From b3bc252328607283383df964ab229a3a2579c537 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Mon, 26 May 2025 12:00:15 +0200
Subject: [PATCH 1/3] feat(iam): remove guests
---
macros/iam/login-member.mdx | 6 +-
menu/navigation.json | 8 --
pages/account/faq.mdx | 5 -
.../how-to/change-console-appearance.mdx | 4 +
pages/account/quickstart.mdx | 2 +-
pages/contribute.mdx | 2 +-
pages/iam/concepts.mdx | 19 +--
.../iam/how-to/accept-invitation-to-orga.mdx | 71 -----------
pages/iam/how-to/manage-members.mdx | 41 ++++--
pages/iam/how-to/manage-policies.mdx | 22 ++++
pages/iam/how-to/manage-users.mdx | 117 ------------------
pages/iam/how-to/view-permission-sets.mdx | 2 +-
pages/iam/quickstart.mdx | 17 ++-
pages/iam/reference-content/overview.mdx | 6 +-
.../users-groups-and-applications.mdx | 1 -
.../how-to/use-organizations.mdx | 4 -
16 files changed, 80 insertions(+), 247 deletions(-)
delete mode 100644 pages/iam/how-to/accept-invitation-to-orga.mdx
delete mode 100644 pages/iam/how-to/manage-users.mdx
diff --git a/macros/iam/login-member.mdx b/macros/iam/login-member.mdx
index 31e692cc43..5fd8a833d9 100644
--- a/macros/iam/login-member.mdx
+++ b/macros/iam/login-member.mdx
@@ -2,14 +2,10 @@
macro: login-member
---
-
- Login via [Single Sign-On (SSO)](/account/concepts/#single-sign-on-sso) is currently not available for Members.
-
-
1. Open your web browser and go to the [Scaleway console](https://console.scaleway.com).
2. Click [Log in as an IAM Member](https://account.scaleway.com/member-login?redirectToUrl=https://console.scaleway.com/).
- Logging into an Organization as a Member is different from logging in as a Guest or as an Owner. To perform a non-Member login, you can follow the classic [How to log into the console](/account/how-to/log-in-to-the-console) procedure.
+ Logging into an Organization as a Member is different from logging in as an Owner. To perform a non-Member login, you can follow the classic [How to log into the console](/account/how-to/log-in-to-the-console) procedure.
3. Enter the Organization ID and click **Continue**.
diff --git a/menu/navigation.json b/menu/navigation.json
index 632aa2c14c..6436774fbf 100644
--- a/menu/navigation.json
+++ b/menu/navigation.json
@@ -324,10 +324,6 @@
"label": "Invite a Guest to an Organization",
"slug": "invite-user-to-orga"
},
- {
- "label": "Accept an invitation to an Organization",
- "slug": "accept-invitation-to-orga"
- },
{
"label": "Log in as a Member",
"slug": "log-in-as-a-member"
@@ -344,10 +340,6 @@
"label": "Manage API keys",
"slug": "manage-api-keys"
},
- {
- "label": "Manage users",
- "slug": "manage-users"
- },
{
"label": "Manage Members",
"slug": "manage-members"
diff --git a/pages/account/faq.mdx b/pages/account/faq.mdx
index 1a93912192..102a38ef60 100644
--- a/pages/account/faq.mdx
+++ b/pages/account/faq.mdx
@@ -15,11 +15,6 @@ productIcon: AccountExperienceProductIcon
### My account is locked. What do I do?
If your account is locked, [contact our support team](https://console.scaleway.com/support/tickets/create) to learn the reason for the blockage and discover how to regain access.
-### I've been invited to an Organization, but can’t see any resources
-When you create a Scaleway account after being invited to join a specific Organization as a [Guest](/iam/concepts/#guest), a personal Organization is automatically created for you.
-
-If you only want to work on the Project you have been invited to, you can switch Organizations and Projects using the drop-down menu on the console dashboard.
-
### I cannot access my account but I am still being billed
First you must contact the support to help you [unlock your account](/account/troubleshooting/cannot-log-into-my-account/). Once you have regained access, identify what resources are still running and delete them. You can also [close your account](/account/how-to/close-account), and have all your remaining resources automatically shutdown.
diff --git a/pages/account/how-to/change-console-appearance.mdx b/pages/account/how-to/change-console-appearance.mdx
index 69c9c6c403..f6ad735666 100644
--- a/pages/account/how-to/change-console-appearance.mdx
+++ b/pages/account/how-to/change-console-appearance.mdx
@@ -15,6 +15,10 @@ categories:
You can choose the color scheme of the [Scaleway console](/account/concepts/#console) according to your preferences. We offer a light, dark, darker, or system-based color scheme.
+
+ This feature is currently not available for [IAM Members](/iam/concepts/#member).
