18 min read

Learning Objectives

By the end of this module, you will be able to:

  • Explain what the Data Center Designer (DCD) is and how it provides a visual interface for managing cloud infrastructure
  • Describe the three account types (Contract Owner, Administrator, User) and their respective permissions
  • Identify how to manage multiple contracts and switch between them
  • Describe account security settings including two-factor authentication, password policies, and support PIN

Unit 3.1: Data Center Designer and Account Management

Introduction

Imagine walking into a modern factory floor where you can see the entire production line laid out visually, monitor every machine, and make changes simply by pointing and clicking. The Data Center Designer (DCD) provides exactly this experience for your cloud infrastructure. Instead of memorizing complex commands or navigating through endless menus, you can drag virtual machines, storage, and networks onto a visual canvas and watch your infrastructure come to life.

IONOS is a European cloud provider headquartered in Germany, and the DCD is the primary interface through which you manage your infrastructure on this platform. In this unit, you will learn how this management interface works, who can do what within your cloud account, and how to keep your account secure. Whether you are a contract owner managing multiple customers, an administrator overseeing daily operations, or a team member with specific responsibilities, understanding these management fundamentals ensures you can work efficiently and securely.

1. Data Center Designer (DCD) Overview

The Data Center Designer (DCD) is IONOS Cloud's web-based graphical control panel. It provides a drag-and-drop, JavaScript-driven user interface that lets you create, configure, and manage Virtual Data Centers (VDCs) and all the resources inside them, including virtual machines, storage, LANs, IP addresses, snapshots, firewall rules, and PaaS services. You can open the DCD in any modern browser without installing additional software.

1.1 Visual Infrastructure Design

The DCD uses a canvas-based approach where you design your cloud environment visually. Think of it like a blueprint or wiring diagram for your infrastructure. You drag resources (such as a virtual machine, cube, or network load balancer) from a palette onto the workspace, drop them where you want them positioned, and connect their interfaces by drawing lines between components. This visual layout shows exactly how each component is linked, which helps with troubleshooting and documentation.

After arranging your resources on the canvas, you can click any element to open the Inspector pane, where you set properties such as CPU cores, RAM, storage size, operating system image, security groups, and networking configuration. Once you are satisfied with your design, you provision the changes, and the visual layout is materialized in the cloud.

1.2 Canvas Mode and Xpress Mode

The DCD offers two creation modes to suit different needs:

Canvas Mode (Advanced) gives you full freedom to place and connect every element on the visual canvas. Power users who need complex, custom architectures typically use this mode because it provides complete control over resource placement and configuration.

Xpress Mode (Fast) is a guided wizard introduced to speed up standard IaaS workloads. If you need to quickly spin up a basic virtual machine with storage and networking, Xpress Mode walks you through the process step-by-step. Regardless of how an instance is created, all subsequent management is performed within Canvas Mode, ensuring a consistent experience.

1.3 Unified Control Panel

The DCD serves as your single pane of glass for all IONOS Cloud services. You can manage compute, storage, networking, databases, Kubernetes clusters, AI model deployments, and more from the same workspace. This centralized approach reduces the time and effort required to switch between different consoles. You see the full state of your cloud environment in one place, including:

  • Active Cloud Savings Plans and their utilization
  • Resource usage tracking and limits
  • Activity Logs and Flow Logs for audit trails
  • Monitoring dashboards and alerts
  • Role-based access controls and user permissions

The DCD also integrates common operational tools such as SSH key management, remote console access, cloud-init launch configurations, and flow log viewers. This means typical tasks like uploading an SSH key, accessing a virtual machine's console, or inspecting network traffic logs are all reachable from the same workspace, cutting down on context-switching.

1.4 Integration with Infrastructure as Code

While the DCD is primarily a graphical tool, it works seamlessly with code-first tools like Terraform, Ansible, and the IONOS Cloud API. You can design infrastructure visually in the DCD, export the configuration, and manage it programmatically, or you can build infrastructure using code and later import the result into the DCD for visual monitoring.

When resources are created via API or SDK, the DCD will display the resulting topology, though the exact visual placement may be stacked on the canvas since the programmatic creation does not control graphical layout. For large or frequently changing environments, this hybrid approach gives you the speed of automation with the clarity of visual representation.

2. Account Types and Permissions

IONOS Cloud uses a structured permission model with three primary account types: Contract Owner, Administrator, and User. Each type has different capabilities and limitations, ensuring that users have the access they need without compromising security or compliance.

