# Introduction **FPT Identity & Access Management (FPT IAM)** is a feature that allows Tenant owners to share access to resources on their **FPT Cloud** with other users with different permissions. Some basic concepts in FPT IAM: * **Role**: The user's role within the organization, which defines the permissions the user is capable of performing. * Currently, FPT IAM supports two basic roles: **Super Admin** and **Readonly**. If these two roles do not meet your needs, you can create Custom Roles with customizable permissions. * Each role has a list of permissions. * **Permission**: determines what features a user can perform on which resources. Each permission belongs to one role. * **User group**: A group of users with the same role (by tenant or VPC). * **IAM users**: Users added to the tenant who have the right to interact with resources in the tenant according to their assigned role. The tenant owner has full control over all VPC resources, including permission features. This account will be assigned the ORG Admin role by default. To use IAM, the **Tenant Owner** must first create roles and permissions for roles (Instance manager, Data analyst, etc.) and create user groups assigned to the corresponding roles. * For the created User group, the Tenant owner can select and customize the Role and Permission as appropriate. * Assign permissions by inviting additional IAM users to the User group via email. * After receiving the invitation, IAM users can register/log in or log in via the organization's SSO to the FPT Portal as instructed and use the resources in the invited VPC/Tenant. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ai-docs.fptcloud.com/account/iam-on-fpt-cloud-console/introduction.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.