Open Telekom Cloud voor zakelijke klanten

Configure fine grained access rights for Key Management Service via IAM

With the latest update of the Key Management Service, you can now also configure very detailed permissions on the Key Management Service. You can now also set fine-grained permissions via the "Custom Policy Designer", which is available to you in the IAM Service in the "Permissions" tab via "Create Custom Policy".

The "Custom Policy Designer" allows you to define permissions for specific "actions". This can be the permission to e.g. "create customer keys" or "disable customer keys". You can select from a total 28 actions which can be assigned to your custom policy. Permissions on "actions" can not only be "granted" but also explicitly forbidden.

Furthermore, it is possible to limit the access rules to specific resources. This allows you to define different action permissions for different users/user groups on different customer keys. The permission policy can be linked to further conditional parameters. Those criteria must first be met before the user is then allowed to perform the corresponding action. For example, permissions can be bound to time periods. This allows you to issue permissions only for certain periods of time, so that they expire at a certain given time.

Below you will find the short overview of the update again

Permissions can be

  1. set up on action level (28 individual actions in total)
  2. allowed or explicitly forbidden
  3. dedicated to buckets or objects
  4. linked to conditional parameters

Further information can be found in the Open Telekom Cloud help center.



An example setup with 3 use cases can be found as a post in the Open Telekom Cloud Community via the following link:


Do you have questions?

We answer your questions about testing, booking and use – free of charge and individually. Try it! 
Hotline: 24 hours a day, 7 days a week
0800 3304477 from Germany / 00800 33044770 from abroad

  • Communities

    De Open Telekom Cloud Community

    Gebruikers, ontwikkelaars en producteigenaren komen hier samen om elkaar te helpen, uit te wisselen en te bespreken.

    Ontdek nu

  • Telefon

    Gratis hotline voor experts

    Onze gecertificeerde cloud-experts bieden u een persoonlijke service.

    Bel: 088-447777 (tijdens kantooruren)

    of bel de internationale hotline:

    +800 33044770

    (24 uur per dag, 7 dagen per week)

  • E-Mail

    Onze klantenservice staat gratis tot uw beschikking via e-mail support.

    Stuur een e-mail