Overview of Identity Policies

  • Updated on Jan 30, 2026
  • Published on Jan 28, 2026
  • 1 minute(s) read
Prev Next

Identity policies comprise statements that grant or deny permissions for any combination of specific actions on any combination of specified resources.

Identity policies are manageable exclusively through VMS. They are created using JSON document structure and uploaded to VMS. You can create, modify and delete identity policies, and you can attach them to users and to groups.

Note

All permissions required for the S3 Object Locking feature must be assigned through identity policies.

Note

In native replication, where a protected path transfers snapshots from a destination replication peer to a target replication peer, identity policies are replicated from the destination peer to the target peer. They are disabled by default on the target peer and can be enabled for use when needed.

Related articles
  • Overview of Identity Policies
    VAST Cluster > Version 5.2 > VAST Cluster 5.2 Administrator's Guide > Managing Access Protocols > S3 Object Storage Protocol > Managing S3 Access > Managing Identity Policies
  • Overview of Identity Policies
    VAST Cluster > Version 5.3 > VAST Cluster 5.3 Administrator's Guide > Managing Access Protocols > S3 Object Storage Protocol > Managing S3 Access > Managing Identity Policies
  • Overview of Identity Policies
    VAST Cluster > Version 5.4 > VAST Cluster 5.4 Administrator's Guide > Managing Users > Identity Management > Managing Identity Policies