Assigning an IAM Policy

Describes how to assign an IAM policy to an identity by using the Data Fabric UI.

Prerequisites

You must be a fabric manager to perform this operation.

About this task

When you assign an IAM policy to one or more roles, SSO users, and/or SSO groups, the statements in the IAM policy are applied to the role, SSO users, and/or SSO groups.

An IAM policy is enforced when it is active and is attached or assigned to an identity like a user, group, and/or role. If am IAM policy is inactive, it will not be disarmed, even if it is assigned to an identity.
NOTE
After assigning an IAM policy, you can navigate out of the page using the breadcrumb on the top left side of the page.

Follow the steps given below to assign an IAM policy.

Procedure

  1. Log on to the Data Fabric UI.
  2. Select Fabric Manager for the fabric manager view.
  3. Click the Administration tab.
  4. On the list of IAM policies seen on the IAM policies card, click the ellipsis under Actions for the IAM policy to edit.
  5. Click Assign Policy to to assign the IAM policy to another identity such as users/groups/roles.
  6. Click Add+ on the Users card, enter the search criteria and select the users that you wish to assign the IAM policy to.This is an optional step.
  7. Click Add+ on the Groups card, enter the search criteria and select the groups that you wish to assign the IAM policy to.This is an optional step.
  8. Click Add+ on the Roles card, enter the search criteria and select the roles that you wish to assign the IAM policy to.This is an optional step.

Results

The policy is assigned to the selected SSO users, SSO groups, and/or roles. If the policy is active, it is enforced for the selected SSO users, SSO groups, and/or roles.