Preview
Yandex Cloud Organization

A single service for managing the organizational structure, setting up integration with the employee catalog, and differentiating user access to the organization’s cloud resources.

The service is at the Preview stage and can be used free of charge.

Federated access
You can create an identity federation with any SAML-enabled credential management service. This will enable you to use corporate accounts to log in to Yandex.Cloud services.
Access management
In Yandex Cloud Organization, you can manage the list of users and assign them roles in the services connected to Yandex.Cloud.
Single Sign-On
Users can log in to Yandex.Cloud services through Single Sign‑On (SSO) using their Yandex accounts or corporate accounts.

Questions and answers

What is an organization?

This is a structural unit where you can manage the list of your employees, set up single sign-on for them in Yandex.Cloud services, and assign them roles.

This is a structural unit where you can manage the list of your employees, set up single sign-on for them in Yandex.Cloud services, and assign them roles.

What is an identity federation?

An identity federation is a technology that helps you implement Single Sign-On (SSO) and use your corporate accounts for logging in to Yandex Cloud Organization.

An identity federation is a technology that helps you implement Single Sign-On (SSO) and use your corporate accounts for logging in to Yandex Cloud Organization.

What do I do if I already configured the IAM’s identity federation?

Your existing federations will remain in Yandex.Cloud folders. If an organization connects to the cloud with a previously configured IAM Identity Federation, the federation will move to the organization level. You can use Yandex Cloud Organization to create new federations. If you have used the public IAM identity federation API in your folders, you’ll need to switch to a similar API in Yandex Cloud Organization.
CLI commands will have a different format:
yc iam federation XXX changes to yc organization-manager federation saml XXX
yc iam certificate XXX changes to yc organization-manager federation saml certificate XXX

Your existing federations will remain in Yandex.Cloud folders. If an organization connects to the cloud with a previously configured IAM Identity Federation, the federation will move to the organization level. You can use Yandex Cloud Organization to create new federations. If you have used the public IAM identity federation API in your folders, you’ll need to switch to a similar API in Yandex Cloud Organization.
CLI commands will have a different format:
yc iam federation XXX changes to yc organization-manager federation saml XXX
yc iam certificate XXX changes to yc organization-manager federation saml certificate XXX

How do I log in to the management console using my corporate username?

On the authorization page, select Log in via SSO.

On the authorization page, select Log in via SSO.

Is there an API for organization management?

Yes, you can use the service API.

Yes, you can use the service API.

How do I set up user attribute mapping?

In the documentation, we provide examples of mapping attributes between different identity providers:

  • Active Directory
  • G-Suite
  • SAML-compatible federations

In the documentation, we provide examples of mapping attributes between different identity providers:

  • Active Directory
  • G-Suite
  • SAML-compatible federations

I have a cloud, how do I connect an organization to it?

You need to create an organization in Yandex Cloud Organization and use the management console to select the organization that you want to link your cloud to. This will create a request to technical support including the IDs of the cloud and the organization that you want to link together. When you create a cloud, you will be asked to select an existing organization or create a new one.

You need to create an organization in Yandex Cloud Organization and use the management console to select the organization that you want to link your cloud to. This will create a request to technical support including the IDs of the cloud and the organization that you want to link together. When you create a cloud, you will be asked to select an existing organization or create a new one.

I have multiple clouds, how do I connect a single organization to them?

You need to create an organization in Yandex Cloud Organization and create a request to technical support specifying the organization and cloud IDs.

You need to create an organization in Yandex Cloud Organization and create a request to technical support specifying the organization and cloud IDs.

Get started with Yandex Cloud Organization