Default Group and Default RoleΒΆ

The system-defined IAM groups and IAM roles are called default groups and default roles. The default role does not allow API access. Also, the default role is tied to the default group. *For the target users and when to start applying the specifications, please refer to the ECL2.0 Security Enhancements .
A new user belongs to Default Group when being created. If the user is intended to be linked with the group which controls API Execution Authority, it is necessary to cancel the linkage between the user and Default Group.


Default Group and Role are the IAM Group and IAM Role that are defined by system.
Cancellation of Modify/Delete/Link is not available; yet, deleting the link between Default Group and the user is available.