+
+
- A Scaleway account logged into the [console](https://console.scaleway.com)
diff --git a/pages/account/quickstart.mdx b/pages/account/quickstart.mdx
index c7ca34d340..383f3f649e 100644
--- a/pages/account/quickstart.mdx
+++ b/pages/account/quickstart.mdx
@@ -31,7 +31,7 @@ Once you have validated your payment method, you can start ordering resources li
Every account has an associated Organization, which in turn has an Owner. When you create your account, you are designated as the Owner of the Organization associated with your account.
-When you [close your account](/account/how-to/close-account/), you delete your Organization and all its resources and backups. All the Members you created will cease to exist along with the Organzation. Any Guests who joined the Organization will lose access to it.
+When you [close your account](/account/how-to/close-account/), you delete your Organization and all its resources and backups. All the Members you created will cease to exist along with the Organzation.
There is a delay of up to 10 days between the time your account is closed and the time the system deletes your resources. It is recommended to manually delete all your Organization's resources before closing your account. To reopen your account, [contact support](https://console.scaleway.com/support).
diff --git a/pages/contribute.mdx b/pages/contribute.mdx
index a7bd4f593b..6927c9bd13 100644
--- a/pages/contribute.mdx
+++ b/pages/contribute.mdx
@@ -74,7 +74,7 @@ Join the Scaleway **Write for the Community** program, an initiative for making
If you write a tutorial that gets published on our website, you will receive a voucher of **up to €200 cloud credits** in your Scaleway account.
Note that for receiving a reward, you must have:
- - Submitted your tutorial idea via a [documentation request issue](https://github.com/scaleway/docs-content/issues/new?assignees=&labels=Documentation+Request&template=doc_request.yaml&title=%5B%F0%9F%91%A9%E2%80%8D%F0%9F%92%BB+Documentation+Request%5D%3A+), which included your [Organization ID](/iam/how-to/accept-invitation-to-orga/) and was approved by our team.
+ - Submitted your tutorial idea via a [documentation request issue](https://github.com/scaleway/docs-content/issues/new?assignees=&labels=Documentation+Request&template=doc_request.yaml&title=%5B%F0%9F%91%A9%E2%80%8D%F0%9F%92%BB+Documentation+Request%5D%3A+), which included your [Organization ID](/iam/concepts/#organization-id) and was approved by our team.
- Written the content yourself and followed our [contribution process](https://github.com/scaleway/docs-content/blob/main/docs/CONTRIBUTING.md).
- Had your content merged and published by our team.
diff --git a/pages/iam/concepts.mdx b/pages/iam/concepts.mdx
index b6e8cc2a00..712b87b096 100644
--- a/pages/iam/concepts.mdx
+++ b/pages/iam/concepts.mdx
@@ -54,27 +54,29 @@ You are the [Owner](#owner) of the Organization that is created with your Scalew
Similarly, you can invite other users to be Guests in your Organization. Whereas Owners have full rights and access to all resources and features in their Organization, Guests have only the rights and permissions given to them via [policies](#policy).
-
+
+ Guests will be deprecated by July 2025. From then on, only Members can be created as users of your Organizations.
+
## IAM
**I**dentity and **A**ccess **M**anagement allows you to share access to the management of your Scaleway [resources](#resource) in a controlled and secure manner.
-This is achieved by inviting users to be Guests in your account's [Organization](#organization), and creating [policies](#policy) that define in a very fine-grained way exactly what permissions they should have for which [resources](#resource) in which of your [Projects](#project) or across your whole Organization.
+This is achieved by adding members to your [Organization](#organization), and creating [policies](#policy) that define in a very fine-grained way exactly what permissions they should have for which [resources](#resource) in which of your [Projects](#project) or across your whole Organization.
-Similarly, you may participate as a Guest in someone else's Organization, where you will have the precise rights that they accord to you using policies.
+Similarly, you may be added as a Member in someone else's Organization, where you will have the precise rights that they accord to you using policies.
You can also create non-human users in your Organization, called [IAM applications](#application), in order to give applications programmatic access to your Scaleway resources.
## Member
-You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created. This is one of the methods employed at Scaleway to allow Organizations to have multi-users. Members fulfill the same purpose as Guest, while ensuring the security of the Organization.
+You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created. This is one of the methods employed at Scaleway to allow Organizations to have multi-users.
-As a Member you are subject to [complying with the security requirements](/iam/how-to/comply-with-sec-requirements-member) in effect in your Organization. [Logging into an Organization as a Member](/iam/how-to/log-in-as-a-member) is also different from [logging in as a Guest or as an Owner](/account/how-to/log-in-to-the-console).
+As a Member you are subject to [complying with the security requirements](/iam/how-to/comply-with-sec-requirements-member) in effect in your Organization. [Logging into an Organization as a Member](/iam/how-to/log-in-as-a-member) is also different from [logging in as an Owner](/account/how-to/log-in-to-the-console).
