to the role list page.
  3. Role List page, click the user name to modify the performing subject. It moves to the Role Details page.
  4. Role Details page, click the Performing Entity tab. It moves to the Performing Entity tab.
  5. Execution Entity tab, click the Modify Execution Entity button. It moves to the Modify Execution Entity page.
  6. Modify the performing entity page, modify the performing entity, and then click the Complete button. A pop-up window announcing the modification of the performing entity will open.
Classification
Mandatory
Detailed Description
ClassificationEssentialSelect the performing entity
  • Current Account, Different Account, User SRN, Credential Provider, Service
ValueRequiredEnter the Value value for the performing entity
  • Current Account: Display the current Account ID
  • Different Account: Enter the Account ID to use this role
  • User SRN: Enter the SRN of the user registered in the Console
  • Credential Provider: Select the credential provider name
  • Service: Select Virtual Server or Cloud Functions
AddSelectButton to add the performing entity
  • Up to 20 additional connections can be added
  • Performing entity can be deleted by clicking the X button of the added performing entity
Table. Items to be revised by the performing entity
  1. Click the Confirm button in the pop-up window notifying the modification of the performing entity. You can check the modified performing entity in the list of the Performing Entity tab.

Managing Policies

You can link policies to roles or unlink linked policies.

Connect Policy

You can link policies to a role.

To link a policy to a role, follow these procedures.

  1. All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).

  2. Service Home page, click the role menu. It moves to the role list page.

  3. Role List page, click the role name to link the policy. It moves to the User Detail page.

  4. Role Details page, click the Policy tab. It moves to the Policy tab.

  5. Policy tab, click the Policy Link button. It moves to the Policy Link page.

  6. After selecting the policy to be linked to the role, click the Complete button. A popup window announcing the policy connection will open.

    ClassificationDetailed Description
    Connected PolicyDisplays the policy connected to the role
    PolicySelect a policy to be linked to the role from the list of policies registered in the Account
    • When you select a check box, the selected policy name is displayed at the top of the list
    • The selected policy can be canceled by clicking the X button at the top of the list or by unchecking the check box in the policy list
    • If there are no policies to link, click the Create Policy item at the bottom of the policy list to register a new policy first
      • After policy creation is complete, you can refresh the policy list and select the created policy
    Table. Policy Link Details

  7. Click the Confirm button in the pop-up window notifying policy connection. You can check the connected policy in the list of the Policy tab.

Policy Disconnecting

You can release the policies connected to the user.

To release the policy linked to the user, follow the following procedure.

  1. All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the role menu. It moves to the role list page.
  3. Role List page, click the role name to disconnect the policy link. It moves to the Role Details page.
  4. Role Details page, click the Policy tab. It moves to the Policy tab.
  5. Policy list, select the policy to disconnect, then click the Disconnect button. A pop-up window notifying disconnection will open.
  6. After checking the policy information to be disconnected, click the Confirm button. The policy will be disconnected.

Managing tags

You can add, modify, or delete the role’s tag.

To manage the role’s tags, follow the following procedure.

  1. All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the Role menu. It moves to the Role List page.
  3. Role List page, click the role name to modify the tag information. It moves to the Role Details page.
  4. Role Details page, click the Tags tab. It moves to the Tags tab.
  5. Tag tab, click the Edit Tag button.
  6. After adding or modifying the tag, click the Save button. A popup window announcing the tag modification will open.
  • You can modify the Key, Value of the previously registered tag.
  • Add tag button to click and add a new tag.
  • Clicking the X button in front of the added tag will delete the tag.
  1. Confirm button, you can check the modified tag information in the list.

Switching roles

To switch roles in the Samsung Cloud Platform Console, follow the following procedure.

  1. Click the profile-shaped button at the top right of the Console. My menu popup window will open.

  2. My menu popup window, click the role switch button. Role switch popup window opens.

  3. Role Switching In the role switching popup window, enter the role switching information and click the Confirm button.

    Classification
    Mandatory
    		Detailed Description
    Account IDrequiredEnter the Account ID that the user wants to enter with role switching
    Role NameMandatoryEnter the role name that the user wants to enter through role switching
    AliasSelectName to be used when the user enters with role switching
    ColorRequiredSelect a color to use as the background of the Account when entering the role
    • Not selected: Apply the existing Account background color
    Table. Role Transition Information Items

  4. When the popup window notifying role switching opens, click the Confirm button.

Check the role

Console you can check the role information switched by clicking the profile-shaped button at the top right of the console.

Provided FunctionDescription
Account IDAccount ID logged in to Samsung Cloud Platform Console
Role NameAlias set when switching roles
  • If accessed by ID Center user as a role, it is displayed as Authority Set Name
  • Session expiration time is displayed at the bottom
Time ZoneTime zone set by the user
  • Example: Asia/Seoul (GMT +09:00)
  • Edit Time Zone can be changed by clicking
AccountAccount information
  • For more detailed information, please refer to Account
Cost ManagementYou can check the usage and billing details, payment history, and cost analysis, and manage Credits, budgets, Accounts, and payment methods
Login user informationRole switched IAM user name and user’s Account ID
Switch to my accountSwitch to the IAM user account and move to the Console Home page
  • Display after role switching
Role SwitchingCan be switched to another role
Log outLog out from Samsung Cloud Platform Console
Table. My Info. items when role switching

Delete role

To delete a role, follow the following procedure.

  1. All services > Management > IAM menu is clicked. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the role menu. It moves to the role list page.
  3. Role List page, click the role name to be deleted. It moves to the Role Details page.
  4. Role Details page, click the Delete Role button.
  5. The role is deleted, and it moves to the role list page.

To delete multiple roles at the same time, follow the procedure below.

  1. All services > Management > IAM menu, click. It moves to the Service Home page of Identity and Access Management(IAM).
  2. Service Home page, click the role menu. It moves to the role list page.
  3. Check the role to be deleted from the role list.
  4. Confirm the selected role, and click the role deletion button.
  5. The selected role is deleted and the role list page is newly retrieved.
Policy
Credential Provider