Learn about the ways that users, groups, and IAM policies interact with regard to access rights.
OVHcloud Control Panel users and groups
To view users and groups, log in to the OVHcloud Control Panel, then:
- Click your name in the upper-right corner.
- Click the circular icon with your initials.
- Select the
User management
tab.
A user can log in to your OVHcloud Control Panel account.
Groups determine the rights/permissions of users in the group.
For information on creating, editing, or deleting users and/or groups, see our How to Manage Users and Groups via Your OVHcloud Account guide.
IAM linked identities
Once IAM policies are created, you can manage the linked identities.
From the My account area of your OVHcloud Control Panel:
- Select
Identity and Access Management (IAM)
from the left-hand navigation menu. - Click the more options
...
button next to the policy you want to manage. - Select
Manage linked identities
.
On the next screen, you can apply the policy to individual users or groups as a whole.
Use case: vSphere access
Before continuing, please read our How to Use IAM Policies with vSphere guide.
If you want to grant a user access to vSphere but not your OVHcloud Control Panel, the following conditions would have to be set:
- The user is in a group whose role is "None" (see above).
- An IAM policy is created granting access to vSphere with the
pccVMware:vSphere:assumeRole?iam-admin
action manually added. (See this guide for more details.) - The group is added as a "Linked Identity" on the policy (see above).
Go further
For more information and tutorials, please see our other User Management & Federation or Manage and Operate guides, or explore the guides for other OVHcloud products and services.