IAM Overview
KakaoCloud IAM (Identity and Access Management) allows you to assign and manage access and control permissions for users or groups to KakaoCloud resources. By using IAM, you can control permissions for KakaoCloud resources, and safely manage resources by assigning specific roles to users to control access.
If you use KakaoCloud Cloud Trail that automatically collects and records user activities, you can check various event information such as console login, group/project creation, adding users, etc., based on IAM credentials.
- RBAC (role-based access control): Also known as role-based access control, it is a method that allows system access only to authorized users. It is an advanced form of the previous attribute-based access control (ABAC), which granted access rights based on user names rather than user responsibilities.
Purpose and use cases
Without using IAM, you may face security issues such as unauthorized access to resources, misuse of permissions, and security threats. Additionally, it can be difficult to track and monitor access history centrally, making it hard to detect or monitor security incidents.
KakaoCloud IAM allows you to safely manage resources by assigning specific roles to users to centrally control access rights. For example, by assigning only the billing manager role to a specific user, you can set it up so that they cannot access project resources within the organization except for billing functions, allowing them to only perform tasks such as viewing invoices or managing Payment methods.
IAM can be integrated and used with most KakaoCloud services requiring access control, such as Beyond Compute Service, Beyond Networking Service, Container Pack, Beyond Storage Service, Billing, etc., and is provided for free.
Features
Manage permissions easily and safely
- Supports safe management of resource access by granting permissions by role
- If a role required by a cloud administrator and a person in charge are added to a group called 'admin-group', the role added to the group is automatically inherited by the group members, making it easy to manage permissions at the group level
Build independent cloud environment
- Supports creating organizations according to the purpose and usage of cloud services and building separate cloud environments
Secure resources with granular permissions
- Manages permissions through role-based access control (RBAC)
- Allows access to users based on their work and role, and roles can be added or deleted immediately as needed
Manage organizations systematically
- Enterprise-level organization charts can be easily managed centrally through IAM, ensuring visibility of necessary users, projects, roles, etc., for managing the organization
- External IdP integration allows for the application of internal regulations and security policies
Use IAM for free
- Provided to KakaoCloud account without additional costs
Track event logs
- Event log tracking possible when used together with KakaoCloud Cloud Trail
Getting started
For detailed usage guides on IAM, please refer to How-to Guides document. If you are new to KakaoCloud, start with the Start section.