## Organization
-An Organization is made of one or several [Projects](#project). When you create your Scaleway account, an Organization is automatically created, of which you are the Owner. You can also be added to an existing Organization as a [Guest](#guest) or as a [Member](#member).
+An Organization is made of one or several [Projects](#project). When you create your Scaleway account, an Organization is automatically created, of which you are the Owner. You can also be added to an existing Organization as a [Member](#member).
When you create [IAM rules](#rule), you can set their scope at Organization level. This means you can give access to features managed at Organization level, like billing and IAM, to users, applications, and groups in your Organization.
@@ -86,7 +88,7 @@ The Organization ID identifies the [Organization](#organization) created with yo
## Owner
-You are the [Owner](#owner) of the Organization that is created with your Scaleway account. Owners have full rights and access to all resources and features in their Organization. See also [Guest](#guest) and [Member](#member).
+You are the [Owner](#owner) of the Organization that is created with your Scaleway account. Owners have full rights and access to all resources and features in their Organization. See also [Member](#member).
## Permission
@@ -158,6 +160,9 @@ Keep in mind that:
A user (also known as an IAM user) is a human user in an Organization. They can be of two types:
- **Owner**: You are the Owner of the [Organization](#organization) that was created with your account.
- **Guest**: You are a Guest when invited to another Organization of which you are not the Owner. Similarly, you can invite other users to be Guests in your Organization.
+
+ Guests will be deprecated by July 2025. From then on, only Members can be created as users of your Organizations.
+
- **Member**: You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created.
Within each Organization, different IAM users can have different rights (defined through [policies](#policy)) to perform actions on resources.
\ No newline at end of file
diff --git a/pages/iam/how-to/accept-invitation-to-orga.mdx b/pages/iam/how-to/accept-invitation-to-orga.mdx
deleted file mode 100644
index b4522d8768..0000000000
--- a/pages/iam/how-to/accept-invitation-to-orga.mdx
+++ /dev/null
@@ -1,71 +0,0 @@
----
-meta:
- title: How to accept an invitation to an Organization
- description: Learn how to accept invitations to Scaleway Organizations.
-content:
- h1: How to accept an invitation to an Organization
- paragraph: Learn how to accept invitations to Scaleway Organizations.
-dates:
- validation: 2025-01-02
- posted: 2022-06-20
----
-
-When you [create a Scaleway account](/account/how-to/create-an-account/), an Organization is automatically created, of which you are the [Owner](/iam/concepts/#owner). If you are invited to someone else's Organization, you will simultaneously be the Owner of your own Organization and a Guest in the other Organization, where you will have the rights and permissions granted to you via [policies](/iam/concepts/#policy).
-
-
-
-
-
-- A Scaleway account logged into the [console](https://console.scaleway.com)
-- Received an invitation to join an [Organization](/iam/concepts/#organization)
-
-When someone invites you to join their Organization, you receive an email to inform you.
-
-
- Keep in mind that:
- - The procedure described on this page applies only to [IAM Guests](/iam/concepts/#guest)
- - If the Organization you were invited to [enforces MFA](/organizations-and-projects/how-to/enforce-mfa/), make sure you have [activated MFA](/account/how-to/use-2fa/) before accepting the invitation.
-
-
-## If you already have a Scaleway account
-
-1. Click **Log in to your account** from your email invitation. The Scaleway console opens in a browser window.
-2. Log into the Scaleway console using your credentials. Your Organization overview page displays.
-
- If you are already logged in, skip to the next step.
-
-3. Click **Accept** in the top right pop-up.
-
-
-
- If you click **Decline**, your invitation will be rescinded. If you want to be invited again, you must ask the [IAM Manager](/iam/reference-content/permission-sets/) or [Owner](/iam/concepts/#owner) of the Organization.
-
-
- You are redirected to the overview page of the Organization to which you were invited.
-
- As an [IAM user](/iam/concepts/#user) of an Organization, you must always ensure that you are in the desired Organization by checking the Organization name that displays in the top right corner of your console.
-
- In the image below, we are currently in the Marion Créange Organization (highlighted in red). Use the drop-down menu to navigate to a different Organization, for example below we could switch to the Documentation Team Organization.
-
-
-
-## If you do not have a Scaleway account
-
-1. Click **Create your account** from your email invitation. The Scaleway console opens in a browser window.
-2. Create a Scaleway account. Follow the [How to create a Scaleway account](/account/how-to/create-an-account/) documentation page to do so. Your Organization overview page displays.
-3. Click **Accept** in the top right pop-up.
-
-
-
- If you click **Decline**, your invitation will be rescinded. If you want to be invited again, you must ask the [IAM Manager](/iam/reference-content/permission-sets/) or [Owner](/iam/concepts/#owner) of the Organization.
-
-
- You are redirected to the overview page of the Organization to which you were invited.
-
- As an [IAM user](/iam/concepts/#user) of an Organization, you must always ensure that you are in the desired Organization by checking the Organization name that displays in the top right corner of your console.
