docs(ddx): add doc for iam (#5775)

bene2k1 · ldecarvalho-doc · nerda-codes · web-flow · commit bce220acb6a3 · 2025-11-14T10:58:31.000+01:00
* docs(ddx): add doc for iam

* Apply suggestions from code review

Co-authored-by: ldecarvalho-doc &lt;82805470+ldecarvalho-doc@users.noreply.github.com&gt;

* fix(docs): update requirements

* fix(ddx): review neda

Co-authored-by: Néda &lt;87707325+nerda-codes@users.noreply.github.com&gt;

---------

Co-authored-by: ldecarvalho-doc &lt;82805470+ldecarvalho-doc@users.noreply.github.com&gt;
Co-authored-by: Néda &lt;87707325+nerda-codes@users.noreply.github.com&gt;
diff --git a/pages/dedibox/how-to/give-iam-members-access-to-dedibox-console.mdx b/pages/dedibox/how-to/give-iam-members-access-to-dedibox-console.mdx
@@ -0,0 +1,97 @@
+---
+title: How to give IAM Members access to the Dedibox console
+description: Learn how to set up and manage access control to the Dedibox console for Scaleway IAM members.
+tags: dedibox dedicated server x2go
+dates:
+  validation: 2025-11-07
+  posted: 2025-11-07
+---
+import Requirements from '@macros/iam/requirements.mdx'
+
+<Requirements />
+
+
+- A Dedibox account logged into the [console](https://console.online.net)
+- Your Dedibox and Scaleway account are [unified](/dedibox/faq/#overview)
+- Dedibox resources are available in your organization.
+
+This page explains how to grant IAM members access to the Dedibox Console using Scaleway Identity & Access Management (IAM).
+
+## Concepts
+
+Access to Dedibox resources is controlled through IAM:
+- **Users**: IAM identities that represent a person or machine.
+- **Groups**: Collections of users. Permissions can be assigned at the group level.
+- **Policies**: Rules that define what actions a user or group can perform.
+
+To allow an IAM member to access the Dedibox console, you must attach a policy to the user or the group they belong to.
+
+## Giving access to the Dedibox console for Scaleway IAM Members
+
+### Create or select an IAM user
+
+If the user does not exist:
+1. In the [Scaleway console](https://console.scaleway.com), click **IAM** in the **Management & Governance** section of the side menu. The information dashboard appears.
+2. Click **+ Create member**.
+3. Enter the user information and validate.
+
+If the user already exists, proceed to the next section.
+
+### Create or assign a policy
+
+To give the user access to Dedibox, attach an IAM policy with Dedibox permissions.
+Policies can be created and attached directly to a user or a group.
+
+#### Create a policy
+
+1. In the IAM section, click the **Policies** tab.
+2. Click **+ Create Policy**.
+3. Enter a policy name and description. Optionally, add key-value tags and select a principal.
+4. Click **Add rules**. The rule creation wizard appears.
+5. Define the scope of the rule — either at the **Project** or **Organization** level — then click **Validate**.
+6. Add a permission set to the rule:
+   - Click **Bare Metal** in the products list.
+   - Select `DediboxConsoleFullAccess`.
+7. Click **Validate** to confirm.
+8. Optionally, add a condition using CEL (Common Expression Language).
+9. Click **Validate** to confirm, then click **Create policy**.
+
+### Attach the policy
+
+You can attach the policy to:
+- A **group**, or
+- A **user** directly.
+
+#### Attach to a group
+
+1. In the IAM section, select **Groups**.
+2. Open the desired group.
+3. Select the **Policies** tab.
+4. Click **Attach Policy**, then choose:
+   - **Select an unassigned policy** to assign the policy exclusively to the group, or
+   - **Duplicate an existing policy** to create a copy for the group.
+5. Select your previously created policy from the drop-down list and click **Validate**.
+6. Ensure the user is a member of this group.
+
+#### Attach to a user
+
+1. In the IAM section, select **Users**.
+2. Click the user you want to attach the policy to.
+3. Click the **Groups & Policies** tab.
+4. Scroll to the **Policies** section and click **Attach Policy**, then choose:
+   - **Select an unassigned policy** to assign the policy exclusively to the user, or
+   - **Duplicate an existing policy** to create a copy for the user.
+5. Select your previously created policy from the drop-down list and click **Validate**.
+
+### Verify access
+
+The user can now access the Dedibox console.
+
+1. Log in as the user (or ask them to log in).
+2. Open the **Dedibox console**: [https://console.online.net/](https://console.online.net/)
+
+If permissions are correctly configured, the Dedibox resources will be visible.
+
+<Message type="tip">
+  For further information about Scaleway IAM, refer to the dedicated [IAM documentation](/iam/quickstart/).
+</Message>
diff --git a/pages/dedibox/menu.ts b/pages/dedibox/menu.ts
@@ -82,6 +82,10 @@ export const dediboxMenu = {
           label: 'Terminate a server',
           slug: 'terminate-dedibox-server',
         },
+        {
+          label: 'Give IAM Members access to the Dedibox console',
+          slug: 'give-iam-members-access-to-dedibox-console',
+        },
       ],
       label: 'How to',
       slug: 'how-to',