2.1 Contract Owner

The Contract Owner is the first user who registers the contract. This account receives all privileges on the entire contract, with unrestricted access to view, edit, delete, and share any resource, regardless of who created it. The Contract Owner can add or remove any other user, including administrators, and this owner role cannot be revoked or transferred. Additionally, the Contract Owner receives all legal communications such as invoices and contract terms updates, and is the only account type that can change the payment method for the contract.

In essence, the Contract Owner has ultimate authority over the cloud account. This role is critical for organizations because it controls billing, legal agreements, and top-level access management. If you are the Contract Owner, you should treat this account with the highest level of security, including enabling two-factor authentication and using a strong, unique password.

2.2 Administrator

An Administrator is any user that the Contract Owner (or an existing administrator) promotes to the Administrator role. Administrators have the same operational privileges as the Contract Owner for every resource. They can view, edit, share, and delete any resource, and they can add or remove users except the Contract Owner's own account.

The key distinction is that Administrators cannot change the payment method of the contract. This restriction ensures that financial control remains exclusively with the Contract Owner. For day-to-day operations, administrators have full access to manage infrastructure, users, and permissions, making this role ideal for IT managers and senior technical staff.

2.3 User (Explicit Privileges)

A User is created as a normal user account and then granted specific privileges, either directly or via a group. Unlike the Contract Owner and Administrator roles, a newly created user has no permissions by default until privileges are explicitly assigned. This follows the Principle of Least Privilege (PoLP), which means giving users only the minimum access they need to perform their job.

Privileges are atomic grants such as Read, Edit, and Share that can be attached to a user or a group. For example, a developer might receive Read and Edit privileges on specific virtual machines but no access to billing information. A security analyst might receive Read-only access to Activity Logs and Flow Logs for auditing purposes.

Groups let you assign the same set of privileges to many users at once, simplifying management at scale. Instead of configuring permissions individually for each team member, you create a group (such as "Developers" or "Operations Team"), assign the necessary privileges to that group, and add users to it. When a user joins or leaves the team, you simply add or remove them from the group, and their permissions update automatically.

2.4 Permission Comparison Table

The following table compares the three account types and their core capabilities:

Account Type How Created Core Permissions What They Cannot Do
Contract Owner First user to register the contract All privileges on the whole contract. Can see, edit, delete, share any resource. Can add or remove any user including administrators. Receives all legal communications. Cannot be stripped of the owner role. None - the owner has unrestricted access.
Administrator Promoted by the owner or an existing admin Same privileges as the owner for every resource (view, edit, share, delete). Can add or remove users except the owner. Cannot change the payment method of the contract (only the owner can).
User (Explicit Privileges) Created and granted specific privileges via groups or direct assignment Can perform only the actions that have been explicitly granted (e.g., Read, Edit, Share on selected resources). Privileges are fine-grained and managed through groups or per-resource permissions. No default access. Cannot manage other users unless a privilege allowing it is given.

As shown above, the Contract Owner has full financial and administrative control, administrators have full operational control but not financial control, and users have only the specific permissions you grant them.

3. Contract Management and Multi-Contract Access

Many organizations and resellers work with multiple contracts or subcontracts. IONOS Cloud makes it easy to see and switch between contracts, manage user access across contracts, and create subcontracts for customers or business units.

3.1 Contract Selector

In the Data Center Designer (DCD), after you log in, you see a contract selector (usually in the top-right corner of the interface). This selector displays the contract you are currently operating in and lets you switch to any other contract or subcontract you have rights to. The switch works only if you have at least read-only permission on the target contract. To perform actions, you must belong to a group that has the needed privileges.

When you select a different contract, the UI reloads the context so all subsequent actions (creating VDCs, managing resources, viewing logs, etc.) happen in the selected contract. This seamless switching is available to contract owners, contract administrators, and any user that has been granted the "access to contract" privilege.

3.2 Creating Subcontracts (Resellers)

Resellers can create subcontracts for their customers from the reseller's main contract. Only the reseller contract owner can create subcontracts and can also create administrators for those subcontracts. This structure enables managed service providers (MSPs) and resellers to operate separate cloud environments for each customer while maintaining centralized billing and oversight.

For example, an MSP managing infrastructure for five clients can create five subcontracts, one per client. Each subcontract has its own Virtual Data Centers, resources, and users. The MSP's contract owner can switch between subcontracts to manage them centrally, while each client's users only see their own subcontract.