-
- In the image below, we are currently in the Marion Créange Organization (highlighted in red). Use the drop-down menu to navigate to a different Organization. For example, below, we could switch to the Documentation Team Organization.
-
-
-
-
diff --git a/pages/iam/how-to/manage-members.mdx b/pages/iam/how-to/manage-members.mdx
index 9c6a501cde..579cf60861 100644
--- a/pages/iam/how-to/manage-members.mdx
+++ b/pages/iam/how-to/manage-members.mdx
@@ -18,28 +18,45 @@ dates:
## How to create a Member
1. Click **IAM & API keys** on the top-right drop-down menu of the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
-2. Click **+ Add user**. A pop-up displays prompting you to choose between creating a **Member** or adding a **Guest**.
-3. Select **Member** and click **Continue**.
-4. Enter the username of the Member you want to add to your Organization.
+2. Click **+ Add user**. A pop-up displays.
+3. Enter the username of the Member you want to add to your Organization.
- When you create a Member, a Scaleway account is created for them. They exist only within your Organization. If you delete the Member, their account is also deleted. Make sure you inform your Members that [logging into an Organization as a Member](/iam/how-to/log-in-as-a-member) is different from [logging in as a Guest or as an Owner](/account/how-to/log-in-to-the-console).
+ When you create a Member, a Scaleway account is created for them. They exist only within your Organization. If you delete the Member, their account is also deleted. Make sure you inform your Members that [logging into an Organization as a Member](/iam/how-to/log-in-as-a-member) is different from [logging in as an Owner](/account/how-to/log-in-to-the-console).
-5. (Optional) Add a password.
+4. (Optional) Add a password.
If you set a password, make sure you keep note of it to share it with the Member later. The password will only be shown once. If password renewal is enforced in the Organization, from their first login, the Member must update their password. They must comply with this security requirement within the [grace period](/iam/concepts#grace-period) defined for your Organization.
-6. (Optional) Check the box if you want to send the password to the Member via email.
-7. Click **Next**.
-8. Enter the Member's email address.
-9. (Optional) Check the box if you want to send a welcome email to the Member.
-10. (Optional) Enter the first and last name of the member.
-11. (Optional) Assign the member to an existing [IAM group](/iam/concepts/#group)
-12. Click **Create Member**.
+5. (Optional) Check the box if you want to send the password to the Member via email.
+6. Click **Next**.
+7. Enter the Member's email address.
+8. (Optional) Check the box if you want to send a welcome email to the Member.
+9. (Optional) Enter the first and last name of the member.
+10. (Optional) Assign the member to an existing [IAM group](/iam/concepts/#group)
+11. Click **Create Member**.
If you did not send a welcome email to the Member, make sure you give them their login information.
+## How to access the Member overview
+
+1. Click **IAM & API keys** on the top-right drop-down menu of the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
+
+2. Click the name of the user you want to manage. Alternatively, click next to the user, and select **Overview**. Either way, you are taken to the user's **Overview** tab.
+ Follow the steps below depending on the management action you wish to take.
+
+## How to view Member information
+
+From the user's [Overview tab](#how-to-access-the-user-overview), you can view information such as:
+
+ - **User details** - The user's type (Owner or Member), status, **created on** date, whether they have [MFA](/account/concepts/#multifactor-authentication-mfa) enabled, and the date of their last login.
+ - **User profile** - The user's username, first and last names, email address, telephone number, preferred language, and their Scaleway ID number.
+
+
+
+In the Overview tab, you can also find an extensive list of the user's permission sets, the name of their associated policies and the scope they apply to.
+
## How to lock a Member
As an Owner or user with IAM Manager permissions, you can lock a Member anytime.
diff --git a/pages/iam/how-to/manage-policies.mdx b/pages/iam/how-to/manage-policies.mdx
index c59025aaac..d6ddbf75f8 100644
--- a/pages/iam/how-to/manage-policies.mdx
+++ b/pages/iam/how-to/manage-policies.mdx
@@ -47,6 +47,28 @@ From the policy's [Overview page](#how-to-access-the-policy-overview):
See our documentation about [creating policies](/iam/how-to/create-policy/) for more help with building rules.
+## How to detach a policy from a user
+
+1. Click the **x** button next to the policy you want to detach from the user. A pop-up displays asking you to confirm the action.
+2. Click **Detach policy** to confirm.
+
+ Since policies can only be attached to one [principal](/iam/concepts/#principal) at a time, detaching a policy from the user means that the policy becomes orphaned. The policy will remain in your list of policies, but will have no effect until you attach it to another principal.
+
+
+## How to attach another policy to a user
+
+A user may be attached to multiple policies.
+
+1. Click **Attach a policy** to attach another policy to the user. A pop-up displays.
+2. Select an action between: **creating a new policy**, **selecting an unassigned policy** or **duplicating an existing policy**.
