Exoscale Documentation Exoscale Documentation Exoscale Documentation Platform Product Reference Contact ↗
CTRL K
    Portal
    CTRL K
      • Academy
        • CSP - Certified Sales Professional
        • CSA - Certified Solution Architect
        • CCE - Certified Container Engineer
        • INTRO Kubernetes
        • INTRO DBaaS
        • INTRO Storage
        • INTRO Sustainability
        • INTRO Compliance
      • Reference
        • API
        • CLI
          • Command Reference
            • compute
              • anti-affinity-group
                • create
                • delete
                • list
                • show
              • block-storage
                • attach
                • create
                • delete
                • detach
                • list
                • show
                • snapshot
                  • create
                  • delete
                  • list
                  • show
                  • update
                • update
              • deploy-target
                • list
                • show
              • elastic-ip
                • create
                • delete
                • list
                • show
                • update
              • instance
                • create
                • delete
                • elastic-ip
                  • attach
                  • detach
                • list
                • private-network
                  • attach
                  • detach
                  • update-ip
                • reboot
                • reset
                • reset-password
                • resize-disk
                • reveal-password
                • scale
                • scp
                • security-group
                  • add
                  • remove
                • show
                • snapshot
                  • create
                  • delete
                  • export
                  • list
                  • revert
                  • show
                • ssh
                • start
                • stop
                • update
              • instance-pool
                • create
                • delete
                • evict
                • list
                • scale
                • show
                • update
              • instance-template
                • delete
                • list
                • register
                • show
              • instance-type
                • list
                • show
              • load-balancer
                • create
                • delete
                • list
                • service
                  • add
                  • delete
                  • show
                  • update
                • show
                • update
              • private-network
                • create
                • delete
                • list
                • show
                • update
              • security-group
                • create
                • delete
                • list
                • rule
                  • add
                  • delete
                • show
                • source
                  • add
                  • remove
              • sks
                • authority-cert
                • create
                • delete
                • deprecated-resources
                • kubeconfig
                • list
                • nodepool
                  • add
                  • delete
                  • evict
                  • list
                  • scale
                  • show
                  • update
                • rotate-ccm-credentials
                • show
                • update
                • upgrade
                • upgrade-service-level
                • versions
              • ssh-key
                • delete
                • list
                • register
                • show
            • config
              • add
              • delete
              • list
              • set
              • show
            • dbaas
              • ca-certificate
              • create
              • database
                • create
                • delete
              • delete
              • external-endpoint
                • create
                • delete
                • list
                • show
                • update
              • external-integration
                • attach
                • detach
                • list
                • settings
                  • show
                  • update
                • show
              • list
              • logs
              • metrics
              • migration
                • status
                • stop
              • show
              • type
                • list
                • show
              • update
              • user
                • create
                • delete
                • list
                • reset-credentials
                • reveal-secrets
                • show
            • dns
              • add
                • A
                • AAAA
                • ALIAS
                • CAA
                • CNAME
                • HINFO
                • MX
                • NAPTR
