English
Our Service
Other service

IAM for vMonitor

IAM is essential to protecting resources within vMonitor services. Without proper access control, unauthorized users can access sensitive data or disrupt critical operations. IAM helps enforce the principle of least privilege, minimizing potential attack surfaces and protecting your server resources from unauthorized access and data compromise.

1. Getting Started with IAM

This guide is intended to guide users to quickly get started with IAM in vMonitor services by using the default permission (defined by VNG Cloud Managed Policies) for the vMonitor system called vStorageFullAccess.

  1. Accessing the IAM Console

  • Open your web browser and access the IAM Console URL: https://hcm-3.console.vngcloud.vn/iam/

  • Log in as a Root User Account or a User Account with access rights. You will need to provide a username/email and password when logging in.

  • After logging in, you will see the IAM Console interface, which provides an overview of your IAM configuration.

  1. Create a new IAM User Account

  • Click "Create user" in the left menu

  • Click "Create a user account."

  • Enter the user account details, including username and password.

  • Review the settings and click "Create user account" in the upper right corner.

  1. Access the vMonitor Portal with the IAM User Account

  • Open your web browser and go to the vMonitor website URL: https://console.vstorage.vngcloud.vn/

  • Remember to log out of the Root User account and log in with the IAM User Account created in step 2.

  • After logging in, you will see an overview of the vMonitor website.

  • Try to access the Network, Server, Bock store, Load balancer, Container & Billing pages, you will see a notification about limited permissions as below.

Notice

  • The IAM User Account created in Step 2 does not currently have permissions to perform actions on the vMonitor cloud service.

  • To grant permissions to the above IAM User Account, refer to the instructions in Step 4 below. Note that this guide provides an example of vMonitorFullAccess.

4. Assign Permissions to IAM Accounts

  • Open your web browser and go to the IAM Console URL: https://hcm-3.console.vngcloud.vn/iam/

  • Log in as the Root User account. You may need to provide a username and password or use other authentication methods such as single sign-on (SSO) if configured.

  • Once logged in, you will see the IAM Console interface, which provides an overview of your IAM configuration.

  • Click on "User account" in the left menu.

  • Search for an IAM user account by entering the username in the search box.

  • Click on the row containing the IAM user account information in the search results.

  • By default, you will see the "Permission" tab on the IAM user account details page.

  • Click on the "Attach policies" button and then you will see a dialog box appear containing all the Policies.

  • Search for the vMonitorFullAccess policy by entering its exact name in the search box.

  • Tick the result and click the "Attach" button in the lower right corner of the dialog box.

5. Re-Access the vMonitor Portal with an IAM User Account

Re-Access the vMonitor Portal by following the instructions in Step 3, and then you can access all sections of the vMonitor Portal after assigning the vMonitorFullAccess policy to the IAM user account.

2. List of VNG Managed Policies

VNG Managed Policy is an IAM Policy created by default by the VNG Cloud IAM system. These Policies are managed by VNG Cloud itself to support users in quickly setting up the necessary access rights for IAM user accounts for resources of each specific Product. Let's find out the list of VNG Managed Policies for vMonitor :

  • vMonitorFullAccess: Includes full access to resources in the vMonitor system

  • vMonitorMetricPush: Includes only permissions related to Push Metric

  • vMonitorMetricNormalAccess: Includes full access to resources of type Metric (except for Billing related actions)

  • vMonitorMetricReadOnlyAccess: Includes only Read permissions to Metric resources.

  • vMonitorMetricFullAccess: Includes full access to resources of type Metric

  • vMonitorSyntheticReadOnlyAccess: Includes only Read permissions to Synthetic resources.

  • vMonitorSyntheticNormalAccess: Includes full access to Synthetic resources (except Billing related actions)

  • vMonitorSyntheticFullAccess: Includes full access to Synthetic resources

  • vMonitorNotificationReadOnlyAccess: Includes only Read access to Notification resources.

  • vMonitorNotificationFullAccess: Includes full access to Notification resources

  • vMonitorLogNormalAccess: Includes full access to Log resources (except Billing related actions)

  • vMonitorLogReadOnlyAccess: Includes only Read access to Log resources.

  • vMonitorLogFullAccess: Includes full access to Log resources

  • vMonitorBillingFullAccess: Includes full access to vMonitor - Billing page

  • vMonitorDashboardReadOnlyAccess: Includes only Read access to vMonitor - Dashboard page.

  • vMonitorDashboardFullAccess: Includes full access to the vMonitor - Dashboard page

3. Explore IAM for vMonitor in Detail

Learn more about IAM for vMonitor : Identity and Access Management (IAM) for vMonitor

Learn more about IAM:

  • IAM Identity

  • Common Use Cases for IAM

PreviousIAM for vStorageNextIAM for DataSync

Last updated

Logo

Address

VNG Corporation

Contact us

support@vngcloud.vn1900 1549

About us

About VNG CloudGet started our cloud