All Documents

Current Document

Recommend

Container Engine Virtual Private Cloud Standard Storage Service

Content is empty

If you don't find the content you expect, please try another search term

Identity and Access Management

View more results

Document title with current keyword not found

Directory

Expand AllFold All Up

Networking
Security

Storage&CDN
Database
Legal
- Legal
ActionTrail
- ActionTrail
- Kingsoft Cloud International Business

Video Services
Data Analysis
- MapReduce (KMR)
- Kingsoft Cloud Log Service
Account Management
- Identity and Access Management
- Account Management

No products found with this keyword

Documentation

Identity and Access Management

Quick Start

Create a custom policy

Create a custom policy

Last updated：2021-10-29 17:57:25

This topic describes how to create a custom policy when the system policies cannot meet your requirements. Custom policies enable you to manage permissions in a more fine-grained manner and can satisfy different permission management requirements.

Prerequisites

You have been familiar with the basic structure and syntax of policies. For more information, see Policy elements.

Procedure

Log in to the IAM console.
In the left navigation pane, choose Permissions > Policies. The Policies page appears.
Click the Custom Policies tab.
Click Create Policy. On the Create Policy page, set the Policy and Remarks parameters in the Set Policy Information section.
Select a policy type in the Select Policy Type section.

(1) Product Features / Project Permissions: IAM allows you to create a custom policy by selecting required services and features. This method is suitable for customers who need to control permissions but the requirements are not complex. (2) Visual configuration: We recommend that you preferentially create a custom policy in the visual configuration mode, which is easy and flexible. You only need to select services and actions, and specify resources. The system automatically generates the policy for you.
(3) Policy grammar: You can create a custom policy by directly editing the policy document. This method enables you to control the permission granularity in a flexible way, and is suitable for customers who need more fine-grained permission control. (4) Authorization by tag: This method allows you to quickly assign tagged resources to users or groups.
Specify required information and click Next and Create strategy in sequence or directly click Create strategy.

What to do next

You can attach the custom policy to IAM users, groups, or roles.

On this page

Previous:Create an IAM group

Next:Grant permissions to an IAM user

Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen

Feedback