Access Management

On region HCM04, you can use 4 types of accounts to access vStorage. Details of these 4 types include:

  • Root User Account: Is the first account created to access VNG Cloud with full access to all resource services on VNG Cloud.

  • IAM User Account, Service Account: Is an account created from the single Root user account with access rights depending on the access policy set from the Root user account.

  • S3 keys: Is a pair of s3 keys with access key and secret key integrated by vStorage for compatibility with S3 client tools such as s3cmd, s3 SDK,...

Refer to the table below to get an overview of how accounts work on vStorage:

Account Type
Access Channel
Place of Origin
Default Permission
Working with project
Working with buckets

Root User Account

vStorage Portal

Initialize for the first time when using the service on VNG Cloud

Full rights on project and bucket

Yes

Yes

IAM User Account

vStorage Portal

IAM Portal

No access to any resources yet

Yes, permissions via IAM Policy

Yes, permissions via Bucket Policy

Service Account

vStorage API

IAM Portal

No access to any resources yet

Yes, permissions via IAM Policy

Yes, permissions via Bucket Policy

S3 keys

3rd party software

vStorage Portal

Depends on account creation

No

Yes, permissions depend on the type of user that created the S3 key

Last updated