# Access Control > Source: https://parallelworks.com/docs/organization-admin/cloud/cloud-accounts/access-control # Access Control Cloud account access control determines which groups in your organization can use a cloud account to provision networks and start clusters. By default, a newly created cloud account is not shared with any group. ## How Access Control Works Access is managed through a single permission type called **network**. When a group is granted the network permission for a cloud account, members of that group can create and manage networks under that account and use those networks when starting clusters. There are two ways to share a cloud account: - **Organization-wide sharing** -- Share the cloud account with every group in the organization. When this option is enabled, all groups automatically receive the network permission and the individual group checkboxes are locked. - **Group-based access** -- Restrict access to specific groups. Only the selected groups will be able to provision networks and use the cloud account for clusters. :::note Resource Type Access As of v7.0.0, available resource types are automatically determined by cloud account access. If a group has the network permission on at least one cloud account for a given cloud service provider, that CSP's resource types are available to the group. ::: ## Managing Access To manage which groups can use a cloud account: 1. Navigate to **Organization > Cloud Accounts** and click the cloud account name to open the detail page. 2. Click **Manage access** in the action bar. This opens the **Group Permissions Manager** panel. 3. In the permissions panel you will see a table listing every group in your organization along with an **Organization** row at the top. ### Sharing with the entire organization To grant access to all groups at once, check the **network** checkbox in the **Organization** row. When organization-wide access is enabled, all individual group checkboxes are automatically checked and disabled because access is inherited from the organization setting. ### Sharing with specific groups To grant access to individual groups, leave the Organization row unchecked and check the **network** checkbox next to each group that should have access. ### Saving changes After adjusting the checkboxes, click **Save Access** to apply the changes. A confirmation message will appear once the update is saved. ## Viewing Current Access You can see the current sharing status of a cloud account on its detail page under the **Shared with** field in the Account Details section. This field shows one of the following: - **Entire Organization** -- The cloud account is shared with all groups. - **N groups** -- The cloud account is shared with a specific number of groups. Click the link to open the permissions panel and see which groups have access. - **Not shared** -- No groups have access to the cloud account.