Last updated：2020-07-19 00:07:27
Identity and Access Management (IAM) is a service provided by Kingsoft Cloud for identity and access control. With IAM, you can create multiple IAM users and various policies under your Kingsoft Cloud account. You can authorize your IAM users to manage your resources by attaching policies to the IAM users.
Many large companies need to use various cloud services and purchase large amounts of cloud computing resources. A large company can have multiple departments or organizations that keep separate financial accounts. The cloud computing resources of different departments or organizations need to be isolated from each other.
At the same time, different departments have different responsibilities. In general, the IT department purchases cloud computing resources, the operation and maintenance team allocates and maintains these resources, business departments use these resources, and the financial department conducts expense accounting and pays for the bills.
Without the account group or IAM service, organizations or departments would need to share one cloud computing account for all of these operations that range from purchasing, allocation, maintenance to payment. While this method is plausible, sharing an account can increase the risk of operational errors and result in permissions that are two large. The resources cannot be isolated. These factors increase information security risks and make management harder for a company.
With IAM, you can create IAM users and assign the permissions on your resources to your IAM users in a flexible way. This is in line with the least privilege principle and can help you avoid the security risks of sharing an account and password. As a result, company management is made easier, and company information security risks are lowered.
Using projects in IAM can satisfy the need of resource isolation between organizations or departments, while allowing you to manage all resources in a centralized way.
Did you find the above information helpful?
Please give us your feedback.
Thank you for your feedback.