Purpose of Yandex Identity and Access Management
The Yandex Identity and Access Management (IAM) service allows you to control access to Yandex Cloud resources. You determine what rights other users should have, while IAM checks that the user actually has such rights.
You can grant access to a specific user, group of users, or service account. For more information about types of users, see the section Yandex Cloud users.
To grant access rights, you grant a user a role for a resource. To learn which roles are available in Yandex Cloud, read the section Roles. To learn how to assign a role, see the section Assign access rights.
For IAM to check the applicable user's rights, the user has to go through the authorization process. To learn about user steps to access the resource, see Authorization in Yandex Cloud.