Manage identity and access control on Vultr with IAM. Configure organizations, users, groups, roles, policies, and OIDC for secure cloud access.
Send and manage invitations for users to join your Vultr organization. Resend pending invitations and control user access to organizational resources.
Delete an organization from your Vultr account using the IAM API. Understand the impact on associated users, groups, roles, and policies before deletion.
Retrieve a list of all organizations associated with your Vultr account. View organization details including names, IDs, types, and creation timestamps.
Remove a user from your Vultr organization using the IAM API. Disassociate the user without deleting their platform account or affecting other memberships.
Restore a previously deleted organization on Vultr. Recover the organization and reassociate users, groups, roles, and policies through the Vultr IAM API.
Suspend or unsuspend a user in your Vultr organization. Temporarily revoke or reinstate a user's access to organizational resources through the IAM API.
Update the display name of an existing organization on Vultr. Modify organizational details through the Vultr IAM API or the Vultr Console interface.
List all users in your Vultr organization including regular and service users. Retrieve user details such as status, email, and API access through the IAM API.
Reference for all IAM policy actions on Vultr. Browse permission actions by service category to build accurate policy documents for your organization.
Attach an IAM policy to a group on Vultr. Grant all members of the group the permissions defined in the policy document through the Vultr API or Console.
Attach an IAM policy directly to a user on Vultr. Grant the user specific permissions defined in the policy document through the Vultr API or Console.
Create a new IAM policy on Vultr with a structured policy document. Define actions, effects, and resources to control access to cloud infrastructure.
Delete an IAM policy from your Vultr organization. Remove the policy and its permission rules from all associated users, groups, and roles in the system.
Detach an IAM policy from a group on Vultr. Revoke the permissions defined in the policy from all group members through the Vultr API or Console interface.
Detach an IAM policy from a user on Vultr. Remove the permissions defined in the policy document from the user through the Vultr API or Console interface.
List all groups that have a specific IAM policy attached on Vultr. Identify which groups inherit permissions from a given policy through the Vultr IAM API.
List all users that have a specific IAM policy attached on Vultr. Identify which users have direct permissions from a given policy through the Vultr IAM API.
Restore a previously deleted IAM policy on Vultr. Recover the policy and its permission rules to reassociate it with users, groups, and roles in the system.
Update an existing IAM policy on Vultr. Modify the policy document, name, or description to adjust permission rules for associated users, groups, and roles.
Add a user to an IAM group on Vultr. The user inherits all roles and policies attached to the group through the Vultr API or Console upon being added.
Create a new IAM group in your Vultr organization. Groups let you organize users and assign shared roles and policies for centralized access management.
Delete an IAM group from your Vultr organization. Remove the group and disassociate all member users from the shared roles and policies it previously held.
Retrieve a list of all IAM groups in your Vultr organization. View group details including names, member counts, and associated roles through the IAM API.
List all roles and policies attached to a specific IAM group on Vultr. Review the permissions inherited by group members through the Vultr IAM API endpoint.
Remove a user from an IAM group on Vultr. The user loses all roles and policies inherited from the group while retaining any directly assigned permissions.
Update an existing IAM group in your Vultr organization. Modify the group name or description through the Vultr API or Console to reflect current team roles.
Configure role trust relationships in Vultr IAM. Define which users, groups, organizations, or OIDC issuers can assume specific roles in your organization.
Manage assumed role sessions in Vultr IAM. Assume roles for temporary elevated access, retrieve session details, and terminate active sessions when complete.
Attach an IAM policy to a role on Vultr. Add permission rules to the role that are inherited by all users and groups assigned to it through the IAM system.
Attach an IAM role to a group on Vultr. All members of the group inherit the permissions from the role's attached policies through the Vultr IAM system.
Attach an IAM role directly to a user on Vultr. The user receives all permissions from the role's attached policies through the Vultr IAM system immediately.
Create an IAM role on Vultr with assignable or assumable type. Define a reusable permission set by attaching policies that control access to cloud resources.
Delete an IAM role from your Vultr organization. Remove the role and disassociate all attached policies, users, and groups from the role in the IAM system.
Detach an IAM policy from a role on Vultr. Remove specific permission rules from the role, affecting all users and groups currently assigned to it in IAM.
Detach an IAM role from a group on Vultr. Group members lose the permissions inherited from the role's policies while retaining their direct assignments.
Detach an IAM role from a user on Vultr. The user loses all permissions inherited from the role's policies while retaining other directly assigned access.
List all groups assigned to a specific IAM role on Vultr. Identify which groups and their members inherit the permissions from the role through the IAM API.
