• Identity and Access Management

iam
  1. Help Center
  2. Identity and Access Management
  3. User Guide
  4. Getting Started
  5. Creating a User and Adding It to a User Group

Creating a User and Adding It to a User Group

Use a security administrator to create a user, and add the user to a user group. The user inherits all of the permissions of the user group.

Procedure

  1. Choose Management & Deployment > Identity and Access Management.
  2. In the navigation pane, choose Users.
  3. On the Users page, click Create User.
  4. On the Create User page, enter Username.
  5. Specify Credential Type.

    Credential Type

    Application Scenario

    Password

    • Used to log in to the management console
    • Used to enable development tools (such as APIs, the CLI, and SDK) that can access cloud services through password authentication

    Access key

    Used to enable development tools (such as APIs, the CLI, and SDK) that can access cloud services through key authentication

  6. Select a user group which you want to add the user from the drop-down list box in the User Groups area.

    NOTE:
    • You can also enter a keyword to quickly find the target user group.
    • A user can be added to multiple user groups.
    Perform one of the following based on the credential type you selected in Step 5.

    Credential Type

    Follow-up Operation

    Password

    Go to Step 8.

    Access key

    Click OK. Download the generated key. User creation is complete.

    NOTE:

    Access keys are credentials for identity authentication in IAM. You can only obtain an access key by downloading it. If the user needs to use an access key for authentication in IAM but it has not been downloaded, you must generate a new access key.

  7. Click Next.
  8. Specify Password Type.

    Password Type

    Description

    Follow-up Operation

    Set at first login

    The system will send you a one-time login link through email. You need to use this link to set a password before you can log in to the management console.

    1. Set Email for receiving the login link.
    2. (Optional) Set Mobile Number.

    Automatically generated

    The system randomly generates a 10-character password. This option enables development tools (such as APIs, the CLI, and SDK) that can access cloud services through password authentication.

    1. (Optional) Set Email.
    2. (Optional) Set Mobile Number.

    Set manually

    Users set their own passwords.

    1. (Optional) Set Email.
    2. (Optional) Set Mobile Number.
    3. Set New Password and Confirm Password.
      NOTE:
      The password must meet the following requirements:
      • It must be 6 to 32 characters long.
      • It must contain at least 2 of the following character types: uppercase letters, lowercase letters, digits, and special characters (!"#$%&'()*+,-./:;<=>?@[]^`{_|}~ and spaces).
      • It cannot be the username or the username spelled backwards. For example, if the username is A12345, the password cannot be A12345, a12345, 54321A or 54321a.
      • It cannot contain the user's mobile number or email address.

  9. Select Require Password Reset to ensure that users are forced to change their password the first time they log in. The Require Password Reset option is selected by default. It is recommended that you retain the default setting to ensure that your password is set by yourself, preventing password leakage.
  10. Click OK.

    The user is created successfully.