2. Identity And Access Management

Created On8 May, 2020

Last Updated On16 November, 2020

byKatia Evdokimova

User access rights are defined on three levels:

Account level
Cloudspace level
VM level

Types of user privileges:

Read (R)
Write (W)
Admin (A)

A user with certain privileges on an Account has the same access rights on the Cloudspaces within this Account. A user with certain privileges on a Cloudspace has the same access rights on all VMs on this Cloudspace.

Account level

Action	R	W	A
Create/Delete Accounts	-	-	+
Enable/Disable Accounts	-	-	+
Create/Delete Cloudspaces	-	-	+
Grant/revoke user privileges *	-	-	+
Update Account capacity parameters	-	-	+
Update Cloudspace capacity parameters	-	-	+
Create/Delete Images	-	-	+

* User privileges on the Account level

Cloudspace level

Action	R	W	A
Create/Delete VMs	-	+	+
Grant/revoke user privileges *	-	-	+
Move VM to another Cloudspace	-	-	+

* User privileges on the Cloudspace level

VM level

Action	R	W	A
Create VM Disks	-	+	+
Detach Disks from VMs	-	+	+
Take snapshot	-	+	+
Grant/revoke user privileges *	-	-	+
Start/Stop VM	-	+	+

* User privileges on the VM level

Table of Contents