NavigationContentFooter
Jump toSuggest an edit
Was this page helpful?

How to manage IAM users

Reviewed on 02 January 2025Published on 20 June 2022

You can manage IAM users of an Organization if you are the Owner of that Organization, or if you have sufficient permissions (via policies) to do so. Management actions include adding and removing users to/from groups, attaching and detaching policies to/from users, viewing and deleting users’ API keys and removing users from the Organization.

Before you startLink to this anchor

To complete the actions presented below, you must have:

  • A Scaleway account logged into the console
  • Owner status or IAM permissions allowing you to perform actions in the intended Organization
Note

The procedures described below, except How to remove a user from the Organization, apply to all types of IAM users: Owners, Guests and Members. IAM Members, however, have extra features that apply only to them. Refer to the How to manage members documentation page to find the procedures specific to members.

How to access the user overviewLink to this anchor

  1. Click IAM & API keys on the top-right drop-down menu of the Scaleway console. The Users tab of the Identity and Access Management dashboard displays.
  2. Click the name of the user you want to manage. Alternatively, click «See more Icon» next to the user, and select Overview. Either way, you are taken to the user’s Overview tab. Follow the steps below depending on the management action you wish to take.

How to view user informationLink to this anchor

From the user’s Overview tab, you can view information such as:

  • User details - The user’s type (Owner, Guest or Member), status, joined on (for Guests) or created on (for Members) date, whether they have MFA enabled, and the date of their last login.
  • User profile - The user’s username, first and last names, email address, telephone number, preferred language, and their Scaleway ID number.

In the Overview tab, you can also find an extensive list of the user’s permission sets, the name of their associated policies and the scope they apply to.

How to manage a user’s groups and policiesLink to this anchor

From the user’s Groups & policies tab, you can find a list of the user’s groups and policies.

Remove a user from a groupLink to this anchor

  1. Click the x button next to the group you want to remove the user from. A pop-up displays asking you to confirm the action.
  2. Click Remove from group to confirm.
    Important

    Removing a user from a group means that any permissions given to them via the group (i.e. from an attached policy) will no longer apply. Be sure you want to remove these permissions from the user before proceeding.

Add a user to another groupLink to this anchor

A user may be part of multiple groups at the same time.

  1. Click Add to group to add the user to a group. A pop-up displays, prompting you to select a group.
  2. Select the group you want to add the user to from the drop-down list, or type the name of the group.
  3. Click Validate to finish. The user is added to the selected group, and you are returned to the Overview tab.
Tip

Learn how to create a new IAM group.

Detach a policy from a userLink to this anchor

  1. Click the x button next to the policy you want to detach from the user. A pop-up displays asking you to confirm the action.
  2. Click Detach policy to confirm.
    Important

    Since policies can only be attached to one principal at a time, detaching a policy from the user means that the policy becomes orphaned. The policy will remain in your list of policies, but will have no effect until you attach it to another principal.

Attach another policy to a userLink to this anchor

A user may be attached to multiple policies.

  1. Click Attach a policy to attach another policy to the user. A pop-up displays.

  2. Select an action between: creating a new policy, selecting an unassigned policy or duplicating an existing policy.

    Note

    When you create a new policy or duplicate an existing one, you are redirected to the IAM policies page. The following steps apply when you choose to select an unassigned policy.

  3. Select the policy you want to attach to the user from the drop-down list.

  4. Click Validate to finish. The selected policy is attached to the user.

How to view and delete user API keysLink to this anchor

  1. Click the user’s Credentials tab. You can view details of the user’s API keys.
    Note

    You cannot see the secret key part of any API keys, nor can you create an API key for any IAM user other than yourself.

    If you want to delete a user’s API key, proceed to the following steps:
  2. Click «See more Icon» next to the API key you wish to delete, and select Delete. A warning displays, reminding you that this action is permanent.
  3. Type DELETE and click Submit to confirm the action.

How to remove a guest from an OrganizationLink to this anchor

Note

To remove any users other than yourself, you must either be the Owner of the Organization, or have IAMManager permissions. The exception to this is that you can always remove yourself as an IAM user from an Organization in which you are a Guest, anytime. This equates to leaving the Organization. You cannot leave an Organization that you own.

  1. From the user’s Overview tab, scroll down to the Remove user panel:

  2. Click Remove user. A warning displays, asking you to confirm your action:

  3. Type REMOVE to confirm, and click Remove user to validate.

    Note

    If you want to delete a Member, follow the corresponding steps in the How to manage Members documentation page.

See also
How to manage API keysHow to manage Members
Was this page helpful?
API DocsScaleway consoleDedibox consoleScaleway LearningScaleway.comPricingBlogCareers
© 2023-2025 – Scaleway