IAM for vServer
IAM is essential to protecting resources within vServer services. Without proper access control, unauthorized users can access sensitive data or disrupt critical operations. IAM helps enforce the principle of least privilege, minimizing potential attack surfaces and protecting your server resources from unauthorized access and data compromise.
1. Getting Started with IAM
This guide is intended to guide users to quickly get started with IAM in vServer services by using the default permission (defined by VNG Cloud Managed Policies) for the vServer system called vServerFullAccess.
Accessing the IAM Console
Open your web browser and access the IAM Console URL: https://hcm-3.console.vngcloud.vn/iam/
Log in as a Root User Account or a User Account with access rights. You will need to provide a username/email and password when logging in.
After logging in, you will see the IAM Console interface, which provides an overview of your IAM configuration.
Create a new IAM User Account
Click "Create user" in the left menu
Click "Create a user account."
Enter the user account details, including username and password.
Review the settings and click "Create user account" in the upper right corner.
Access the vServer Portal with the IAM User Account
Open your web browser and go to the vServer website URL: https://hcm-3.console.vngcloud.vn/vserver/
Remember to log out of the Root User account and log in with the IAM User Account created in step 2.
After logging in, you will see an overview of the vServer website.
Try to access the Network, Server, Bock store, Load balancer, Container & Billing pages, you will see a notification about limited permissions as below.
Notice
The IAM User Account created in Step 2 does not currently have permissions to perform actions on the vServer cloud service.
To grant permissions to the above IAM User Account, refer to the instructions in Step 4 below. Note that this guide provides an example of vServerFullAccess.
4. Assign Permissions to IAM Accounts
Open your web browser and go to the IAM Console URL: https://hcm-3.console.vngcloud.vn/iam/
Log in as the Root User account. You may need to provide a username and password or use other authentication methods such as single sign-on (SSO) if configured.
Once logged in, you will see the IAM Console interface, which provides an overview of your IAM configuration.
Click on "User account" in the left menu.
Search for an IAM user account by entering the username in the search box.
Click on the row containing the IAM user account information in the search results.
By default, you will see the "Permission" tab on the IAM user account details page.
Click on the "Attach policies" button and then you will see a dialog box appear containing all the Policies.
Search for the vServerFullAccess policy by entering its exact name in the search box.
Tick the result and click the "Attach" button in the lower right corner of the dialog box.
5. Re-Access the vServer Portal with an IAM User Account
Re-Access the vServer Portal by following the instructions in Step 3, and then you can access all sections of the vServer Portal after assigning the vServerFullAccess policy to the IAM user account.
2. List of VNG Managed Policies
VNG Managed Policy is an IAM Policy created by default by the VNG Cloud IAM system. These Policies are managed by VNG Cloud itself to support users in quickly setting up the necessary access rights for IAM user accounts for resources of each specific Product. Let's explore the list of VNG Managed Policies for vServer:
vServerFullAccess: Includes full access rights to resources in the vServer system
vServerReadOnlyAccess: Includes only Read rights on resources in the vServer system
vLBFullAccess: Includes full access rights to resources in the Load Balancer service
vLBReadOnlyAccess: Includes only Read rights on resources in the Load Balancer service
3. Explore IAM for vServer in Detail
Learn more about IAM for vServer: Identity and Access Management (IAM) for vServer
Learn more about IAM:
IAM Identity
Common Use Cases for IAM
Last updated
