Yandex Identity and Access Management

Manage access to virtual machines and other cloud resources.

Yandex accounts

Users don’t need to create additional accounts: to access your Yandex Cloud resources, they can use their accounts.

Two-factor authentication

In Yandex Cloud, you can also set up two-factor authentication via Yandex ID. Access is granted via the Yandex Key mobile app that is linked to the user’s device.

Identity federation

A federated user will get access to resources using an external corporate username. Authentication and authorization are done via SAML v2.0.

Service accounts

Create service accounts for your processes and they can connect to your cloud resources as users through the service API.

Flexible role system

Roles can be assigned at the level of an organization, cloud, folder, service account, or other resources.

Manage access to VMs

Use IAM to manage access to virtual machines via SSH centrally and securely.

Getting started

To use the service, add a user to Yandex Cloud and assign a role to them.

Questions and answers

What is Yandex Identity and Access Management used for?

The service controls access to resources and lets you configure access rights. You can:

  • Add and delete new cloud users.
  • Manage access rights to resources by assigning and revoking roles.
  • Create service accounts: special accounts to manage Yandex Cloud resources via the API.
  • Get an IAM token that is required for authorization via the API.

Get started with Identity and Access Management