+
+
+ When you [create a new policy](/iam/how-to/create-policy/) or duplicate an existing one, you are redirected to the IAM policies page. The following steps apply when you choose to select an unassigned policy.
+
+3. Select the policy you want to attach to the user from the drop-down list.
+4. Click **Validate** to finish.
+ The selected policy is attached to the user.
+
## How to delete a policy
diff --git a/pages/iam/how-to/manage-users.mdx b/pages/iam/how-to/manage-users.mdx
deleted file mode 100644
index 09272f2cda..0000000000
--- a/pages/iam/how-to/manage-users.mdx
+++ /dev/null
@@ -1,117 +0,0 @@
----
-meta:
- title: How to manage IAM users
- description: Instructions for managing user accounts in Scaleway IAM.
-content:
- h1: How to manage IAM users
- paragraph: Instructions for managing user accounts in Scaleway IAM.
-dates:
- validation: 2025-01-02
- posted: 2022-06-20
----
-
-You can manage IAM users of an Organization if you are the [Owner](/iam/concepts/#owner) of that Organization, or if you have sufficient permissions (via [policies](/iam/concepts/#policy)) to do so. Management actions include adding and removing users to/from groups, attaching and detaching policies to/from users, viewing and deleting users' API keys and removing users from the Organization.
-
-
-
-- A Scaleway account logged into the [console](https://console.scaleway.com)
-- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
-
-
- The procedures described below, except [How to remove a user from the Organization](#how-to-remove-a-user-from-the-organization), apply to all types of IAM users: Owners, Guests and Members. [IAM Members](/iam/concepts#members), however, have extra features that apply only to them. Refer to the [How to manage members](/iam/how-to/manage-members) documentation page to find the procedures specific to members.
-
-
-## How to access the user overview
-
-1. Click **IAM & API keys** on the top-right drop-down menu of the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
-
-2. Click the name of the user you want to manage. Alternatively, click next to the user, and select **Overview**. Either way, you are taken to the user's **Overview** tab.
- Follow the steps below depending on the management action you wish to take.
-
-## How to view user information
-
-From the user's [Overview tab](#how-to-access-the-user-overview), you can view information such as:
-
- - **User details** - The user's type (Owner, Guest or Member), status, **joined on** (for Guests) or **created on** (for Members) date, whether they have [MFA](/account/concepts/#multifactor-authentication-mfa) enabled, and the date of their last login.
- - **User profile** - The user's username, first and last names, email address, telephone number, preferred language, and their Scaleway ID number.
-
-
-
-In the Overview tab, you can also find an extensive list of the user's permission sets, the name of their associated policies and the scope they apply to.
-
-## How to manage a user's groups and policies
-
-From the user's **Groups & policies** tab, you can find a list of the user's groups and policies.
-
-
-
-### Remove a user from a group
-
-1. Click the **x** button next to the group you want to remove the user from. A pop-up displays asking you to confirm the action.
-2. Click **Remove from group** to confirm.
-
- Removing a user from a group means that any permissions given to them via the group (i.e. from an attached policy) will no longer apply. Be sure you want to remove these permissions from the user before proceeding.
-
-
-### Add a user to another group
-
-A user may be part of multiple groups at the same time.
-
-1. Click **Add to group** to add the user to a group. A pop-up displays, prompting you to select a group.
-2. Select the group you want to add the user to from the drop-down list, or type the name of the group.
-3. Click **Validate** to finish.
- The user is added to the selected group, and you are returned to the **Overview** tab.
-
-
- Learn [how to create a new IAM group](/iam/how-to/create-group/).
-
-
-### Detach a policy from a user
-
-1. Click the **x** button next to the policy you want to detach from the user. A pop-up displays asking you to confirm the action.
-2. Click **Detach policy** to confirm.
-
- Since policies can only be attached to one [principal](/iam/concepts/#principal) at a time, detaching a policy from the user means that the policy becomes orphaned. The policy will remain in your list of policies, but will have no effect until you attach it to another principal.
-
-
-### Attach another policy to a user
-
-A user may be attached to multiple policies.
-
-1. Click **Attach a policy** to attach another policy to the user. A pop-up displays.
-2. Select an action between: **creating a new policy**, **selecting an unassigned policy** or **duplicating an existing policy**.
-
-
- When you [create a new policy](/iam/how-to/create-policy/) or duplicate an existing one, you are redirected to the IAM policies page. The following steps apply when you choose to select an unassigned policy.
-
-3. Select the policy you want to attach to the user from the drop-down list.
-4. Click **Validate** to finish.
- The selected policy is attached to the user.
-
-## How to view and delete user API keys
-
-1. Click the user's **Credentials** tab.
- You can view details of the user's [API keys](/iam/how-to/create-api-keys/).
-
- You cannot see the secret key part of any API keys, nor can you create an API key for any IAM user other than yourself.
