IAM provides the following functions
- Centrally controls user security certificates.
- Controls the creation, rotation, and revocation of Open Cloud service access security credentials (for example, access key) of each user.
- Centrally controls user access policies.
- Controls user access policies in the Open Cloud service system. The policies include setting an ACL to restrict malicious access of non-trusted networks and disabling certain insecure users to access the Open Cloud service system.
- Provides permissions based on user groups.
- The IAM service restricts the Open Cloud service access permissions of users based on their responsibilities, such as administrator and R&D engineer. When a user accesses a website, you are able to easily update the Open Cloudservice access permissions of the user to reflect the change in the role.
- If hardware fails, key services take time to repair and seriously affect the normal business operations of users. IAM uses layered hot redundancy protection, which allows key services to automatically switch over and restore services in the event of a hardware failure.