Access Management
Last updated
English
Last updated
This article guides you on how to add users and grant permissions to use the vCloudStack service:
To add more Users to use the vCloudStack service system, the administrator needs to perform the following steps:
Step 1: Administrator accesses VNG Cloud homepage ( )
Step 2: Select to go to IAM Portal page of IAM;
Step 3: In the left navigation bar, select Identity Provider ;
Step 4: To create a Single-Sign-On integration service, synchronize user information to log in to vCloudStack, click "Add an Identity Provider"
Step 5: Fill in the required information fields to create the synchronization service:
Provider Name : Enter the name of the service that synchronizes the login information;
Provider Type: Select SAML
Vendor: Select Azure AD
Login URL : Fill in the Login URL link from Microsoft Entra ID (formerly Azure Active Directory)
Step 5: After filling in the Login URL link information, click Save ;
Step 6 : The system will generate:
Entity URL;
Reply URL;
Login URL;
Admin uses the Entity URL and Reply URL just created, then returns to the Microsoft Entra ID app, pastes the Entity URL and Reply URL at "Setup Single-Sign-On with SAML" and confirms (admin can test the synchronization after filling in the URLs).
Step 7: When the synchronization test is successful, the Admin can use the Login URL sent to the User to access and authenticate by Azure. If the authentication is successful, the User can be redirected to the vCloudStack User Site screen.
To add 01 user to use the vCloudStack service system, the administrator needs to perform the following steps:
Step 2: Select to go to IAM Portal page of IAM;
Step 3: In the left navigation bar, select User Account, the screen displays a list of IAM users ;
Step 4: To create more users, click Create an user Account ;
Step 5: Fill in the login name "Account User";
Step 6: Enter the password you want to set for the User Account (or click auto generate to have the system automatically generate the password);
Step 7: Click " Create User Account " to confirm creating more users.
To authorize ( Policy ) for Users to use the vCloudStack service system in the User Site and Admin Site portal, the administrator needs to perform the following steps:
Step 2: Select to go to IAM Portal page of IAM;
Step 3: In the left navigation bar, select Policy ;
Step 4: At the Policy list screen, to create a policy for users using vCloudStack, click the " Create a Policy " button;
Step 5: Fill in the Policy name and description to identify the Policy set for the user, then click Next ;
Step 6: Admin configures policy according to Product, Action, Resource, Condition.
Step 7: Click Create Policy to complete policy creation
Step 8: After creating a policy, there are 2 ways to assign the policy to the user:
Method 1: On the Policy list screen
Select the policy you want to assign to the user;
Select the Policy usage tab ;
Press the "Attach " button;
Select Users, then click Add to add the selected users.
Method 2: On the User Account screen
Select the user to whom the newly created policy should be applied;
In the Permission tab , display the policies applied to this user;
To add applicable policies, click " Attach Policies ";
Select the Policies, then click Attach to apply the policy to the user.
Note: After successfully accessing the User Page, the user may not be authorized to use the vCloudStack service because the user function has not been authorized. Admin needs to authorize according to the instructions below.
Step 1: Administrator accesses VNG Cloud homepage ( )
After successfully accessing the User Page, the user may not be authorized to use the vCloudStack service because the user function has not been authorized. Admin needs to authorize according to the instructions below.
For users who create accounts on the User account screen, they can only authorization policies in step 8 - method 2.
Step 1: Administrator accesses VNG Cloud homepage ( )