-
- If you want to delete a user's API key, proceed to the following steps:
-2. Click next to the API key you wish to delete, and select **Delete**.
- A warning displays, reminding you that this action is permanent.
-3. Type **DELETE** and click **Submit** to confirm the action.
-
-## How to remove a guest from an Organization
-
-
- To remove any users other than yourself, you must either be the [Owner](/iam/concepts#owner) of the Organization, or have [IAMManager permissions](/iam/reference-content/permission-sets/). The exception to this is that you can always remove yourself as an IAM user from an Organization in which you are a [Guest](/iam/concepts#guest), anytime. This equates to leaving the Organization. You cannot leave an Organization that you own.
-
-
-1. From the user's [**Overview** tab](#how-to-access-the-user-overview), scroll down to the **Remove user** panel:
-
-2. Click **Remove user**. A warning displays, asking you to confirm your action:
-
-3. Type **REMOVE** to confirm, and click **Remove user** to validate.
-
-
- If you want to delete a Member, follow the corresponding steps in the [How to manage Members](/iam/how-to/manage-members/#how-to-delete-a-member) documentation page.
-
\ No newline at end of file
diff --git a/pages/iam/how-to/view-permission-sets.mdx b/pages/iam/how-to/view-permission-sets.mdx
index e6515d1e50..1fdd8e099a 100644
--- a/pages/iam/how-to/view-permission-sets.mdx
+++ b/pages/iam/how-to/view-permission-sets.mdx
@@ -5,7 +5,7 @@ meta:
content:
h1: How to view permission sets
paragraph: Learn how to view your permission sets in Scaleway IAM.
-tags: iam permission set rights authorization read write guest owner organization
+tags: iam permission set rights authorization read write owner organization
dates:
validation: 2024-12-03
posted: 2024-12-03
diff --git a/pages/iam/quickstart.mdx b/pages/iam/quickstart.mdx
index 2c6e959984..12eb61d461 100644
--- a/pages/iam/quickstart.mdx
+++ b/pages/iam/quickstart.mdx
@@ -21,24 +21,23 @@ Read our dedicated page for a [general overview of IAM](/iam/reference-content/o
- A Scaleway account logged into the [console](https://console.scaleway.com)
- [Owner](/iam/concepts/#owner) status or [IAM permissions](/iam/concepts/#permission) allowing you to perform actions in the intended Organization
-## How to invite a user to your Organization
+## How to add a Member to your Organization
-Invite other users to be able to give them access to your Organization. You will be able to define the exact level of access to give by creating a [policy](#how-to-give-permissions-to-users-and-applications-via-policies) for them later. You can add two types of users: [Guests](/iam/concepts/#guest) and [Members](/iam/concepts/#member). In this section we show you how to [add a member](/iam/how-to/manage-members/#how-to-create-a-member).
+Invite other users to be able to give them access to your Organization. You will be able to define the exact level of access to give by creating a [policy](#how-to-give-permissions-to-users-and-applications-via-policies) for them later. You can add [Members](/iam/concepts/#member). In this section we show you how to [add a member](/iam/how-to/manage-members/#how-to-create-a-member).
1. Click **IAM & API keys** on the top-right drop-down menu of the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
-2. Click **+ Add user**. A pop-up displays prompting you to choose between creating a **Member** or adding a **Guest**.
-3. Select **Member** and click **Continue**.
-4. Enter a username and the email address of the Member you want to add to your Organization.
+2. Click **+ Add user**. A pop-up displays.
+3. Enter a username and the email address of the Member you want to add to your Organization.
When you create a Member, a Scaleway account is created for them. They exist only within your Organization. If you delete the Member, their account is also deleted.
-5. (Optional) Check the box if you want to send a welcome email to the Member.
-6. Add a password.
+4. (Optional) Check the box if you want to send a welcome email to the Member.
+5. Add a password.
If you set a password, make sure you keep note of it to share it with the Member later. The password will only be shown once. If password renewal is enforced in the Organization, from their first login, the Member must update their password. They must comply with this security requirement within the [grace period](/iam/concepts#grace-period) defined for your Organization.
-7. (Optional) Check the box if you want to send the password to the Member via email.
-8. Click **Create Member**.
+6. (Optional) Check the box if you want to send the password to the Member via email.
+7. Click **Create Member**.
## How to create an application
diff --git a/pages/iam/reference-content/overview.mdx b/pages/iam/reference-content/overview.mdx
index f52deb6c60..088142b10d 100644
--- a/pages/iam/reference-content/overview.mdx
+++ b/pages/iam/reference-content/overview.mdx
@@ -26,7 +26,7 @@ When you create your Scaleway account, an [Organization](/iam/concepts/#organiza
- You can also be added to an existing Organization as a [Guest](#guest) or as a [Member](#member). Your permissions in these Organizations will depend on the policies set for you by the Organization administrator.
+ You can also be added to an existing Organization as a [Member](#member). Your permissions in these Organizations will depend on the policies set for you by the Organization administrator.