                • NS
                • POOL
                • SRV
                • SSHFP
                • TXT
                • URL
              • create
              • delete
              • list
              • remove
              • show
              • update
                • A
                • AAAA
                • ALIAS
                • CAA
                • CNAME
                • HINFO
                • MX
                • NAPTR
                • NS
                • POOL
                • SPF
                • SRV
                • SSHFP
                • TXT
            • iam
              • api-key
                • create
                • delete
                • list
              • org-policy
                • reset
                • show
                • update
              • role
                • create
                • delete
                • list
                • show
                • update
            • limits
            • status
            • storage
              • bucket
                • object-ownership
                • replication
                  • delete
                  • set
                  • show
                • versioning
              • cors
                • add
                • delete
              • delete
              • download
              • headers
                • add
                • delete
              • list
              • mb
              • metadata
                • add
                • delete
              • presign
              • rb
              • setacl
              • show
              • upload
            • version
            • zone
        • IAM Resources
          • compute
          • sos
          • dbaas
          • iam
          • dns
        • Terraform Provider
          • Provider
            • Data Sources
              • Anti Affinity Group
              • Block Storage Volume
              • Block Storage Volume Snapshot
              • Compute Instance
              • Compute Instance List
              • Database URI
              • Domain
              • Domain Record
              • Elastic IP
              • Iam API Key
              • Iam Org Policy
              • Iam Role
              • Instance Pool
              • Instance Pool List
              • Nlb
              • Nlb Service List
              • Private Network
              • Security Group
              • Sks Cluster
              • Sks Cluster List
              • Sks Nodepool
              • Sks Nodepool List
              • Sos Bucket Policy
              • Template
              • Zones
            • Guides
              • Migration of Compute
              • Migration of Security Group Rules
              • Migration of SSH Keypair
            • Resources
              • Anti Affinity Group
              • Block Storage Volume
              • Block Storage Volume Snapshot
              • Compute Instance
              • Database
              • Dbaas
              • Dbaas Kafka User
              • Dbaas Mysql Database
              • Dbaas Mysql User
              • Dbaas Opensearch User
              • Dbaas Pg Database
              • Dbaas Pg User
              • Domain
              • Domain Record
              • Elastic IP
              • Iam Access Key
              • Iam API Key
              • Iam Org Policy
              • Iam Role
              • Instance Pool
              • Nlb
              • Nlb Service
              • Private Network
              • Security Group
              • Security Group Rule
              • Sks Cluster
              • Sks Kubeconfig
              • Sks Nodepool
              • Sos Bucket Policy
              • SSH Key
        • Exoscale Libraries
      • 404 – Page Not Found
      • Learning Center
      • Open-Source
      • Platform
        • Exoscale
        • Quick Start
        • Organization
        • Billing
        • Support Prios
        • Two-Factor Authentication
        • Single-Sign-On
        • Audit Trail
        • IP Address Ranges
        • Data Center Zones
        • Data Processing Addendum
        • Microsoft Licensing
      • Product
        • Compute
          • Instances
            • Quick Start
            • Overview
            • Operation
              • Snapshot
              • Rescue Mode
            • How-To
              • Instance Pools
              • SSH Keypairs
              • Anti-Affinity Groups
              • Windows Bitlocker, vTPM & Secureboot
              • Scaling an Instance
              • Instance Tags
              • Labels
              • Windows Specifics
              • Cloud-Init & User-Data
              • Custom Templates
              • Flexible Storage Management
              • Private Instances
            • Reference
              • API Instances
              • CLI Instances
          • Containers (SKS)
            • Quick Start
            • Overview
            • Operation
              • SKS Lifecycle Management
              • Autoscaling an SKS Node Pool
              • SKS Certificates and API Keys
            • How-To
              • SKS Load Balancer and Ingress Controller
              • Enabling GPU Support in SKS Nodes
              • OpenID Connect
              • Labels
