Manage user and group
Manage user
Users are account units that can access the KakaoCloud Console. The user management features described in this document are available only to users with the following IAM roles.
Manage user by IAM role
Feature | Org Owner | Org Admin | Org Reader | Project Admin | Project Member | Project Reader |
---|---|---|---|---|---|---|
Register user | ✓ | |||||
View user information within organization | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Delete user | ✓ |
Register user
Only registered users can access the KakaoCloud Console and use APIs. Only Org Admin can register users.
Accounts integrated with external IdPs may have limitations in being registered as KakaoCloud users.
-
Go to KakaoCloud Console > Management > IAM.
-
Click the [Register user] button on the User menu and select General register or Quick register.
-
Enter information and click the [Register] button.
- To register multiple people at once, use Quick register to add up to 100 people at a time.
-
Verify the registered user on the User menu.
- An invitation and password registration guide email will be sent to the email address registered as a KakaoCloud user. Users must set their initial password within 7 days to log into the console.
- If the invitation email is deleted or expires, click the user in the user list and click Resend invitation email in the Account tab.
View detailed info of user
Org Admin and Org Reader can view detailed information of all users within the organization.
Only organizations that have directly signed up for KakaoCloud can query account statuses. The account status is not provided for accounts integrated with customer systems and KakaoCloud.
-
Go to KakaoCloud Console > Management > IAM.
-
Select a user on the User menu.
-
View the user's detailed information in the Account tab.
-
In the IAM role tab, you can check the user's organization role, project role, and the groups they belong to.
-
In the Access key, you can check the access key information issued by the user.
- You can check the access key information issued by the user.
Category Description Access key name The name of the access key set by the user Access key ID The ID of the access key Project name The name of the project where the access key was issued Expired at The expiration date of the access key
Users can create up to 2 access keys per project.
Delete user
Org Admin can delete users who no longer belong to the organization to prevent them from accessing resources.
For instructions on removing a specific user's permissions from a project, refer to Remove member from project.
When you delete a user, their access to the KakaoCloud Console is immediately restricted. All information associated with the user account is deleted and cannot be restored.
-
Go to KakaoCloud Console > Management > IAM..
-
Go to the User menu and click [More] icon > Delete user.
-
In the pop-up window, enter
Delete user from organization
and click the [Delete] button.
Create and manage group
Groups are collections of users who share specific roles. Groups allow you to assign and revoke roles to users all at once. The group management features described in this document are available only to users with the following IAM roles.
Manage group by IAM role
Feature | Org Owner | Org Admin | Org Reader | Project Admin | Project Member | Project Reader |
---|---|---|---|---|---|---|
Create group | ✓ | |||||
Delete group | ✓ | |||||
Add group members | ✓ | |||||
Remove group members | ✓ | |||||
View group members | ✓ | ✓ | ||||
Add group permissions | ✓ | |||||
Remove group permissions | ✓ | |||||
View group permissions | ✓ | ✓ |
Create group
Org Admin can create groups. Once a group is created, users can be added as members, and organization or project roles can be added, allowing for batch management of IAM roles.
-
Go to KakaoCloud Console > Management > IAM.
-
Click the [Create group] button on the Group menu.
-
In Create group > Step 1: Enter Group Information, enter the required group information and click the [Create and Continue] button.
Enter group information
Category Description Organization The currently accessed organization (auto-filled) Group Name The name of the group to be created
- No duplicate names within the organizationDescription (Optional) Description of the group -
In Step 2: Add Permissions (Optional), select the IAM roles to add to the group and click the [Save and Next] button.
Add permissions
Category Description Organization roles (Optional) The organization role to set for this group
- Org Admin: Role to manage the organization and projects (excluding resources)
- Org Reader: Role to view the organization and projects (excluding resources)
- Billing Admin: Role to register and manage Payment methods and credits in the Billing service
- Billing Manager: Role to view estimated cost and bills for all projects
- Billing Viewer: Role to view resource usage and estimated cost for all projects
- Trail Viewer: Role to view organization and project events in Cloud Trail
- Alert Center Admin: Role to register and view organization event alerts in the Alert CenterProject roles (Optional) The project role to set for this group, which requires selecting a project along with it
- Project Admin: Role with all resource and member management permissions for the affiliated project
- Project Member: Role to manage resources in the affiliated project
- Project Reader: Role to view resources in the affiliated project -
In Step 3: Add Members (Optional), enter the IAM user IDs to add to the group and click the [Save] button.
- New accounts not registered as IAM users cannot be added.
Delete group
Org Admin can delete groups. Deleting a group revokes all IAM roles granted by the group permissions. Additionally, for security reasons, the API tokens of the group members are immediately expired, and they are logged out of the KakaoCloud Console, unless they have separately assigned group permissions.
- Go to KakaoCloud Console > Management > IAM.
- Go to the Group menu and click the [More] icon > Delete group.
- Enter the name of the group to be deleted and click the [Delete] button.
Add member to group
Org Admin can add users to a group.
-
Go to KakaoCloud Console > Management > IAM.
-
Select the group to add group members on the Group menu.
-
Click the [Add member].
-
In the pop-up window, enter the user ID and click the [Add] button.
- New accounts and service accounts which are not registered as IAM users cannot be added as group members.
Add member to group
Remove member from group
Org Admin can remove specific members from a group. Removing a group member revokes all IAM roles granted by the group permissions. Additionally, for security reasons, the API tokens of the removed group members are immediately expired, causing them to be logged out of the KakaoCloud Console.
-
Go to KakaoCloud Console > Management > IAM.
-
Select the group from which you want to remove group members on the Group menu.
-
On the Members tab, click [More] icon > Remove.
- To remove multiple users at once, click the checkbox for the users and click the [Remove] button.
-
If necessary, enter additional group members to remove and click the [Remove] button.
Remove member from group
Add permissions to group
Org Admin can add organizational level or project roles, among other permissions, to a specific group.
-
Go to KakaoCloud Console > Management > IAM.
-
Go to the Group menu.
-
Click the [Add permission] button.
-
Select the IAM roles to add and click the [Add] button.
Add permissions to group
Category Description Organization role The organization role to set for this group
- Org Admin: Role to manage the organization and projects (excluding resources)
- Org Reader: Role to view the organization and projects (excluding resources)
- Billing Admin: Role to register and manage Payment methods and credits in the Billing service
- Billing Manager: Role to view estimated cost and bills for all projects
- Billing Viewer: Role to view project resource usage and estimated cost for all projects
- Trail Viewer: Role to view organization and project events in Cloud Trail
- Alert Center Admin: Role to register and view organization event alerts in the Alert Center
- For detailed permissions of each role, refer to IAM roleProject role The project role to set for this group, which requires selecting a project along with it
- Project Admin: Role with all resource and member management permissions for the affiliated project
- Project Member: Role to manage resources in the affiliated project
- Project Reader: Role to view resources in the affiliated project
- For detailed permissions of each role, refer to IAM role
Remove permissions from group
Org Admin can remove permissions from a group. Removing group permissions revokes the IAM roles for the members of that group.
-
Go to KakaoCloud Console > Management > IAM.
-
Go to the Group menu and select a group.
-
On the Permission tab, select the permission to remove and click the [Remove permission] button.
View access key
Org Admin can view the access keys issued by users.
-
Go to KakaoCloud Console > Management > IAM.
-
In the Access key menu, you can view the list of access keys.
-
Select the [Expired access key] checkbox to filter expired accounts.
Category Description Creator The user ID that issued the access key Access key name The name of the access key set by the user Access key ID The ID of the access key Project name The name of the project where the access key was issued Expired at The expiration date of the access key