Identity and Access Management

The service allows to create and manage user identities and control access to virtual machines and other cloud resources.

Request access Documentation

Google accounts

Users don’t need to create additional accounts: to access your Nebius resources, they can use any of their @gmail.com or gaccounts.

Two-factor authentication

In Nebius, you can also set up two-factor authentication via Google account. Access is granted via the Google Authenticator mobile app.

Identity federation

A federated user will get access to resources using an external corporate username. Authentication and authorization are done via SAML v2.0.

Service accounts

Create service accounts for your processes and they can connect to your cloud resources as users through the service API.

Flexible role system

Roles can be assigned at the level of an organization, cloud, folder, service account, user or other resources.

Inviting users

You can add users with a Google account as well as federated users. To do this, you need to be the organization administrator or owner.

In-depth guides for the best start of your journey

Getting started

Add a user to an organization and grant them access to a resource in one of your clouds.

Step-by-step guides

Check out our step-by-step guides that will help you with routine operations.

Concepts overview

Learn more about concepts and resources of the service.

Questions and answers about IAM

What is Identity and Access Management used for?

The service controls access to resources and lets you configure access rights. You can:

Add and delete new cloud users.
Manage access rights to resources by assigning and revoking roles.
Create service accounts: special accounts to manage Nebius resources via the API.
Get an IAM token that is required for authorization via the API.

Documentation

How much does it cost to use the service?

How are access rights verified?

Start your journey

Request access Documentation

More to know

About us

Pricing

Contact sales