3.3 Granting Multi-Contract Access to Users

To give other users access to a different contract, use the Users and Groups feature in the DCD:

  1. Navigate to Menu > Management > Users & Groups
  2. Choose the Groups tab
  3. Select (or create) a group
  4. In the Privileges tab, assign the appropriate contract-level privilege (e.g., "Access and manage contract")
  5. Add the users to that group

Users inherit the contract-wide rights of the group. Administrators automatically have full access to every contract they are assigned to, but only the contract owner can change payment information. To remove or change a user's rights on a contract, either remove the user from the group that carries the contract privilege, or disable the "Administrator" flag on the user account, which reverts the user to the privileges defined by groups.

3.4 Key Points for Multi-Contract Management

  • Contract Owner = Full Control: Can change payment data, create Savings Plans, and create subcontracts
  • Contract Administrators = Owner-level rights on resources but cannot change payment information
  • Regular Users get whatever rights you assign through groups (RBAC)
  • Reseller Contracts can create subcontracts, but Savings Plans created at the reseller level cannot be transferred to another subcontract
  • Switching contracts is a UI action in the DCD; no extra API call is required once you have the appropriate permissions

4. Account Security Settings

Securing your IONOS Cloud account is critical to protecting your infrastructure, data, and billing information. IONOS provides several security controls to help you enforce strong authentication and manage access safely.

4.1 Password Policy

The Password Policy Manager in the DCD (accessed via Menu > Management > Password Policy) lets you define rules for password strength. You can specify requirements for minimum length, required character types (uppercase, lowercase, numbers, special characters), and minimum quantities for each character type.

Only a Contract Owner can create, edit, or delete a password policy. After saving, the policy is automatically applied to any new password setup. You can have only one active policy per contract. A typical recommended password policy requires:

  • Minimum length of 9-12 characters
  • At least 1 uppercase letter
  • At least 1 lowercase letter
  • At least 1 digit
  • At least 1 special character

If you delete the policy, the account reverts to the IONOS standard, which requires at least 5 characters and recommends a mix of upper and lower case letters, at least one digit, and optional special characters. Enforcing a strong password policy reduces the risk of credential-stuffing and brute-force attacks.

4.2 Two-Factor Authentication (2FA)

Two-factor authentication (2FA) adds a second layer of security to your account. After entering your normal login credentials (email and password), you must also supply a time-based security code generated by an authenticator app on your mobile device. Once enabled, every login to the Data Center Designer (DCD) requires this code, protecting the account even if the password is compromised.

Enabling 2FA for Your Own Account

To enable 2FA for yourself:

  1. Open the DCD and navigate to Menu > Your Profile > Account Security
  2. In the 2-Factor Authentication section, click Enable 2-Factor Authentication
  3. Follow the wizard: install an authenticator app (such as Google Authenticator or Authy), scan the QR code, enter the generated token, and finish
  4. On your next login, you will be prompted for the code

Only the account user can enable 2FA for themselves. Administrators or contract owners cannot enable it on their behalf, but they can enforce it.

Enforcing 2FA for Sub-Users

To require 2FA for another user:

  1. Navigate to Menu > Management > Users & Groups
  2. Select the user, go to the Meta Data tab
  3. Check Force 2-Factor Auth and click Save

The user will be required to activate 2FA before their next login. This is useful for organizations that want to enforce a uniform security baseline across all users.

Prerequisites for 2FA

  • Install any authenticator app that can read QR codes and has automatic time sync
  • The mobile device's clock must be set to automatic to keep the generated codes in sync
  • 2FA is only available in the DCD UI; API access still requires a token generated via the Token Manager (which is mandatory for 2FA-enabled accounts)

4.3 Support PIN

The Support PIN is a security code that you set in your IONOS Cloud account to verify your identity when contacting IONOS Cloud Support. This PIN helps ensure that only authorized users can request changes or receive sensitive information about the account during support calls.

To set or change your Support PIN:

  1. Open the Data Center Designer (DCD)
  2. Navigate to Menu > Your Profile > Account Security
  3. In the Set Support PIN section, type the PIN you want to use
  4. Click Set Support PIN to save the change

After you confirm, the PIN is stored and will be required when you contact IONOS Cloud Support. This simple step adds another layer of protection, ensuring that even if someone knows your login credentials, they cannot impersonate you when requesting support.

