Configuring user group mapping for your federation
Note
This feature is in the Preview stage. To get access, contact tech support
To configure user access to Yandex Cloud resources using group mapping:
-
Create user groups in Cloud Organization.
-
Configure access rights to Yandex Cloud resources.
-
Create user groups in your identity provider and add users to them.
Note
You can use existing user groups.
-
Set up user group mapping in the identity provider's SAML attribute settings. To learn how to do this, consult the provider's documentation or contact their support.
Identity providers offer guides on how to set up group mapping:
-
Set up user group mapping in the federation settings:
Cloud Center interface-
Log in to Yandex Cloud Organization
with an administrator or organization owner account. -
In the left-hand panel, select
Federations. -
Click the line with the required federation and go to the IdP group tab.
-
Enable Mapping group in IdP.
-
Click Add group and configure mapping:
- Group name: Enter the name of an identity provider group.
- IAM group: Select a Cloud Organization group from the list.
-
Repeat the previous step for each group you want to map.
-
Click Save.
-