You can attach one or more identity policies to each user and group. To do so, you first query authentication providers for the user or group, and then edit the user or group to add and/or remove identity policies to/from the user or group.
Attaching/Removing Identity Policies to/from a User in VAST Web UI
From the left navigation menu, select User Management and then Users.
In the Users page, click the query button (
.png?sv=2022-11-02&spr=https&st=2026-02-09T09%3A52%3A27Z&se=2026-02-09T10%3A04%3A27Z&sr=c&sp=r&sig=lX6myRHk8sCFq5%2BqazYD0bP61Wf7CSfpDuTiBA0Im%2Fk%3D)
) to retrieve the user from a provider.Note
Run the query even if the user is already listed in the Users page.
In the query dialog, complete the query fields and click Query.
The query is run and the retrieved user is displayed in the Users page.
Right-click the user and select Edit to open the Update User dialog.
In the Identity Policies field, assign and unassign identity policies as needed:
To attach a policy to the user, select it in the dropdown so that it appears with a check mark next to it.
If the dropdown does not list the policy you need, click + Add Identity Policy to create it.
To remove a policy from the user, deselect it in the dropdown.
Note
If the selected policy controls permission to create and/or delete buckets, the policy will override the Allow Create Bucket and Allow Delete Bucket settings per user.
Click Update.
A new set of identity policies is now attached to the user.
Attaching/Removing Identity Policies to/from a User via VAST CLI
Run the user query command with the --identity-policies-ids option specified.
Attaching/Removing Identity Policies to/from a Group in VAST Web UI
From the left navigation menu, select User Management and then Groups.
In the Groups page, click the query button (
) to retrieve the group from a provider.Note
Run the query even if the group is already listed in the Groups page.
In the query dialog, complete the query fields and click Query.
The query is run and the retrieved group is displayed in the Groups page.
Right-click the the retrieved group and select Edit to open the Update Group dialog.
In the Identity Policies field, assign and unassign identity policies as needed:
To attach a policy to the group, select it in the dropdown so that it appears with a check mark next to it.
If the dropdown does not list the policy you need, click + Add Identity Policy to create it.
To remove a policy from the group, deselect it in the dropdown.
Note
If the selected policy controls permission to create and/or delete buckets, the policy will override the Allow Create Bucket and Allow Delete Bucket settings per group.
Click Update.
A new set of identity policies is now attached to the group.
Attaching/Removing Identity Policies to/from a Group in VAST CLI
Run the group query command with the --identity-policies-ids option specified.