• Identity and Access Management

iam
  1. Help Center
  2. Identity and Access Management
  3. User Guide
  4. User Guide
  5. User and User Group Management
  6. Creating a User

Creating a User

To share the resources in your account with other users, access IAM as a security administrator to create users and specify security credentials and permissions for them. These users can access the cloud system using the management console or a development tool (such as APIs, the CLI, and SDK).

Procedure

  1. In the navigation pane, choose Users.
  2. On the Users page, click Create User.
  3. On the Create User page, enter Username.
  4. Specify Credential Type.

    Credential Type

    Application Scenario

    Password

    • Used to log in to the management console
    • Used to enable development tools (such as APIs, the CLI, and SDK) that can access cloud services through password authentication

    Access Key

    Used to enable development tools (such as APIs, the CLI, and SDK) that can access cloud services through key authentication

  5. Select a user group which you want to add the user from the drop-down list box in the User Groups area.

    NOTE:
    • You can also enter a keyword to quickly find the target user group.
    • A user can be added to multiple user groups.
    Perform one of the following based on the credential type you selected in Step 4.

    Credential Type

    Follow-up Operation

    Password

    Go to Step 6.

    Access Key

    Click OK. Download the generated key. User creation is complete.

    NOTE:

    Access keys are credentials for identity authentication in IAM. You can only obtain an access key by downloading it. If the user needs to use an access key for authentication in IAM but it has not been downloaded, you must generate a new access key.

  6. Click Next.
  7. Specify Password Type.

    Password Type

    Description

    Follow-up Procedure

    Set at first login

    The system will send you a one-time login link through email. You need to use this link to set a password before you can log in to the management console.

    1. Set Email for receiving the login link.
    2. (Optional) Set Mobile Number.
    3. Click OK.

    Automatically generated

    The system randomly generates a 10-character password. This option enables development tools (such as APIs, the CLI, and SDK) that can access cloud services through password authentication.

    1. (Optional) Set Email.
    2. (Optional) Set Mobile Number.
    3. Click OK.
    4. Download the password file.

    Set manually

    Users set their own passwords.

    1. (Optional) Set Email.
    2. (Optional) Set Mobile Number.
    3. Set New Password and Confirm Password.
      NOTE:
      The password must meet the following requirements:
      • It must be 6 to 32 characters long.
      • It must contain at least 2 of the following character types: uppercase letters, lowercase letters, digits, and special characters (!"#$%&'()*+,-./:;<=>?@[]^`{_|}~ and spaces).
      • It cannot be the username or the username spelled backwards. For example, if the username is A12345, the password cannot be A12345, a12345, 54321A or 54321a.
      • It cannot contain the user's mobile number or email address.
    4. Click OK.
    NOTE:
    • The SMS-based login verification function can be enabled only when a user is bound with an email address and a mobile number.
    • You can log in to the system with your username, mobile number, or email address.
    • If you forget your password, you can reset it using the email address or mobile number that was bound to your account.

  8. If you select Automatically generated or Set manually, choose whether to require password reset at the next login. This function is enabled by default to ensure account security.
  9. Click OK.

    The user is created successfully.

Related Operations

  • View and modify information about the user, including the user status, bound email address, bound mobile number, user group, and logs.
  • Delete a user. In the user list, click Delete in the row that contains the target user.