              • Managed Compute Instances Prefixes
              • Kubernetes Taints
              • Custom CNI Setup
              • Removing kube-proxy
            • Reference
              • API Containers (SKS)
              • CLI SKS
        • Storage
          • Block Storage
            • Quick Start
            • Overview
            • Operation
              • Snapshot
            • How-To
              • Persistent Volume
            • Reference
              • API Block Storage
              • CLI Block Storage
          • Object Storage
            • Quick Start
            • Overview
            • Operation
              • ACL
            • How-To
              • Bucket Policy
              • Replication
              • Encryption
              • Metadata
              • Versioning
              • CORS
              • Terraform
              • Mountpoint for Amazon S3
            • Reference
              • API Object Storage
              • CLI Object Storage
        • Networking
          • IP
            • Quick Start
            • Overview
            • Operation
              • IPv6 Security Groups
            • How-To
              • Testing Connections
            • Reference
              • API IP
              • CLI IP
          • EIP
            • Quick Start
            • Overview
            • Operation
              • Configure IPv6
              • Configure a Manual Elastic IP
              • Creating an Elastic IPv6 prefix
              • Attach an Elastic IPv6 Prefix
            • How-To
              • Manual Elastic IP as Traffic Source
              • Managed Elastic IP Health Check Options
            • Reference
              • API Elastic IP
              • CLI Elastic IP
          • NLB
            • Quick Start
            • Overview
            • Operation
              • Load Balancer Strategies
              • Protocols and Ports
            • How-To
              • Configure Health Check
            • Reference
              • API Network Load Balancer
              • CLI Network Load Balancer
          • DNS
            • Quick Start
            • Overview
            • Operation
              • DNS Configuration
            • How-To
              • DNS Configuration Examples
            • Reference
              • API DNS
              • CLI DNS
          • CDN
            • Quick Start
            • Overview
            • Operation
              • Cache Management
            • How-To
            • Reference
          • Security Group
            • Quick Start
            • Overview
            • Operation
              • Organizing Security Groups
            • How-To
              • Allow SSH
              • Allow PING
              • Allow HTTP/HTTPS
              • Allow Outbound Reply
              • Restrict Outbound Traffic
            • Reference
              • API Security Group
              • CLI Security Group
          • Private Network
            • Quick Start
            • Overview
            • Operation
              • Change Private Network
              • DHCP Options
            • How-To
              • Manual Private Networks
              • Managed Private Network
            • Reference
              • API Private Network
              • CLI Private Network
          • Private Connect
            • Quick Start
            • Overview
            • Operation
              • Network Setup
              • Routing Configuration
            • How-To
              • Network Setup
            • Reference
              • FAQ
        • DBaaS
          • Quick Start
          • Overview
          • Operation
            • Architecture
            • Service Level Agreement
            • Naming Convention
          • How-To
            • Connect and Use
            • External Integrations
            • Backups and Restore
            • Maintenance Windows
            • Service Plan Scaling
          • Reference
            • API DBaaS
            • CLI DBaaS
          • Service-Specific
            • PostgreSQL
              • Quick Start
              • Overview
              • Operation
                • Connect with psql to PostgreSQL
                • JSON Configuration
                • Restricting Connections
              • How-To
                • PostgreSQL Migration
                • PostgreSQL Read Replicas
                • Disabling Constraints
              • Reference
                • API DBaaS
                • CLI DBaaS
            • MySQL
              • Quick Start
              • Overview
              • Operation
                • JSON Configuration
                • Restricting Connections
              • How-To
                • MySQL Migration
                • MySQL Read Replicas
              • Reference
                • API DBaaS
                • CLI DBaaS
            • Kafka
              • Quickstart
              • Overview
              • Operation
                • Authentication and CA
                • Connecting to a Instance
              • How-To
                • Credentials Cycling
                • Retrieve the CA
              • Reference
                • API DBaaS
                • CLI DBaaS
            • OpenSearch
              • Quick Start
              • Overview