### Creating Resources & Projects
@@ -41,10 +41,6 @@ If you want to give someone else permission to view, edit, create or manage reso
1. [Create a new IAM Member](/iam/how-to/manage-members/#how-to-create-a-member). You can provide them the credentials necessary to [log in as a Member](/iam/how-to/log-in-as-a-member) in your Organization.
-
- Alternatively, [invite the user](/iam/how-to/invite-user-to-orga/) to your Organization as a Guest. They create their own Scaleway account, if they do not already have one, and can then accept your invitation.
-
-
2. Give the user permissions via [policies](/iam/concepts/#policy). Create a policy to define what permissions and access rights you want the user to have in your Organization.
diff --git a/pages/iam/reference-content/users-groups-and-applications.mdx b/pages/iam/reference-content/users-groups-and-applications.mdx
index fc044e374a..3acf41743f 100644
--- a/pages/iam/reference-content/users-groups-and-applications.mdx
+++ b/pages/iam/reference-content/users-groups-and-applications.mdx
@@ -20,7 +20,6 @@ An IAM user is a human user in an Organization.
They can be of two types:
- **Owner** - you are the Owner of the Organization that was created with your account.
-- **Guest** - you are a Guest when invited to an Organization of which you are not the Owner. Similarly, you can invite other users to be Guests in your Organization.
- **Member** - you are a member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are added. As a member you are subject to [complying with the security requirements](/iam/how-to/comply-with-sec-requirements-member/) in effect in your Organization.
Within each Organization, different IAM users can have different rights (defined through policies) to perform actions on resources.
diff --git a/pages/organizations-and-projects/how-to/use-organizations.mdx b/pages/organizations-and-projects/how-to/use-organizations.mdx
index c247004d8c..02b5b1adaa 100644
--- a/pages/organizations-and-projects/how-to/use-organizations.mdx
+++ b/pages/organizations-and-projects/how-to/use-organizations.mdx
@@ -30,7 +30,3 @@ Refer to the [How to invite another user to an Organization](/iam/how-to/invite-
You can also invite people to be IAM users of an Organization of which you are not the Owner, if you have sufficient permissions (via policies) to do so. See our documentation on [permission sets](/iam/reference-content/permission-sets/) for more information.
You can define the rights and permissions you want guests to have in your Organization via [policies](/iam/concepts/#policy).
-
-## How to accept an invitation to an Organization
-
-If you were invited to join an Organization, you can refer to the [How to accept an invitation to an Organization](/iam/how-to/accept-invitation-to-orga/) documentation page for more information.
\ No newline at end of file
From b1de28d8ad90a4971023985107af5a34895bf597 Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Tue, 27 May 2025 17:44:26 +0200
Subject: [PATCH 2/3] fix(iam): reviews
Co-authored-by: Rowena Jones <36301604+RoRoJ@users.noreply.github.com>
---
macros/iam/login-member.mdx | 2 +-
pages/account/quickstart.mdx | 2 +-
pages/iam/concepts.mdx | 4 ++--
pages/iam/quickstart.mdx | 2 +-
4 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/macros/iam/login-member.mdx b/macros/iam/login-member.mdx
index 5fd8a833d9..f57bb0a44e 100644
--- a/macros/iam/login-member.mdx
+++ b/macros/iam/login-member.mdx
@@ -5,7 +5,7 @@ macro: login-member
1. Open your web browser and go to the [Scaleway console](https://console.scaleway.com).
2. Click [Log in as an IAM Member](https://account.scaleway.com/member-login?redirectToUrl=https://console.scaleway.com/).
- Logging into an Organization as a Member is different from logging in as an Owner. To perform a non-Member login, you can follow the classic [How to log into the console](/account/how-to/log-in-to-the-console) procedure.
+ Logging into an Organization as a Member is different from logging in as an Owner. To perform a non-Member login, you can follow the procedure described in the [How to log into the console](/account/how-to/log-in-to-the-console) documentation page.
3. Enter the Organization ID and click **Continue**.
diff --git a/pages/account/quickstart.mdx b/pages/account/quickstart.mdx
index 383f3f649e..ac5111298f 100644
--- a/pages/account/quickstart.mdx
+++ b/pages/account/quickstart.mdx
@@ -31,7 +31,7 @@ Once you have validated your payment method, you can start ordering resources li
Every account has an associated Organization, which in turn has an Owner. When you create your account, you are designated as the Owner of the Organization associated with your account.
-When you [close your account](/account/how-to/close-account/), you delete your Organization and all its resources and backups. All the Members you created will cease to exist along with the Organzation.
+When you [close your account](/account/how-to/close-account/), you delete your Organization and all its resources and backups. All the Members you created will cease to exist along with the Organization.
