Only when the policy is granted to a specific user identity, can the permission control take effect. Currently, IAM supports the authorization for three types of identities.

Authorize the IAM User

You can grant the system policy or the Custom Policy directly to the IAM user. In the list of the IAM user management, click Add Permission to authorize the IAM user. The permission of the IAM user is subject to the policy that is directly assigned, and will inherit the permission policy from the group.

Authorize the Group

You are recommended to add your users into the group, and the grant the permission policy to the group. In the list of group management, click Edit to authorize the group.

Authorize the Role

In the role management, to locate the specified role, click Edit and click Authorization in the module of Permission Information **to authorize the specified role.