              • Operation
                • Replication Factors
                • Restricting Connections
              • How-To
                • Access Control Lists
              • Reference
                • API DBaaS
                • CLI DBaaS
            • Valkey
              • Quickstart
              • Overview
              • Operation
                • Connect with valkey-cli
                • Restricting Connections
              • How-To
                • Migrating to Exoscale Managed Valkey
                • Upgrading to Managed Valkey
              • Reference
                • API DBaaS
                • CLI DBaaS
            • Grafana
              • Quick Start
              • Overview
              • Operation
                • Plugins
                • Restricting Connections
              • How-To
                • Managing Users
                • Notifications
              • Reference
                • API DBaaS
                • CLI DBaaS
        • IAM
          • Quick Start
          • Overview
          • Operation
            • Role Management
            • Roles and Policies
            • Users and Keys
          • How-To
            • Key Management
            • Policy Guide
          • Reference
            • API IAM
            • CLI IAM
      • Tools
        • Command-Line-Interface
        • Diagram Icon Libraries
      • Tutorial
        • Use Cyberduck with Exoscale Object Storage
        • Use a Dashboard on Exoscale SKS
        • Back up with Duplicati to Exoscale Object Storage
        • Back up with Duplicity to Exoscale Object Storage
        • Use HYCU Backup with Exoscale Object Storage
        • Install Longhorn on Exoscale SKS
        • How to migrate Ubuntu 16.04
        • Migrate Windows Server 2012/2016/2019
        • Use Mountain Duck with Exoscale Object Storage
        • Build a resilient managed OpenSearch Service
        • Back up a QNAP NAS to Exoscale Object Storage
        • Migrate cloud provider with rclone
        • Back up with Restic to Exoscale Object Storage
        • Mount a bucket on Linux with s3fs
        • Use Storage Made Easy (SME) File Fabric with Exoscale Object Storage
        • Back up a Synology NAS to Exoscale Object Storage
        • Synchronize a Synology NAS with Exoscale Object Storage
        • Back up with UrBackup to Exoscale Object Storage
        • Use Veeam Backup with Exoscale Object Storage
        • Use Veeam Backup with Exoscale Object Storage with object lock for immutable backups
        • Configure site-to-site VPN with VyOS
      • Vendor
        • Exoscale Marketplace Vendor Program
        • Templates
        • Templates Technical Requirements
        • Templates Commercial Requirements
        • Managed Services
        • Managed Services Billing
        • Managed Services Provisioning
      • Compute
        • Instances
          • Quick Start
          • Overview
          • Operation
            • Snapshot
            • Rescue Mode
          • How-To
            • Instance Pools
            • SSH Keypairs
            • Anti-Affinity Groups
            • Windows Bitlocker, vTPM & Secureboot
            • Scaling an Instance
            • Instance Tags
            • Labels
            • Windows Specifics
            • Cloud-Init & User-Data
            • Custom Templates
            • Flexible Storage Management
            • Private Instances
          • Reference
            • API Instances
            • CLI Instances
        • Containers (SKS)
          • Quick Start
          • Overview
          • Operation
            • SKS Lifecycle Management
            • Autoscaling an SKS Node Pool
            • SKS Certificates and API Keys
          • How-To
            • SKS Load Balancer and Ingress Controller
            • Enabling GPU Support in SKS Nodes
            • OpenID Connect
            • Labels
            • Managed Compute Instances Prefixes
            • Kubernetes Taints
            • Custom CNI Setup
            • Removing kube-proxy
          • Reference
            • API Containers (SKS)
            • CLI SKS
      • Storage
        • Block Storage
          • Quick Start
          • Overview
          • Operation
            • Snapshot
          • How-To
            • Persistent Volume
          • Reference
            • API Block Storage
            • CLI Block Storage
        • Object Storage
          • Quick Start
          • Overview
          • Operation
            • ACL
          • How-To
            • Bucket Policy
            • Replication
            • Encryption
            • Metadata
            • Versioning
            • CORS
            • Terraform
            • Mountpoint for Amazon S3
          • Reference
            • API Object Storage
            • CLI Object Storage
      • Networking
        • IP
          • Quick Start
          • Overview
          • Operation
            • IPv6 Security Groups
          • How-To
            • Testing Connections
          • Reference
            • API IP
            • CLI IP
        • EIP
          • Quick Start
          • Overview
          • Operation
            • Configure IPv6
            • Configure a Manual Elastic IP
            • Creating an Elastic IPv6 prefix
