Identity Introduction
Last Updated:2020-09-23
User
IAM user is a concept under the account system, and multiple users can be created under one account. The user can be divided into the root user, IAM user and Contact:
- The root user is the administrator user automatically created by the system after the account is activated, and it is the owner of the resource. By default, the root user has the administrative permission of all resources under the account, and such permission cannot be modified;
- The IAM user is the operator of the resources, but not the owner of the resource. The IAM user can log on to the console independently, operate and use the resources under the account, and has API access permission;
- The Contacts are special users defined by customers to notify their employees of the enterprise or department that receive messages from their accounts only by SMS or email, and have no access to the resources of their cloud accounts through the console or API.
Group
Set of users. Add the users with the same feature together, thus forming the group. After the policy is associated with the group, the users in the group can get the permission described by the policy, which is applicable for batch authorization.