4.4 How Security Controls Work Together

Password policy, two-factor authentication, and support PIN work together to create a defense-in-depth strategy:

  • Password Policy ensures that the first factor (the password) meets minimum complexity requirements
  • 2FA adds a second, independent factor, dramatically lowering the chance of unauthorized access even if the password is leaked
  • Support PIN protects against social engineering attacks where someone tries to manipulate support staff into making account changes

Both password policy and 2FA can be mandated at the contract level. The contract owner defines the password policy, while administrators can force 2FA for all sub-users, ensuring a uniform security baseline across the organization.

Common Use Cases

Real-world scenarios where the Data Center Designer and account management features are used:

  1. Multi-Customer Managed Service Provider: An MSP manages cloud infrastructure for 20 customers. The MSP creates a subcontract for each customer, and the account owner switches between subcontracts using the DCD contract selector (discussed in Section 3.1). Each customer's administrators and users only see their own subcontract. The MSP enforces 2FA and a strong password policy (Section 4.1 and 4.2) across all subcontracts to meet security compliance requirements.

  2. Large Enterprise Development Team: A company with 50 developers, 10 operations engineers, and 5 security analysts needs fine-grained access control. The contract administrator creates three groups as described in Section 2.3: "Developers" (Read and Edit on VMs in the dev environment), "Operations" (Read, Edit, Share on all production resources), and "Security" (Read-only on Activity Logs and Flow Logs). As team members join or leave, the administrator simply adds or removes them from the appropriate group, and their permissions update automatically following the Principle of Least Privilege from Section 2.4.

  3. Secure Financial Services Deployment: A financial institution deploys applications on IONOS Cloud and must comply with strict security and audit requirements. The contract owner configures a password policy requiring 12-character passwords with uppercase, lowercase, digits, and special characters (Section 4.1). All users are required to enable 2FA via the "Force 2-Factor Auth" setting explained in Section 4.2. The institution also sets support PINs for all administrators (Section 4.3). These security controls, combined with Activity Logs for audit trails (covered in Unit 3.4), ensure compliance with industry regulations.

Summary

The Data Center Designer (DCD) is IONOS Cloud's primary management interface, providing a visual, drag-and-drop canvas for designing and managing cloud infrastructure. It serves as a unified control panel where you can manage compute, storage, networking, databases, and more from a single workspace. The DCD offers two creation modes: Canvas Mode for advanced, custom designs, and Xpress Mode for fast, guided deployments.

IONOS Cloud's permission model includes three account types. The Contract Owner has full administrative and financial control, including the exclusive ability to change payment methods. Administrators have full operational control over resources and users but cannot change payment settings. Regular Users have only the specific privileges you grant them, following the Principle of Least Privilege. Managing permissions through Groups simplifies access control at scale.

For organizations working with multiple contracts or subcontracts, the DCD contract selector makes it easy to switch between contexts. Resellers can create subcontracts for customers, and contract administrators can grant multi-contract access to users via group-based privileges.

Account security in IONOS Cloud combines password policies, two-factor authentication (2FA), and support PINs. Password policies enforce strong password requirements, 2FA adds a second authentication factor using time-based codes, and support PINs protect against social engineering attacks. Together, these controls create a layered security approach that protects your cloud infrastructure and data.

Key Points:

  • The Data Center Designer (DCD) is a web-based graphical interface for managing IONOS Cloud infrastructure using drag-and-drop visual design
  • Three account types exist: Contract Owner (full control), Administrator (full operational control but no payment changes), and User (explicit privileges only)
  • Multi-contract management is supported through the contract selector and group-based access controls, enabling resellers and enterprises to manage separate environments
  • Account security settings include password policies (contract owner controlled), two-factor authentication (user or forced), and support PIN (user controlled)
  • Groups simplify permission management by assigning privileges to multiple users at once, supporting the Principle of Least Privilege
  • The DCD integrates with Infrastructure as Code tools (Terraform, Ansible, API) for hybrid visual and programmatic management

Important Terminology:

  • Data Center Designer (DCD): IONOS Cloud's web-based graphical control panel for creating, configuring, and managing Virtual Data Centers and cloud resources
  • Contract Owner: The first user to register the contract; has full administrative and financial control, including exclusive ability to change payment methods
  • Administrator: User with full operational privileges identical to the owner but cannot modify payment details
  • Principle of Least Privilege (PoLP): Security best practice of giving users only the minimum access they need to perform their job
  • Two-Factor Authentication (2FA): Security mechanism requiring a second verification step (time-based code from an authenticator app) in addition to password
  • Support PIN: Security code set by the user to verify identity when contacting IONOS Cloud Support

Next Steps

Continue Learning: Unit 3.2: Identity and Access Management

Related Topics: