Identity and Access Management (IAM) Identity and Access Management (IAM)

IAM overview

This page describes how D4Science's Identity and Access Management (IAM) system works and how you can use it to obtain access to D4Science resources.

IAM lets you or your application grant access to specific D4Science resources and helps prevent access to other D4Science resources. IAM enables you to use the least privilege security principle, which states that no one should have more access than they require.

 

D4Science Account

A D4Science Account represents a user, a developer, or any other person who interacts with D4Science services. Any email address that is associated with a D4Science Account can be an identity. 

Service Account

A service account is an account for an application, script,  or compute workload instead of an individual user. When you run code that's hosted on D4Science premises or not, the code runs as the account you specify. For more information about using a service account in your application, see the service accounts section of this guide.