You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: pages/iam/reference-content/guests-to-members-migration.mdx
+6-5Lines changed: 6 additions & 5 deletions
Original file line number
Diff line number
Diff line change
@@ -1,10 +1,10 @@
1
1
---
2
2
meta:
3
3
title: IAM Guests to Members migration
4
-
description: Learn how to migrate IAM guests to members, including roles and API keys, with Scaleway's IAM introduction
4
+
description: Learn how to migrate IAM Guests to Members, including roles and API keys, with Scaleway's IAM introduction
5
5
content:
6
6
h1: IAM Guests to Members Migration
7
-
paragraph: This page guides you through the process of migrating IAM guests to members, covering key aspects such as roles and API keys, following the introduction of IAM on Scaleway
7
+
paragraph: This page guides you through the process of migrating IAM Guests to Members, covering key aspects such as roles and API keys, following the introduction of IAM on Scaleway
8
8
tags: iam migration
9
9
categories:
10
10
- iam
@@ -28,11 +28,12 @@ Whereas Owners have full rights and access to all resources and features in thei
28
28
From June 2025, IAM Guests will become IAM Members. The migration process will be carried out in two phases:
29
29
30
30
-**Phase 1** - Starting on the *18th of July 2025*, the [manual migration of Guests](#how-to-manually-migrate-a-user-from-guest-to-member) will be available in the Console to all Owners and users with [IAMManager permissions](/iam/reference-content/permission-sets).
31
-
-**Phase 2** - Starting in *July 2025*, Guests that have not yet become members will be automatically migrated.
31
+
-**Phase 2** - Starting in *July 2025*, Guests that have not yet become Members will be automatically migrated.
32
32
33
33
Keep in mind that:
34
34
35
35
- Members exist only within the Organizations in which they were created, and have a [dedicated login process](/iam/how-to/log-in-as-a-member).
36
+
- Migrating a Guest to a Member does not mean that the Guest loses the Organization of which they are Owner. However, when creating Members in the future who do not already have Scaleway accounts, they will not be obliged to create their own Organization.
36
37
- Organization admins manage Member accounts, including enforcing security requirements (MFA, password renewal).
37
38
- Single Sign-On (SSO) remains available.
38
39
- The management of API keys, IAM policies, and groups remains the same.
@@ -52,7 +53,7 @@ The table below summarizes the key account and access management features that S
52
53
53
54
| Feature | Guests | Members |
54
55
|:--------:|:---------:|:---------:|
55
-
| Login | Guests logged into their own accounts and could access all Organizations they were a part of via the console. | Currently, Members must log into their Organizations to access it. If they are logged into a different Organization with the same email, they must log out before logging into the other. |
56
+
| Login | Guests logged into their own accounts and could access all Organizations they were a part of via the console. | Currently, Members must log into each of their Organizations separately to access them. If they log into an Organization, then want to access a different one using the same email, they must log out of the former first. |
56
57
| Enforcement of MFA | It was not possible to enforce MFA if a Guest in your Organization had not enabled MFA in their account. Organization admins could send reminder emails, but had to wait for the Guest to enable MFA, or remove them from the Organization to complete the enforce process. | When MFA is enforced in the Organization, Members have a [grace period](iam/concepts/#grace-period) to enable MFA in their accounts. This period is set by the Organization admins and starts as soon as a new Member is added. If they fail to enable MFA within this period, their accounts are locked. |
57
58
| Password renewal | Guests were not required to renew their passwords to stay in an Organization. | As a security measure, Organization admins can require Members to renew their passwords within a grace period. If a password was attributed to Members upon their creation, they must renew this password after their first login. |
58
59
| User management | Guest accounts and personal Organizations could not be managed by anyone other than them. Their permissions on Organizations they were invited to are the prerogative of Organization admins. | Member accounts are an 100% manageable resource - they can be created, updated, locked and deleted by Organization admins. |
@@ -61,7 +62,7 @@ The table below summarizes the key account and access management features that S
61
62
## How to manually migrate a user from Guest to Member
62
63
63
64
<Messagetype="important">
64
-
The migration does not effect any impacts to your production.
65
+
The migration does not have any impact on your production.
0 commit comments