About Your Identity

Your identity is the set of credentials that you use to interact with the resources of your OUTSCALE account. One account can contain multiple identities.

You can access and use the OUTSCALE Cloud via two types of identity:

The root user, which has unrestricted permissions on all resources of the account.
EIM users, which are created and owned by the root user and which may have restricted permissions.

Root User

The root user is the default identity that is automatically created with an OUTSCALE account. This root user has unrestricted permissions for all actions, and can manage users and user groups within the account.

You cannot restrict the permissions for the root user.

We recommend that:

You do not use root user credentials for everyday access to your resources.
You do not share root user credentials with anyone.

You can for example create an EIM user for yourself with all administration permissions.

EIM Users

Elastic Identity Management (EIM) is OUTSCALE’s historic API service ensuring partial compatibility with the Identity and Access Management (IAM) API of Amazon Web Services (AWS). Now, EIM is used to refer to the users, user groups and policies used to manage authentication and authorization within OUTSCALE’s IAM service. This can be done using either the EIM API or the OUTSCALE API. For more information, see About the APIs.

The root user can create sub-users of the account with restricted permissions: EIM users. They have their own sets of access keys, distinct from those of the root user. For more information, see About EIM Users and Managing Access Keys for EIM Users.

EIM users can be organized into EIM groups to make their permissions easier to manage. For more information, see About EIM Groups.

The permissions themselves are managed through EIM policies, which you can attach to EIM users or EIM groups. Permissions consist in being allowed to run specific API methods on the OUTSCALE account. For more information, see About Policies.

EIM users are not OUTSCALE accounts and must be used for governance and security purposes only. Indeed, resources, quotas, and consumption are considered at the level of the account, rather than at the level of individual EIM users.

An EIM user is a resource that belongs to the OUTSCALE account. This resource must be considered as a set of credentials whose accesses are limited by the EIM policies that are applied to it.

EIM Compatibility

EIM users are compatible with the following OUTSCALE services:

Service	Compatibility
OUTSCALE API	Yes
Flexible Compute Unit (FCU)	Yes
Load Balancing Unit (LBU)	Yes
Elastic Identity Management (EIM)	Yes
DirectLink	Yes
OUTSCALE Object Storage (OOS)	No
OUTSCALE Kubernetes as a Service (OKS)	No
Cockpit	Yes

Service

Compatibility

OUTSCALE API

Yes

Flexible Compute Unit (FCU)

Yes

Load Balancing Unit (LBU)

Yes

Elastic Identity Management (EIM)

Yes

DirectLink

Yes

OUTSCALE Object Storage (OOS)

OUTSCALE Kubernetes as a Service (OKS)

Cockpit

Yes

Related Pages

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.