            • Attach an Elastic IPv6 Prefix
          • How-To
            • Manual Elastic IP as Traffic Source
            • Managed Elastic IP Health Check Options
          • Reference
            • API Elastic IP
            • CLI Elastic IP
        • NLB
          • Quick Start
          • Overview
          • Operation
            • Load Balancer Strategies
            • Protocols and Ports
          • How-To
            • Configure Health Check
          • Reference
            • API Network Load Balancer
            • CLI Network Load Balancer
        • DNS
          • Quick Start
          • Overview
          • Operation
            • DNS Configuration
          • How-To
            • DNS Configuration Examples
          • Reference
            • API DNS
            • CLI DNS
        • CDN
          • Quick Start
          • Overview
          • Operation
            • Cache Management
          • How-To
          • Reference
        • Security Group
          • Quick Start
          • Overview
          • Operation
            • Organizing Security Groups
          • How-To
            • Allow SSH
            • Allow PING
            • Allow HTTP/HTTPS
            • Allow Outbound Reply
            • Restrict Outbound Traffic
          • Reference
            • API Security Group
            • CLI Security Group
        • Private Network
          • Quick Start
          • Overview
          • Operation
            • Change Private Network
            • DHCP Options
          • How-To
            • Manual Private Networks
            • Managed Private Network
          • Reference
            • API Private Network
            • CLI Private Network
        • Private Connect
          • Quick Start
          • Overview
          • Operation
            • Network Setup
            • Routing Configuration
          • How-To
            • Network Setup
          • Reference
            • FAQ
      • DBaaS
        • Quick Start
        • Overview
        • Operation
          • Architecture
          • Service Level Agreement
          • Naming Convention
        • How-To
          • Connect and Use
          • External Integrations
          • Backups and Restore
          • Maintenance Windows
          • Service Plan Scaling
        • Reference
          • API DBaaS
          • CLI DBaaS
        • Service-Specific
          • PostgreSQL
            • Quick Start
            • Overview
            • Operation
              • Connect with psql to PostgreSQL
              • JSON Configuration
              • Restricting Connections
            • How-To
              • PostgreSQL Migration
              • PostgreSQL Read Replicas
              • Disabling Constraints
            • Reference
              • API DBaaS
              • CLI DBaaS
          • MySQL
            • Quick Start
            • Overview
            • Operation
              • JSON Configuration
              • Restricting Connections
            • How-To
              • MySQL Migration
              • MySQL Read Replicas
            • Reference
              • API DBaaS
              • CLI DBaaS
          • Kafka
            • Quickstart
            • Overview
            • Operation
              • Authentication and CA
              • Connecting to a Instance
            • How-To
              • Credentials Cycling
              • Retrieve the CA
            • Reference
              • API DBaaS
              • CLI DBaaS
          • OpenSearch
            • Quick Start
            • Overview
            • Operation
              • Replication Factors
              • Restricting Connections
            • How-To
              • Access Control Lists
            • Reference
              • API DBaaS
              • CLI DBaaS
          • Valkey
            • Quickstart
            • Overview
            • Operation
              • Connect with valkey-cli
              • Restricting Connections
            • How-To
              • Migrating to Exoscale Managed Valkey
              • Upgrading to Managed Valkey
            • Reference
              • API DBaaS
              • CLI DBaaS
          • Grafana
            • Quick Start
            • Overview
            • Operation
              • Plugins
              • Restricting Connections
            • How-To
              • Managing Users
              • Notifications
            • Reference
              • API DBaaS
              • CLI DBaaS
      • IAM
        • Quick Start
        • Overview
        • Operation
          • Role Management
          • Roles and Policies
          • Users and Keys
        • How-To
          • Key Management
          • Policy Guide
        • Reference
          • API IAM
          • CLI IAM

      Operation

      Role Management
      Describes commands to manage roles using the exo CLI and step-by-step instructions for the portal.
      Roles and Policies
      Features to securely manage access and permissions across the platform, ensuring precise authorization control.
      User and Keys
      Manage access for users and API keys in an organization, including the creation of special roles.
      © 2025 Exoscale is a registered trademark of Akenes SA - Reg/VAT ID CHE-423.524.322 // Privacy // Terms & Conditions