You need to enable JavaScript to run this app.
IAM

IAM

  • Documentation
    • IAMUser GuidePermission PolicyPolicy Overview
Copy page
Download PDF
Permission Policy
Policy Overview
Copy page
Download PDF
Policy Overview

A policy is a description of permissions that an IAM user, user group, or role must grant through an associated policy. In the policy, you can define the operation scope, resource scope and permission effect conditions. For details, please refer to " Policy Syntax Structure ". IAM supports two types of policies: system default policies and custom policies.

  • System default policies are some common sets of permissions created and managed by Volcano Engine, with coarser granularity. The system default policy can only be used for authorization, and users cannot edit or modify it.

  • Custom policy: It is a set of permissions created by the user to describe the management of resources in a more refined manner. When the system preset policy cannot meet the requirements, you can create a custom policy to define the permissions in a fine grain.

Add policy authorization

Assign a policy to a user/user group/role, and the corresponding identity will have the relevant permissions for the policy.

  • Enter the Access Control Console .

  • On the Authorization tab, you can view the identities authorized by the policy;

  • Click Add to add permissions for the specified identity.

  • Click Remove to disassociate the policy from the identity, which no longer has permissions related to the policy.

Manage custom policies

Edit custom policy

Click on the edit policy in the action column of the user-defined policy list, and edit the basic policy information and policy syntax in the edit policy pop-up window.

Delete custom policy

Click Delete in the Action column of the User Custom Policy List to delete the policy.

New custom policy

Click the New Policy button on the "Policy Management" page to define the policy content in the visual editor or JSON editor. For details, please refer to the " New Policy " documentation.

Manage custom policies

You can go to the appropriate policy management page by clicking **Policy Name **or **Manage **in the Actions column.

Click Edit in the policy details to edit the basic information of the policy in the "Edit" pop-up window.

tip

Note: When a policy is deleted, the user, user group, or role associated with it will be disauthorized by the policy by default.

Last updated: 2025.06.23 19:21:32