User GuidesDeveloper ReferenceSupportFAQsLog in

Users & Groups

The Users & Groups feature provides core Identity and Access Management (IAM) capabilities within the IONOS Cloud environment. It is designed to support Role-Based Access control (RBAC) by enabling fine-grained management of user identities, group associations, and resource-level permissions.

This tutorial guides you through creating and managing Users, Groups, and Resources in the Virtual Data Center (VDC) via the User Manager. You can create new users, add them to user groups, and assign privileges to each group. Privileges either limit or increase your access based on the user role. The User Manager lets you control user access to specific areas of your VDC.

A user is an individual who can log in to IONOS Cloud. Each user can have different roles based on the privileges assigned. The assigned privileges determine the tasks the user is allowed to perform. For example, administrators can assign roles, manage access tokens, enforce MFA, and track user activity across services. For more information about creating users, see Create a user.

User access control

A new VDC in the Data Center Designer (DCD) is manageable by contract owners. To assign resource management capabilities to other members in VDC, you can add users and groups and grant them appropriate privileges to work with the data center resources.

Prerequisites: Make sure you have the appropriate privileges. Only contract administrators and owners can manage users within a VDC.

Together, these components form the foundation for secure multi-user access control, secured access, and operational efficiency in IONOS Cloud.

Create a user

  1. In the DCD, go to Menu > Management > Users & Groups.

  2. Select Create in the Users tab.

  3. Enter the user's First Name, Last Name, Email, and Password.

Note: — The email address of the new user must be unique.

— The password must adhere to the contract's password policy. For more information, see Manage Password Policy.

  1. Select Create to confirm.

Creating a new user in VDC

Result: A user is successfully created and listed in the Users list.

Create a group

The creation of groups is useful when you need to assign specific duties to the members of a group. You can create a group and add members to this group. You can then assign privileges to the entire group.

  1. In the Groups tab, select Create.

  2. Enter a Group Name.

  3. Select Create to confirm.

Result: The group is now created and visible in the Groups list. You can now assign permissions, users, and resources to your group.

User groups can be created directly from the Groups tab in the User Manager

Assign privileges to a group

  1. In the Groups tab, select a group from the Groups list.

  2. In the Privileges tab, select checkboxes next to the privilege name.

Note: You do not need to save your selections. This action automatically grants or removes privileges.

Result: The group has the required privileges now.

Assigning privileges to the group

Note: To remove the privileges for a group, clear the checkbox next to the privilege name.

Add users to a group

Users are added to your new group on an individual basis. Once you have created a new member, you must assign them to the group.

  1. In the Groups tab, select the required group.

  2. In the Members tab, add users from the Add User drop-down list.

Choose a user from the drop-down list and add them to the highlighted group as a member

Result: The users are now assigned to the group. These users have privileges and access rights to the resources corresponding to their group.

Remove a user from the group

Users can be removed from your group on an individual basis.

  1. Select the Members tab.

  2. Click Remove User.

Remove a user from the group

Result: This user is now removed from the group.

Assign resources to a group

  1. In the Groups tab, select the required group.

  2. Select the Resources of Group tab.

  3. Click Grant Access and select the resource to be assigned to the group from the drop-down list.

Select a resource from the Resources of a Group tab to assign to a group of users

Result: The group now has the newly assigned resources. You have enabled read access for the selected resource.

Enable or disable access for a resource

Group resource sharing is crucial for managing access and permissions within IONOS Cloud. The primary purpose of assigning a resource to a group in IONOS Cloud is to manage and restrict actions that users (non-administrators) can perform on those resources. Specifically, the actions controlled by group membership are as follows:

Access

Description

View

Adding the resource to the list enables users in the specific group to see the resources.

Edit

Allows users in the group to manage the resource.

Share

Share the resource between the groups of your contract and only those to which you belong. The users belonging to the group with which you share the resource gain view permissions.

Note:

  • Users created using the IONOS Cloud API /um/users endpoint have limited permissions.

  • Resources created by the contract owner are, by default, not visible to users.

  • Users cannot see or interact with resources created under the contract owner without being part of a shared group.

Administrators or contract owners can enable resource access to users by selecting the appropriate checkboxes:

  • Edit: Select the checkbox to allow users in the respective group to edit or manage the resources.

  • Share: Select the checkbox to share the resource between the groups of your contract, and only those to which you belong. The users of the group gain view permissions.

To restrict access, select the required resource and clear either the Edit or Share checkboxes or directly click Revoke Access to revoke both permissions.

Enable or disable access for the resources of a group

Add group to a resource

  1. In the Resources tab, select a resource from the list.

  2. In the Visible to Groups tab, click Add Group.

  3. Select a group from the drop-down list.

Select the resource you wish to make available to a user group. The group members can now exercise their chosen privileges.

Result: This group can now access the allocated resource.

PreviousIdentity & Access ManagementNextPassword Policy

Last updated

Was this helpful?