Skip to navigationSkip to main contentSkip to footerScaleway DocsAsk our AI
Ask our AI
Log inSign up

Auto-generated IAM resources

Sometimes Scaleway might automatically generate IAM resources, such as applications, groups and policies.

This allows policies to be set up with specific product resources as principals. These policies are created by Scaleway and can be managed by users to ensure more access management of resource permissions.

Any time Scaleway automatically creates or deletes an IAM resource, you will see it on your IAM logs.

Image showing IAM logs in the Scaleway console. The first two lines show a policy and group that were automatically created for a Kubernetes Kapsule cluster, respectively. The third and fourth line show a group and a policy that were deleted. In all cases, the logs indicate that the actions were performed by Scaleway.

Kubernetes Kapsule

Currently, auto-generated IAM resources only occur in Kubernetes Kapsule when a cluster is created.

Whenever a cluster is created, automatically so are:

  • An IAM group containing all the nodes in the cluster as IAM applications
    Note

    The node IAM applications are not visible to users.

  • An IAM policy with default permission sets and the cluster group as a principal

The default policy cannot be edited by authorized users, only deleted by them.

Still need help?

Create a support ticket
No Results