Skip to main content

Manage user and group

Manage user

Users are account units that can access the KakaoCloud Console. The user management features described in this document are available only to users with the following IAM roles.

Manage user by IAM role

FeatureOrg OwnerOrg AdminOrg ReaderProject AdminProject MemberProject Reader
Register user     ✓                                 
View user information within organization
Delete user

Register user

Only registered users can access the KakaoCloud Console and use APIs. Only Org Admin can register users.

info

Accounts integrated with external IdPs may have limitations in being registered as KakaoCloud users.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Click the [Register user] button on the User menu and select General register or Quick register.

  3. Enter information and click the [Register] button.

    • To register multiple people at once, use Quick register to add up to 100 people at a time.

  4. Verify the registered user on the User menu.

    • An invitation and password registration guide email will be sent to the email address registered as a KakaoCloud user. Users must set their initial password within 7 days to log into the console.
    • If the invitation email is deleted or expires, click the user in the user list and click Resend invitation email in the Account tab.

View detailed info of user

Org Admin and Org Reader can view detailed information of all users within the organization.

info

Only organizations that have directly signed up for KakaoCloud can query account statuses. The account status is not provided for accounts integrated with customer systems and KakaoCloud.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Select a user on the User menu.

  3. View the user's detailed information in the Account tab.

  4. In the IAM role tab, you can check the user's organization role, project role, and the groups they belong to.

  5. In the Access key, you can check the access key information issued by the user.

    • You can check the access key information issued by the user.
    CategoryDescription
    Access key nameThe name of the access key set by the user
    Access key IDThe ID of the access key
    Project nameThe name of the project where the access key was issued
    Expired atThe expiration date of the access key
info

Users can create up to 2 access keys per project.

Delete user

Org Admin can delete users who no longer belong to the organization to prevent them from accessing resources.

info

For instructions on removing a specific user's permissions from a project, refer to Remove member from project.

caution

When you delete a user, their access to the KakaoCloud Console is immediately restricted. All information associated with the user account is deleted and cannot be restored.

  1. Go to KakaoCloud Console > Management > IAM..

  2. Go to the User menu and click [More] icon > Delete user.

  3. In the pop-up window, enter Delete user from organization and click the [Delete] button.

Create and manage group

Groups are collections of users who share specific roles. Groups allow you to assign and revoke roles to users all at once. The group management features described in this document are available only to users with the following IAM roles.

Manage group by IAM role

FeatureOrg OwnerOrg AdminOrg ReaderProject AdminProject MemberProject Reader
Create group     ✓                           
Delete group
Add group members
Remove group members
View group members
Add group permissions
Remove group permissions
View group permissions

Create group

Org Admin can create groups. Once a group is created, users can be added as members, and organization or project roles can be added, allowing for batch management of IAM roles.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Click the [Create group] button on the Group menu.

  3. In Create group > Step 1: Enter Group Information, enter the required group information and click the [Create and Continue] button.

    Enter Group Information Enter group information

    CategoryDescription
    OrganizationThe currently accessed organization (auto-filled)
    Group NameThe name of the group to be created
    - No duplicate names within the organization
    Description (Optional)Description of the group

  4. In Step 2: Add Permissions (Optional), select the IAM roles to add to the group and click the [Save and Next] button.

    Add Permissions Add permissions

    CategoryDescription
    Organization roles (Optional)The organization role to set for this group
    - Org Admin: Role to manage the organization and projects (excluding resources)
    - Org Reader: Role to view the organization and projects (excluding resources)
    - Billing Admin: Role to register and manage Payment methods and credits in the Billing service
    - Billing Manager: Role to view estimated cost and bills for all projects
    - Billing Viewer: Role to view resource usage and estimated cost for all projects
    - Trail Viewer: Role to view organization and project events in Cloud Trail
    - Alert Center Admin: Role to register and view organization event alerts in the Alert Center
    Project roles (Optional)The project role to set for this group, which requires selecting a project along with it
    - Project Admin: Role with all resource and member management permissions for the affiliated project
    - Project Member: Role to manage resources in the affiliated project
    - Project Reader: Role to view resources in the affiliated project

  5. In Step 3: Add Members (Optional), enter the IAM user IDs to add to the group and click the [Save] button.

    • New accounts not registered as IAM users cannot be added.

Delete group

Org Admin can delete groups. Deleting a group revokes all IAM roles granted by the group permissions. Additionally, for security reasons, the API tokens of the group members are immediately expired, and they are logged out of the KakaoCloud Console, unless they have separately assigned group permissions.

  1. Go to KakaoCloud Console > Management > IAM.
  2. Go to the Group menu and click the [More] icon > Delete group.
  3. Enter the name of the group to be deleted and click the [Delete] button.

Add member to group

Org Admin can add users to a group.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Select the group to add group members on the Group menu.

  3. Click the [Add member].

  4. In the pop-up window, enter the user ID and click the [Add] button.

    • New accounts and service accounts which are not registered as IAM users cannot be added as group members.

    Add Group Member Add member to group

Remove member from group

Org Admin can remove specific members from a group. Removing a group member revokes all IAM roles granted by the group permissions. Additionally, for security reasons, the API tokens of the removed group members are immediately expired, causing them to be logged out of the KakaoCloud Console.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Select the group from which you want to remove group members on the Group menu.

  3. On the Members tab, click [More] icon > Remove.

    • To remove multiple users at once, click the checkbox for the users and click the [Remove] button.

  4. If necessary, enter additional group members to remove and click the [Remove] button.

    Remove Group Member Remove member from group

Add permissions to group

Org Admin can add organizational level or project roles, among other permissions, to a specific group.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Go to the Group menu.

  3. Click the [Add permission] button.

  4. Select the IAM roles to add and click the [Add] button.

    Add Group Permission Add permissions to group

    CategoryDescription
    Organization roleThe organization role to set for this group
    - Org Admin: Role to manage the organization and projects (excluding resources)
    - Org Reader: Role to view the organization and projects (excluding resources)
    - Billing Admin: Role to register and manage Payment methods and credits in the Billing service
    - Billing Manager: Role to view estimated cost and bills for all projects
    - Billing Viewer: Role to view project resource usage and estimated cost for all projects
    - Trail Viewer: Role to view organization and project events in Cloud Trail
    - Alert Center Admin: Role to register and view organization event alerts in the Alert Center
    - For detailed permissions of each role, refer to IAM role
    Project roleThe project role to set for this group, which requires selecting a project along with it
    - Project Admin: Role with all resource and member management permissions for the affiliated project
    - Project Member: Role to manage resources in the affiliated project
    - Project Reader: Role to view resources in the affiliated project
    - For detailed permissions of each role, refer to IAM role

Remove permissions from group

Org Admin can remove permissions from a group. Removing group permissions revokes the IAM roles for the members of that group.

  1. Go to KakaoCloud Console > Management > IAM.

  2. Go to the Group menu and select a group.

  3. On the Permission tab, select the permission to remove and click the [Remove permission] button.

View access key

Org Admin can view the access keys issued by users.

  1. Go to KakaoCloud Console > Management > IAM.

  2. In the Access key menu, you can view the list of user access keys.

  3. Select the [Expired access key] checkbox to filter expired accounts.

    CategoryDescription
    CreatorThe user ID that issued the access key
    Access key nameThe name of the access key set by the user
    Access key IDThe ID of the access key
    Project nameThe name of the project where the access key was issued
    Expirired atThe expiration date of the access key