There is a delay of up to 10 days between the time your account is closed and the time the system deletes your resources. It is recommended to manually delete all your Organization's resources before closing your account. To reopen your account, [contact support](https://console.scaleway.com/support).
diff --git a/pages/iam/concepts.mdx b/pages/iam/concepts.mdx
index 712b87b096..94f68a34e0 100644
--- a/pages/iam/concepts.mdx
+++ b/pages/iam/concepts.mdx
@@ -62,7 +62,7 @@ Similarly, you can invite other users to be Guests in your Organization. Whereas
**I**dentity and **A**ccess **M**anagement allows you to share access to the management of your Scaleway [resources](#resource) in a controlled and secure manner.
-This is achieved by adding members to your [Organization](#organization), and creating [policies](#policy) that define in a very fine-grained way exactly what permissions they should have for which [resources](#resource) in which of your [Projects](#project) or across your whole Organization.
+This is achieved by adding Members to your [Organization](#organization), and creating [policies](#policy) that define in a very fine-grained way exactly what permissions they should have for which [resources](#resource) in which of your [Projects](#project) or across your whole Organization.
Similarly, you may be added as a Member in someone else's Organization, where you will have the precise rights that they accord to you using policies.
@@ -70,7 +70,7 @@ You can also create non-human users in your Organization, called [IAM applicatio
## Member
-You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created. This is one of the methods employed at Scaleway to allow Organizations to have multi-users.
+You are a Member when you are added to an Organization by an Owner or user with IAM Manager permissions. Members exist only within the specific Organizations in which they are created. This is Scaleway's method for allowing Organizations to have multiple users.
As a Member you are subject to [complying with the security requirements](/iam/how-to/comply-with-sec-requirements-member) in effect in your Organization. [Logging into an Organization as a Member](/iam/how-to/log-in-as-a-member) is also different from [logging in as an Owner](/account/how-to/log-in-to-the-console).
diff --git a/pages/iam/quickstart.mdx b/pages/iam/quickstart.mdx
index 12eb61d461..e0c63abfd3 100644
--- a/pages/iam/quickstart.mdx
+++ b/pages/iam/quickstart.mdx
@@ -23,7 +23,7 @@ Read our dedicated page for a [general overview of IAM](/iam/reference-content/o
## How to add a Member to your Organization
-Invite other users to be able to give them access to your Organization. You will be able to define the exact level of access to give by creating a [policy](#how-to-give-permissions-to-users-and-applications-via-policies) for them later. You can add [Members](/iam/concepts/#member). In this section we show you how to [add a member](/iam/how-to/manage-members/#how-to-create-a-member).
+Invite other users as [Members](/iam/concepts/#member) to be able to give them access to your Organization. You will be able to define the exact level of access to give by creating a [policy](#how-to-give-permissions-to-users-and-applications-via-policies) for them later. In this section, we show you how to [add a Member](/iam/how-to/manage-members/#how-to-create-a-member).
1. Click **IAM & API keys** on the top-right drop-down menu of the Scaleway console. The **Users** tab of the [Identity and Access Management dashboard](https://console.scaleway.com/iam/users) displays.
2. Click **+ Add user**. A pop-up displays.
From a1af4588399677534b95f7d38869e1795ad77d9d Mon Sep 17 00:00:00 2001
From: ldecarvalho-doc <82805470+ldecarvalho-doc@users.noreply.github.com>
Date: Tue, 27 May 2025 17:47:40 +0200
Subject: [PATCH 3/3] fix(iam): reviews 2
---
pages/iam/concepts.mdx | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/pages/iam/concepts.mdx b/pages/iam/concepts.mdx
index 94f68a34e0..607aeca8a2 100644
--- a/pages/iam/concepts.mdx
+++ b/pages/iam/concepts.mdx
@@ -52,10 +52,8 @@ A group (also known as an IAM group) is a grouping of [users](#user) and/or [app
You are the [Owner](#owner) of the Organization that is created with your Scaleway account. However, when you are invited to another Organization of which you are not the Owner, you are a **Guest** in that Organization.
-Similarly, you can invite other users to be Guests in your Organization. Whereas Owners have full rights and access to all resources and features in their Organization, Guests have only the rights and permissions given to them via [policies](#policy).
-
- Guests will be deprecated by July 2025. From then on, only Members can be created as users of your Organizations.
+ Guests will be deprecated by July 2025. From then on, only Members can be created as users of your Organizations, and adding Guests to an Organization will no longer be possible.
## IAM
@@ -159,7 +157,7 @@ Keep in mind that:
A user (also known as an IAM user) is a human user in an Organization. They can be of two types:
- **Owner**: You are the Owner of the [Organization](#organization) that was created with your account.
-- **Guest**: You are a Guest when invited to another Organization of which you are not the Owner. Similarly, you can invite other users to be Guests in your Organization.
+- **Guest**: You are a Guest when invited to another Organization of which you are not the Owner.
Guests will be deprecated by July 2025. From then on, only Members can be created as users of your Organizations.