Understand STACKIT IAM
STACKIT IAM is a central authorization system built on top of the resource manager to provide fine-grained access management to your STACKIT resources. It includes a variety of concepts and functions, such as user accounts, service accounts, roles and permissions, and integrates with the STACKIT Identity Provider (IDP).
Understand the different account types in STACKIT
Section titled “Understand the different account types in STACKIT”User Accounts
Section titled “User Accounts”A user account represents a real person and gives them access to the STACKIT Portal. It’s stored in an Identity Provider (IdP), so you can log in with a username and password or through federated methods. Your email address is your username, and you activate your account with a verification email.
Learn more about user accounts
Service Accounts
Section titled “Service Accounts”A service account is a special account for non-human users, like an application, script, or virtual machine. They’re great for automating tasks that don’t need human interaction. Service accounts are essential for client applications that need to make authorized API calls to the STACKIT API.
Learn more about service accounts
Customer Accounts
Section titled “Customer Accounts”A customer account is a container that holds your company’s information and settings, such as billing and ownership details. You manage your team members (user accounts) and their roles within your organization from here. Your customer account also contains all of your projects.
Unlike user accounts and service accounts that are managed by the STACKIT Identity and access management (IAM), customer accounts are not. This is because they are tied to foundational functionalities, such as billing and legal information, that are outside the scope of IAM.
Learn more about customer accounts
Organizations
Section titled “Organizations”An organization is created automatically when you sign up for a new customer account. It’s the main container for managing your projects and cloud resources. A single organization is linked to one customer account for billing purposes. The organization is the highest-level resource in the STACKIT Resource Manager.
Learn more about organizations
Billing Accounts
Section titled “Billing Accounts”Your billing account is your financial hub at STACKIT. Use it to manage invoices, payment methods, and costs for multiple projects. All costs from linked projects are combined into a single monthly invoice. You can assign multiple projects to one billing account to group related expenses.
Similar to customer accounts, billing accounts are not rooted in the STACKIT IAM. They are tied to core functionalities like financial management and legal compliance.