List all policies attached to a specific IAM role on Vultr. Review the permission rules that users and groups inherit when assigned to this role via the API.
List all users assigned to a specific IAM role on Vultr. View which users directly inherit the permissions defined by the role's attached policies via the API.
Restore a previously deleted IAM role on Vultr. Recover the role and its policy attachments to reassign it to users and groups in your organization's IAM.
Update an existing IAM role in your Vultr organization. Modify the role name, description, or type configuration through the Vultr API or the Console.
Create and manage OIDC issuers in Vultr IAM. Configure trusted identity issuers for federated authentication and role assumption across your organization.
Create and manage OIDC providers in Vultr IAM. Configure identity providers for token generation and federated authentication across your cloud organization.
List all groups that the currently authenticated user belongs to in Vultr IAM. View your own group memberships and inherited permissions through the IAM API.
List all policies directly attached to the currently authenticated user in Vultr IAM. View your own permission rules and access controls through the IAM API.
List all roles assigned to the currently authenticated user in Vultr IAM. View your own role assignments and inherited policy permissions through the IAM API.
List all groups that a specific user belongs to in your Vultr organization. View group memberships and inherited permissions for any user through the IAM API.
List all policies attached to a specific user in your Vultr organization. View directly assigned permission policies for any user through the Vultr IAM API.
List all roles assigned to a specific user in your Vultr organization. View role assignments and inherited policy permissions for any user through the IAM API.
Understand how Vultr isolates resources and data between organizations. Each organization maintains separate infrastructure, billing, and access boundaries.
Find answers to common questions about Vultr Identity and Access Management. Learn about organizations, users, groups, roles, policies, and ACL migration.
Find out if existing ACL-based access controls continue to work after Vultr IAM is enabled. ACLs remain functional alongside IAM during the transition period.
Find out if Vultr-managed permission policies can be modified. Vultr-managed policies are read-only and cannot be edited, but you can create custom policies.
Learn whether manual migration from ACLs to IAM is required on Vultr. Existing ACL permissions are automatically mapped to equivalent IAM policies for you.
Understand IAM groups on Vultr and how permission inheritance works. Groups let users inherit roles and policies automatically through group membership assignment.
Learn whether you can convert an assignable role to an assumable role in Vultr IAM. Understand the differences between the two role types and how to switch.
Review the resource limits for IAM in your Vultr organization. See the maximum number of users, groups, roles, and policies allowed per organization account.
Learn which entities support policy attachment in Vultr IAM. Permission policies can be attached directly to users, groups, and roles in your organization.
Learn what Identity and Access Management is on Vultr. IAM controls who can access your resources, what actions they can perform, and under what conditions.
Understand resource scoping in Vultr IAM. Resource scoping lets you grant permissions on specific resources instead of all resources within a service category.
Learn which entities can hold IAM roles on Vultr. Assignable roles attach to users, service users, and groups. Assumable roles use trust-based relationships.
Learn about user types in Vultr IAM including normal users, service users, and the root owner. Understand how each type interacts with organizations and access.
Learn the session duration limits for assumable roles in Vultr IAM. Sessions range from 15 minutes to 12 hours maximum, with a default duration of 1 hour.
Learn how to view the combined effective permissions for a user in Vultr IAM. See all access granted through direct policies, group memberships, and roles.
Understand permission policies in Vultr IAM. Policies define allow and deny rules for actions on resources and can be Vultr-managed or custom-created by you.
Understand the impact of removing a user from a Vultr organization. The user loses access to organizational resources but their platform account is not deleted.
Understand IAM roles on Vultr. Roles bundle permission policies into reusable sets that can be assigned to users and groups or assumed for temporary access.
Learn how long an organization invitation remains valid in Vultr IAM. Understand the expiry timeframe and what happens when an invitation link expires.
Compare the root owner and organization admin roles in Vultr IAM. Understand the privileges, limitations, and responsibilities that distinguish each identity.
Learn whether a user can belong to multiple Vultr organizations simultaneously and how to switch between them using the Vultr Console or API context.
Learn what happens to your existing ACL-based permissions when Vultr enables IAM. ACL rules are mapped to equivalent IAM policies to preserve current access.
Understand the access impact when a user is removed from a Vultr IAM group. The user loses inherited permissions but retains any directly assigned access.
Learn how to add or remove users and assign or detach roles within a Vultr IAM group. Manage group membership and permissions through the Console or the API.
Learn what an organization is in Vultr IAM and why it is required. Organizations serve as the top-level boundary for users, groups, roles, and resource access.